Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Email in Rails (and/or introduction to "Dark De...

sylph01
September 18, 2019
Technology
0
1.2k

Email in Rails (and/or introduction to "Dark Depths of Email")

presented at Fukuoka.rb 150th anniversary LT

sylph01

September 18, 2019
Tweet

More Decks by sylph01

See All by sylph01
Updates on PicoRuby Networking, HPKE (and maybe more)
sylph01
1
190
Adding Security to Microcontroller Ruby
sylph01
2
3.1k
Secure Messaging at IETF 118
sylph01
0
63
Adventures in the Dungeons of OpenSSL
sylph01
0
460
Community & RubyKaigi Showcase @ Ehime.rb Reboot Meetup
sylph01
0
290
Build and Learn Rails Authentication
sylph01
8
2k
Email, Messaging, and Self-Sovereign Identity (2021/05/28 edition)
sylph01
0
270
DNS Encryption and Its Controversies
sylph01
0
710
Email, Messaging, and SSI/DID (再放送)
sylph01
0
1.4k

Other Decks in Technology

See All in Technology
SREが投資するAIOps ~ペアーズにおけるLLM for Developerへの取り組み~
takumiogawa
1
450
AGIについてChatGPTに聞いてみた
blueb
0
130
アジャイルチームがらしさを発揮するための目標づくり / Making the goal and enabling the team
kakehashi
3
150
生成AIが変えるデータ分析の全体像
ishikawa_satoru
0
170
適材適所の技術選定 〜GraphQL・REST API・tRPC〜 / Optimal Technology Selection
kakehashi
1
700
Python(PYNQ)がテーマのAMD主催のFPGAコンテストに参加してきた
iotengineer22
0
520
Amplify Gen2 Deep Dive / バックエンドの型をいかにしてフロントエンドへ伝えるか #TSKaigi #TSKaigiKansai #AWSAmplifyJP
tacck
PRO
0
390
Exadata Database Service on Dedicated Infrastructure(ExaDB-D) UI スクリーン・キャプチャ集
oracle4engineer
PRO
2
3.2k
テストコード品質を高めるためにMutation Testingライブラリ・Strykerを実戦導入してみた話
ysknsid25
7
2.7k
安心してください、日本語使えますよ―Ubuntu日本語Remix提供休止に寄せて― 2024-11-17
nobutomurata
1
1k
iOS/Androidで同じUI体験をネ イティブで作成する際に気をつ けたい落とし穴
fumiyasac0921
1
110
アジャイルでの品質の進化 Agile in Motion vol.1/20241118 Hiroyuki Sato
shift_evolve
0
170

Featured

See All Featured
No one is an island. Learnings from fostering a developers community.
thoeni
19
3k
Typedesign – Prime Four
hannesfritz
40
2.4k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5k
Building Better People: How to give real-time feedback that sticks.
wjessup
364
19k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
Keith and Marios Guide to Fast Websites
keithpitt
409
22k
Ruby is Unlike a Banana
tanoku
97
11k
The World Runs on Bad Software
bkeepers
PRO
65
11k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
229
52k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
The Power of CSS Pseudo Elements
geoffreycrofte
73
5.3k
Mobile First: as difficult as doing things right
swwweet
222
8.9k

