Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Email in Rails (and/or introduction to "Dark De...
Search
sylph01
September 18, 2019
Technology
0
1.3k
Email in Rails (and/or introduction to "Dark Depths of Email")
presented at Fukuoka.rb 150th anniversary LT
sylph01
September 18, 2019
Tweet
Share
More Decks by sylph01
See All by sylph01
The Definitive? Guide To Locally Organizing RubyKaigi
sylph01
6
1.5k
End-to-End Encryption Saves Lives. You Can Start Saving Lives With Ruby, Too
sylph01
1
100
End-to-End Encryption Saves Lives. You Can Start Saving Lives With Ruby, Too (JP subtitles)
sylph01
2
490
Introduction to C Extensions
sylph01
3
200
"Actual" Security in Microcontroller Ruby!?
sylph01
0
140
Everyone Now Understands AuthZ/AuthN and Encryption Perfectly and I'm Gonna Lose My Job
sylph01
1
64
Updates on PicoRuby Networking, HPKE (and maybe more)
sylph01
1
300
Adding Security to Microcontroller Ruby
sylph01
3
3.6k
Secure Messaging at IETF 118
sylph01
0
110
Other Decks in Technology
See All in Technology
“日本一のM&A企業”を支える、少人数SREの効率化戦略 / SRE NEXT 2025
genda
1
270
AI エージェントと考え直すデータ基盤
na0
20
7.9k
大量配信システムにおけるSLOの実践:「見えない」信頼性をSLOで可視化
plaidtech
PRO
0
390
Introduction to Sansan, inc / Sansan Global Development Center, Inc.
sansan33
PRO
0
2.7k
Four Keysから始める信頼性の改善 - SRE NEXT 2025
ozakikota
0
410
ビジネス職が分析も担う事業部制組織でのデータ活用の仕組みづくり / Enabling Data Analytics in Business-Led Divisional Organizations
zaimy
1
390
LIXIL基幹システム刷新に立ち向かう技術的アプローチについて
tsukuha
1
380
第64回コンピュータビジョン勉強会「The PanAf-FGBG Dataset: Understanding the Impact of Backgrounds in Wildlife Behaviour Recognition」
x_ttyszk
0
240
[SRE NEXT 2025] すみずみまで暖かく照らすあなたの太陽でありたい
carnappopper
2
470
助けて! XからWaylandに移行しないと新しいGNOMEが使えなくなっちゃう 2025-07-12
nobutomurata
2
200
SRE不在の開発チームが障害対応と 向き合った100日間 / 100 days dealing with issues without SREs
shin1988
2
2k
ABEMAの本番環境負荷試験への挑戦
mk2taiga
5
1.3k
Featured
See All Featured
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
8
700
jQuery: Nuts, Bolts and Bling
dougneiner
63
7.8k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
229
22k
A better future with KSS
kneath
238
17k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
26k
Speed Design
sergeychernyshev
32
1k
Raft: Consensus for Rubyists
vanstee
140
7k
Visualization
eitanlees
146
16k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
161
15k
StorybookのUI Testing Handbookを読んだ
zakiyama
30
5.9k
Bash Introduction
62gerente
613
210k
Building Better People: How to give real-time feedback that sticks.
