Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Email in Rails (and/or introduction to "Dark De...

sylph01
September 18, 2019
Technology
0
1.2k

Email in Rails (and/or introduction to "Dark Depths of Email")

presented at Fukuoka.rb 150th anniversary LT

sylph01

September 18, 2019
Tweet

More Decks by sylph01

See All by sylph01
Introduction to C Extensions
sylph01
3
120
"Actual" Security in Microcontroller Ruby!?
sylph01
0
99
Everyone Now Understands AuthZ/AuthN and Encryption Perfectly and I'm Gonna Lose My Job
sylph01
1
37
Updates on PicoRuby Networking, HPKE (and maybe more)
sylph01
1
250
Adding Security to Microcontroller Ruby
sylph01
2
3.3k
Secure Messaging at IETF 118
sylph01
0
88
Adventures in the Dungeons of OpenSSL
sylph01
0
540
Community & RubyKaigi Showcase @ Ehime.rb Reboot Meetup
sylph01
0
340
Build and Learn Rails Authentication
sylph01
8
2.1k

Other Decks in Technology

See All in Technology
Oracle Database Technology Night #87-1 : Exadata Database Service on Exascale Infrastructure(ExaDB-XS)サービス詳細
oracle4engineer
PRO
1
230
目標と時間軸 〜ベイビーステップでケイパビリティを高めよう〜
kakehashi
PRO
8
1.1k
フォーイット_エンジニア向け会社紹介資料_Forit_Company_Profile.pdf
forit_tech
1
1.7k
Ruby on Railsで持続可能な開発を行うために取り組んでいること
am1157154
3
180
プロダクト開発者目線での Entra ID 活用
sansantech
PRO
0
170
開発者のための FinOps/FinOps for Engineers
oracle4engineer
PRO
2
270
エンジニアのキャリアパスと、 その中で自分が大切にしていること
noteinc
3
1.1k
AI自体のOps 〜LLMアプリの運用、AWSサービスとOSSの使い分け〜
minorun365
PRO
9
1.2k
OCI Success Journey OCIの何が評価されてる?疑問に答える事例セミナー(2025年2月実施)
oracle4engineer
PRO
2
240
事業モメンタムを生み出すプロダクト開発
macchiitaka
0
110
4th place solution Eedi - Mining Misconceptions in Mathematics
rist
0
150
CSPMとのつきあい方
nantokanare
0
110

Featured

See All Featured
Raft: Consensus for Rubyists
vanstee
137
6.8k
Scaling GitHub
holman
459
140k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
251
21k
How to train your dragon (web standard)
notwaldorf
91
5.9k
Why You Should Never Use an ORM
jnunemaker
PRO
55
9.2k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
29
1.1k
StorybookのUI Testing Handbookを読んだ
zakiyama
28
5.5k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
129
19k
Java REST API Framework Comparison - PWX 2021
mraible
29
8.4k
How STYLIGHT went responsive
nonsquared
99
5.4k
Building Adaptive Systems
keathley
40
2.4k

Transcript

  1. Email in Rails, and/or Introduction to the "Dark Depths of

    Email" Ryo Kajiwara(sylph01) @ Fukuoka.rb #149/150

  2. ୭ʁ sylph01 / ֿݪ ཾ Twitter: @s01 ҉߸ͱ͔Ͱ͖·͢ Elixirͱ͔Ͱ͖·͢ Ruby·ΔͰΘ͔ΒΜ

  3. None

  4. W3CͷձٞͰདྷ·ͨ͠ ͍Ζ͍Ζweb-relatedͳεςοΧʔͱ ͔͋ΔͷͰ͋ͱͰ੠͔͚͍ͯͩ͘͞

  5. None
  6. None
  7. None

  8. RailsͰϝʔϧͷ͢΂ͯ Λѻ͑ΔΑ͏ʹͳͬ ͨʂ

  9. MTAʮ΁ͷʯೖΓޱΛ උ͍͑ͯΔɺͱ͋Δ͚ ͲɺͲͪΒ͔ͱ͍͏ͱ MTAʮ͔ΒͷʯೖΓޱ

  10. ͜Ε͸ԿΛ͢Δ΋ͷͧ • ड৴ϝʔϧΛActiveRecordΦϒδΣΫτʹม׵ • ActiveStorageͰϥΠϑαΠΫϧ؅ཧɺҰఆظؒܦͬͨΒࣗಈম ٫ʢ࡟আʣ • ϝʔϧΛड͚ͨͱ͖ͷॲཧΛॻ͚Δ