Transcript

  1. Email in Rails, and/or Introduction to the "Dark Depths of

    Email" Ryo Kajiwara(sylph01) @ Fukuoka.rb #149/150

  2. ୭ʁ sylph01 / ֿݪ ཾ Twitter: @s01 ҉߸ͱ͔Ͱ͖·͢ Elixirͱ͔Ͱ͖·͢ Ruby·ΔͰΘ͔ΒΜ

  3. None

  4. W3CͷձٞͰདྷ·ͨ͠ ͍Ζ͍Ζweb-relatedͳεςοΧʔͱ ͔͋ΔͷͰ͋ͱͰ੠͔͚͍ͯͩ͘͞

  5. None
  6. None
  7. None

  8. RailsͰϝʔϧͷ͢΂ͯ Λѻ͑ΔΑ͏ʹͳͬ ͨʂ

  9. MTAʮ΁ͷʯೖΓޱΛ උ͍͑ͯΔɺͱ͋Δ͚ ͲɺͲͪΒ͔ͱ͍͏ͱ MTAʮ͔ΒͷʯೖΓޱ

  10. ͜Ε͸ԿΛ͢Δ΋ͷͧ • ड৴ϝʔϧΛActiveRecordΦϒδΣΫτʹม׵ • ActiveStorageͰϥΠϑαΠΫϧ؅ཧɺҰఆظؒܦͬͨΒࣗಈম ٫ʢ࡟আʣ • ϝʔϧΛड͚ͨͱ͖ͷॲཧΛॻ͚Δ

  11. ݸਓͰϝʔϧ΍Δͷ͸͓͢͢ Ί͠·ͤΜ • IMAP΍ΔͱετϨʔδ஍ࠈʹؕΓ·͢ • ໎࿭ϝʔϧରࡦ͸͠ΜͲ͍ • ઃఆϛεΔͱϝʔϧ͕૬खʹಧ͖·ͤΜ • ͱ͍͏͔SMTPΛ΍ΊΖ

  12. ͳͷͰGuidesʹॻ͍ͯ͋ΔΑ ͏ʹWebαʔϏεΛ࢖͓͏ • Mailgun • Mandrill • Postmark • SendGrid

    • ·ͨ͸Amazon SESʢଞʹൺ΂Δͱࣗ෼ͰMTA؅ཧ͢Δͷʹۙ͘ ͸͋Δʣ

  13. ͦΕͰ΋΍Γͨ͘ͳͬ ͨͱ͖ͷ࿩Λ͠·͢

  14. ஫: ͔͜͜ΒNot Ruby Rubyͷݴ༿ͰؤுΓ͔͚ͨͬͨͲؒ ʹ߹Θͳ͔ͬͨΑ…

  15. SMTP Ͳ͕͜Simple΍ͶΜMail Transfer Protocolɻ RFC 821 → ݱࡏͷ࠷৽͸ RFC 5321

    ʮϝʔϧΛόέπϦϨʔͷΑ͏ʹసૹ͢ΔʯͷͰʮSMTP relayingʯͱ͔ʮϦϨʔαʔόʔʯͱ͔͍͏͚ΕͲݱ୅తʹ͸͜ͷ Πϝʔδ͸࣋ͬͯͳͯ͘Α͍Ͱ͢ɻ૬खઌυϝΠϯ໊ͷMXϨίʔ υΛݟͯ௚઀ͦ͜ʹୟ͖͚ͭ·͢ɻ
  16. None

  17. SMTPʹ͸ೝূ͕ͳ͍ SMTP͸ϦϨʔػߏΛ࡞ΔͨΊͷϓϩτίϧͳͷͰɺͲ͔͜Βϝʔ ϧ͕དྷ͔ͨΛ͍͍ͪͪೝূ͢Δඞཁ͕ͳ͍ɻཧ۶͸Θ͔Δͷ͚ͩ Ͳ໎࿭ϝʔϧ͕͸ͼ͜Δ࠷େͷݪҼͷҰ͕ͭ͜Εɻ POP before SMTPɺSMTP-AUTHͳͲͷ֦ுͰೝূΛ͢Δɻ