wjessup
367
19k
Transcript
Email in Rails, and/or Introduction to the "Dark Depths of
Email" Ryo Kajiwara(sylph01) @ Fukuoka.rb #149/150
୭ʁ sylph01 / ֿݪ ཾ Twitter: @s01 ҉߸ͱ͔Ͱ͖·͢ Elixirͱ͔Ͱ͖·͢ Ruby·ΔͰΘ͔ΒΜ
None
W3CͷձٞͰདྷ·ͨ͠ ͍Ζ͍Ζweb-relatedͳεςοΧʔͱ ͔͋ΔͷͰ͋ͱͰ͔͚͍ͯͩ͘͞
None
None
None
RailsͰϝʔϧͷͯ͢ Λѻ͑ΔΑ͏ʹͳͬ ͨʂ
MTAʮͷʯೖΓޱΛ උ͍͑ͯΔɺͱ͋Δ͚ ͲɺͲͪΒ͔ͱ͍͏ͱ MTAʮ͔ΒͷʯೖΓޱ
͜ΕԿΛ͢Δͷͧ • ड৴ϝʔϧΛActiveRecordΦϒδΣΫτʹม • ActiveStorageͰϥΠϑαΠΫϧཧɺҰఆظؒܦͬͨΒࣗಈম ٫ʢআʣ • ϝʔϧΛड͚ͨͱ͖ͷॲཧΛॻ͚Δ
ݸਓͰϝʔϧΔͷ͓͢͢ Ί͠·ͤΜ • IMAPΔͱετϨʔδࠈʹؕΓ·͢ • ໎ϝʔϧରࡦ͠ΜͲ͍ • ઃఆϛεΔͱϝʔϧ͕૬खʹಧ͖·ͤΜ • ͱ͍͏͔SMTPΛΊΖ
ͳͷͰGuidesʹॻ͍ͯ͋ΔΑ ͏ʹWebαʔϏεΛ͓͏ • Mailgun • Mandrill • Postmark • SendGrid
• ·ͨAmazon SESʢଞʹൺΔͱࣗͰMTAཧ͢Δͷʹۙ͘ ͋Δʣ
ͦΕͰΓͨ͘ͳͬ ͨͱ͖ͷΛ͠·͢
: ͔͜͜ΒNot Ruby Rubyͷݴ༿ͰؤுΓ͔͚ͨͬͨͲؒ ʹ߹Θͳ͔ͬͨΑ…
SMTP Ͳ͕͜SimpleͶΜMail Transfer Protocolɻ RFC 821 → ݱࡏͷ࠷৽ RFC 5321
ʮϝʔϧΛόέπϦϨʔͷΑ͏ʹసૹ͢ΔʯͷͰʮSMTP relayingʯͱ͔ʮϦϨʔαʔόʔʯͱ͔͍͏͚ΕͲݱతʹ͜ͷ Πϝʔδ࣋ͬͯͳͯ͘Α͍Ͱ͢ɻ૬खઌυϝΠϯ໊ͷMXϨίʔ υΛݟͯͦ͜ʹୟ͖͚ͭ·͢ɻ
None
SMTPʹೝূ͕ͳ͍ SMTPϦϨʔػߏΛ࡞ΔͨΊͷϓϩτίϧͳͷͰɺͲ͔͜Βϝʔ ϧ͕དྷ͔ͨΛ͍͍ͪͪೝূ͢Δඞཁ͕ͳ͍ɻཧ۶Θ͔Δͷ͚ͩ Ͳ໎ϝʔϧ͕ͼ͜Δ࠷େͷݪҼͷҰ͕ͭ͜Εɻ POP before SMTPɺSMTP-AUTHͳͲͷ֦ுͰೝূΛ͢Δɻ
SPF, DKIM ͜ͷϝʔϧͪΌΜͱ͜ͷυϝΠϯΛॴ༗͍ͯ͠Δਓʢͷαʔ όʔʣ͔Βདྷͯ·͢Αɺͱ͍͏͜ͱΛ͍ࣔͨ͠ɻ ͲͪΒDNSͷTXTϨίʔυʹهड़Λߦ͏ɻ • SPF: ڐՄ͢ΔIPΞυϨεΛࢦఆɻ • DKIM:
ެ։伴ΛTXTϨίʔυʹઃఆɻαʔόʔൿີ伴Λར༻͠ ͯϝοηʔδʹॺ໊͢Δɻ
SPF TXTϨίʔυʹIPΞυϨεɺ͘͠MXϨίʔυͷυϝΠϯ໊Λࢦ ఆ͢Δ͚ͩɻ ྫ: example.net. IN TXT "v=spf1 ip4:192.0.2.1 -all"