  11. ݸਓͰϝʔϧ΍Δͷ͸͓͢͢ Ί͠·ͤΜ • IMAP΍ΔͱετϨʔδ஍ࠈʹؕΓ·͢ • ໎࿭ϝʔϧରࡦ͸͠ΜͲ͍ • ઃఆϛεΔͱϝʔϧ͕૬खʹಧ͖·ͤΜ • ͱ͍͏͔SMTPΛ΍ΊΖ

  12. ͳͷͰGuidesʹॻ͍ͯ͋ΔΑ ͏ʹWebαʔϏεΛ࢖͓͏ • Mailgun • Mandrill • Postmark • SendGrid

    • ·ͨ͸Amazon SESʢଞʹൺ΂Δͱࣗ෼ͰMTA؅ཧ͢Δͷʹۙ͘ ͸͋Δʣ

  13. ͦΕͰ΋΍Γͨ͘ͳͬ ͨͱ͖ͷ࿩Λ͠·͢

  14. ஫: ͔͜͜ΒNot Ruby Rubyͷݴ༿ͰؤுΓ͔͚ͨͬͨͲؒ ʹ߹Θͳ͔ͬͨΑ…

  15. SMTP Ͳ͕͜Simple΍ͶΜMail Transfer Protocolɻ RFC 821 → ݱࡏͷ࠷৽͸ RFC 5321

    ʮϝʔϧΛόέπϦϨʔͷΑ͏ʹసૹ͢ΔʯͷͰʮSMTP relayingʯͱ͔ʮϦϨʔαʔόʔʯͱ͔͍͏͚ΕͲݱ୅తʹ͸͜ͷ Πϝʔδ͸࣋ͬͯͳͯ͘Α͍Ͱ͢ɻ૬खઌυϝΠϯ໊ͷMXϨίʔ υΛݟͯ௚઀ͦ͜ʹୟ͖͚ͭ·͢ɻ
  16. None

  17. SMTPʹ͸ೝূ͕ͳ͍ SMTP͸ϦϨʔػߏΛ࡞ΔͨΊͷϓϩτίϧͳͷͰɺͲ͔͜Βϝʔ ϧ͕དྷ͔ͨΛ͍͍ͪͪೝূ͢Δඞཁ͕ͳ͍ɻཧ۶͸Θ͔Δͷ͚ͩ Ͳ໎࿭ϝʔϧ͕͸ͼ͜Δ࠷େͷݪҼͷҰ͕ͭ͜Εɻ POP before SMTPɺSMTP-AUTHͳͲͷ֦ுͰೝূΛ͢Δɻ

  18. SPF, DKIM ͜ͷϝʔϧ͸ͪΌΜͱ͜ͷυϝΠϯΛॴ༗͍ͯ͠Δਓʢͷαʔ όʔʣ͔Βདྷͯ·͢Αɺͱ͍͏͜ͱΛ͍ࣔͨ͠ɻ ͲͪΒ΋DNSͷTXTϨίʔυʹهड़Λߦ͏ɻ • SPF: ڐՄ͢ΔIPΞυϨεΛࢦఆɻ • DKIM:

    ެ։伴ΛTXTϨίʔυʹઃఆɻαʔόʔ͸ൿີ伴Λར༻͠ ͯϝοηʔδʹॺ໊͢Δɻ

  19. SPF TXTϨίʔυʹIPΞυϨεɺ΋͘͠͸MXϨίʔυͷυϝΠϯ໊Λࢦ ఆ͢Δ͚ͩɻ ྫ: example.net. IN TXT "v=spf1 ip4:192.0.2.1 -all"

  20. DKIM • opendkimΛΠϯετʔϧͯ͠ઃఆ͢Δ • ΍Δ͜ͱଟ͍ͷͰৄࡉ͸DigitalOceanͷνϡʔτϦΞϧࢀর - https:/ /www.digitalocean.com/community/tutorials/how-to- install-and-configure-dkim-with-postfix-on-debian-wheezy •