DKIM • opendkimΛΠϯετʔϧͯ͠ઃఆ͢Δ • Δ͜ͱଟ͍ͷͰৄࡉDigitalOceanͷνϡʔτϦΞϧࢀর - https:/ /www.digitalocean.com/community/tutorials/how-to- install-and-configure-dkim-with-postfix-on-debian-wheezy •
ެ։伴ɾൿີ伴ϖΞͷੜͱTXTϨίʔυͷੜΛͬͯ͘ ΕΔ
None
DMARC • ϔομʹࣔ͞ΕΔૹ৴ऀͷυϝΠϯ(Header-From)ͱMAIL FROM ίϚϯυͰ͞ΕΔૹ৴ऀͷυϝΠϯ(Envelope-From)ͷҰகΛ औΔ • Header-FromͷυϝΠϯ໊ͱDKIMͷ"d="Ͱ༩͑ΒΕΔυϝΠϯ ໊ͷҰகΛऔΔ ͱ͍͏ՃͷೝূΛ͢Δɻࣦഊͨ͠߹ʹυϝΠϯΦʔφʔʹ
ͷ͋ΔϝʔϧΛใࠂͰ͖ΔΈ͋Δɻ
SPF, DKIM, DMARCͷઃ ఆϛε͔ͳΓଟ͍ αʔϏεͬͯͯDNSઃఆΕΔͱ ໎ϝʔϧѻ͍͞Ε·͢
ड৴͢Δଆͱͯ͠ ʮ໎ϝʔϧड৴ ϘοΫεʹೖͬͨ࣌ Ͱෛ͚ʯ MTAͰݕূͪΌΜͱ͠Α͏
ૹΔଆͰؾΛ͚ͭͳ ͖Ό͍͚ͳ͍͜ͱ
LTͩͱೖΓΒͳ͍ͷ Ͱ؆୯ʹհ
GoogleͷҰׅૹ৴ΨΠυϥΠ ϯ https:/ /support.google.com/a/answer/81126?hl=ja ૹΔଆ͜Εकͬͯͳ͍ͱ͍ͭͷؒʹ͔໎ϝʔϧϑΥϧμߦ͖ ʹͳΓ·͢ɻ ૹ৴ϘϦϡʔϜ͕େ͖͍߹Postmaster ToolsΛ͏ͱΑ͍ɻ
mail-tester.com https:/ /www.mail-tester.com/ ͜͜ʹϝʔϧૹΔͱIP͕ϒϥοΫϦετ͞ΕͯΔ͔Ͳ͏͔Ұൠ తͳઃఆϛεʹ͍ͭͯڭ͑ͯ͘ΕΔɻ
None
DigitalOcean͔Βૹͬͯ ͨΒMSNʹϒϩοΫ͞ ΕͯͨͰ͟͝Δ
None
چWILLCOMܥͷΞυϨ εʹ௨৴͢Βड͚ ͚ͯΒ͑ͳ͔ͬͨ
None
ݸਓͰϝʔϧΔͷ͓͢͢ Ί͠·ͤΜ(࠶) • IMAPΔͱετϨʔδࠈʹؕΓ·͢ • ໎ϝʔϧରࡦ͠ΜͲ͍ • ઃఆϛεΔͱϝʔϧ͕૬खʹಧ͖·ͤΜ • ͱ͍͏͔SMTPΛΊΖ
ͳͷͰWebαʔϏεΛ͓͏ (࠶) • Mailgun, Mandrill, Postmark, SendGrid, Amazon SES •
αʔόʔӡ༻Λؙ͛Ͱ͖Δ͠ • ໎ϝʔϧରࡦͬͯ͘ΕΔ • IPΞυϨεͷϨϐϡςʔγϣϯཧͬͯ͘ΕΔ
Ͳ͏ͯ͠Γ͍ͨ ํʹ ͏ͪΐͬͱ౿ΈࠐΜͩ༰Λ"Dark Depths of SMTP"(ٕज़ॻయ4ॳग़)ͱ͍͏ ຊͰॻ͍͍ͯ·͢ ͜ͷۀຊ͕࠷ۙग़ͯͳ͍ͷͰ͓ ͦΒ͘࠷৽Ͱ͢ ͳ͓౦ํཁૉදࢴ͚ͩͰ͢ɻ
Welcome to SMTPপ