    ެ։伴ɾൿີ伴ϖΞͷੜ੒ͱTXTϨίʔυͷੜ੒Λ΍ͬͯ͘ ΕΔ
  21. None

  22. DMARC • ϔομʹࣔ͞ΕΔૹ৴ऀͷυϝΠϯ(Header-From)ͱMAIL FROM ίϚϯυͰ౉͞ΕΔૹ৴ऀͷυϝΠϯ(Envelope-From)ͷҰகΛ औΔ • Header-FromͷυϝΠϯ໊ͱDKIMͷ"d="Ͱ༩͑ΒΕΔυϝΠϯ ໊ͷҰகΛऔΔ ͱ͍͏௥ՃͷೝূΛ͢Δɻࣦഊͨ͠৔߹ʹυϝΠϯΦʔφʔʹ໰

    ୊ͷ͋ΔϝʔϧΛใࠂͰ͖Δ࢓૊Έ΋͋Δɻ

  23. SPF, DKIM, DMARCͷઃ ఆϛε͸͔ͳΓଟ͍ αʔϏε࢖ͬͯͯ΋DNSઃఆ๨ΕΔͱ ໎࿭ϝʔϧѻ͍͞Ε·͢

  24. ड৴͢Δଆͱͯ͠͸ ʮ໎࿭ϝʔϧ͸ड৴ ϘοΫεʹೖͬͨ࣌఺ Ͱෛ͚ʯ MTAͰݕূͪΌΜͱ͠Α͏

  25. ૹΔଆͰؾΛ͚ͭͳ ͖Ό͍͚ͳ͍͜ͱ

  26. LTͩͱೖΓ੾Βͳ͍ͷ Ͱ؆୯ʹ঺հ

  27. GoogleͷҰׅૹ৴ΨΠυϥΠ ϯ https:/ /support.google.com/a/answer/81126?hl=ja ૹΔଆ͸͜Εकͬͯͳ͍ͱ͍ͭͷؒʹ͔໎࿭ϝʔϧϑΥϧμߦ͖ ʹͳΓ·͢ɻ ૹ৴ϘϦϡʔϜ͕େ͖͍৔߹͸Postmaster ToolsΛ࢖͏ͱΑ͍ɻ

  28. mail-tester.com https:/ /www.mail-tester.com/ ͜͜ʹϝʔϧૹΔͱIP͕ϒϥοΫϦετ͞ΕͯΔ͔Ͳ͏͔΍Ұൠ తͳઃఆϛεʹ͍ͭͯڭ͑ͯ͘ΕΔɻ

  29. None

  30. DigitalOcean͔Βૹͬͯ ͨΒMSNʹϒϩοΫ͞ ΕͯͨͰ͟͝Δ

  31. None

  32. چWILLCOMܥͷΞυϨ εʹ͸௨৴͢Βड͚෇ ͚ͯ΋Β͑ͳ͔ͬͨ

  33. None

  34. ݸਓͰϝʔϧ΍Δͷ͸͓͢͢ Ί͠·ͤΜ(࠶) • IMAP΍ΔͱετϨʔδ஍ࠈʹؕΓ·͢ • ໎࿭ϝʔϧରࡦ͸͠ΜͲ͍ • ઃఆϛεΔͱϝʔϧ͕૬खʹಧ͖·ͤΜ • ͱ͍͏͔SMTPΛ΍ΊΖ

  35. ͳͷͰWebαʔϏεΛ࢖͓͏ (࠶) • Mailgun, Mandrill, Postmark, SendGrid, Amazon SES •

    αʔόʔӡ༻Λؙ౤͛Ͱ͖Δ͠ • ໎࿭ϝʔϧରࡦ΍ͬͯ͘ΕΔ • IPΞυϨεͷϨϐϡςʔγϣϯ؅ཧ΋΍ͬͯ͘ΕΔ

  36. Ͳ͏ͯ͠΋΍Γ͍ͨ ํʹ͸ ΋͏ͪΐͬͱ౿ΈࠐΜͩ಺༰Λ"Dark Depths of SMTP"(ٕज़ॻయ4ॳग़)ͱ͍͏ ຊͰॻ͍͍ͯ·͢ ͜ͷ෼໺͸঎ۀຊ͕࠷ۙग़ͯͳ͍ͷͰ͓ ͦΒ͘࠷৽Ͱ͢ ͳ͓౦ํཁૉ͸දࢴ͚ͩͰ͢ɻ

  37. Welcome to SMTPপ