  18. SPF, DKIM ͜ͷϝʔϧ͸ͪΌΜͱ͜ͷυϝΠϯΛॴ༗͍ͯ͠Δਓʢͷαʔ όʔʣ͔Βདྷͯ·͢Αɺͱ͍͏͜ͱΛ͍ࣔͨ͠ɻ ͲͪΒ΋DNSͷTXTϨίʔυʹهड़Λߦ͏ɻ • SPF: ڐՄ͢ΔIPΞυϨεΛࢦఆɻ • DKIM:

    ެ։伴ΛTXTϨίʔυʹઃఆɻαʔόʔ͸ൿີ伴Λར༻͠ ͯϝοηʔδʹॺ໊͢Δɻ

  19. SPF TXTϨίʔυʹIPΞυϨεɺ΋͘͠͸MXϨίʔυͷυϝΠϯ໊Λࢦ ఆ͢Δ͚ͩɻ ྫ: example.net. IN TXT "v=spf1 ip4:192.0.2.1 -all"

  20. DKIM • opendkimΛΠϯετʔϧͯ͠ઃఆ͢Δ • ΍Δ͜ͱଟ͍ͷͰৄࡉ͸DigitalOceanͷνϡʔτϦΞϧࢀর - https:/ /www.digitalocean.com/community/tutorials/how-to- install-and-configure-dkim-with-postfix-on-debian-wheezy •

    ެ։伴ɾൿີ伴ϖΞͷੜ੒ͱTXTϨίʔυͷੜ੒Λ΍ͬͯ͘ ΕΔ
  21. None

  22. DMARC • ϔομʹࣔ͞ΕΔૹ৴ऀͷυϝΠϯ(Header-From)ͱMAIL FROM ίϚϯυͰ౉͞ΕΔૹ৴ऀͷυϝΠϯ(Envelope-From)ͷҰகΛ औΔ • Header-FromͷυϝΠϯ໊ͱDKIMͷ"d="Ͱ༩͑ΒΕΔυϝΠϯ ໊ͷҰகΛऔΔ ͱ͍͏௥ՃͷೝূΛ͢Δɻࣦഊͨ͠৔߹ʹυϝΠϯΦʔφʔʹ໰

    ୊ͷ͋ΔϝʔϧΛใࠂͰ͖Δ࢓૊Έ΋͋Δɻ

  23. SPF, DKIM, DMARCͷઃ ఆϛε͸͔ͳΓଟ͍ αʔϏε࢖ͬͯͯ΋DNSઃఆ๨ΕΔͱ ໎࿭ϝʔϧѻ͍͞Ε·͢

  24. ड৴͢Δଆͱͯ͠͸ ʮ໎࿭ϝʔϧ͸ड৴ ϘοΫεʹೖͬͨ࣌఺ Ͱෛ͚ʯ MTAͰݕূͪΌΜͱ͠Α͏

  25. ૹΔଆͰؾΛ͚ͭͳ ͖Ό͍͚ͳ͍͜ͱ

  26. LTͩͱೖΓ੾Βͳ͍ͷ Ͱ؆୯ʹ঺հ

  27. GoogleͷҰׅૹ৴ΨΠυϥΠ ϯ https:/ /support.google.com/a/answer/81126?hl=ja ૹΔଆ͸͜Εकͬͯͳ͍ͱ͍ͭͷؒʹ͔໎࿭ϝʔϧϑΥϧμߦ͖ ʹͳΓ·͢ɻ ૹ৴ϘϦϡʔϜ͕େ͖͍৔߹͸Postmaster ToolsΛ࢖͏ͱΑ͍ɻ

  28. mail-tester.com https:/ /www.mail-tester.com/ ͜͜ʹϝʔϧૹΔͱIP͕ϒϥοΫϦετ͞ΕͯΔ͔Ͳ͏͔΍Ұൠ తͳઃఆϛεʹ͍ͭͯڭ͑ͯ͘ΕΔɻ

  29. None

  30. DigitalOcean͔Βૹͬͯ ͨΒMSNʹϒϩοΫ͞ ΕͯͨͰ͟͝Δ

  31. None

  32. چWILLCOMܥͷΞυϨ εʹ͸௨৴͢Βड͚෇ ͚ͯ΋Β͑ͳ͔ͬͨ

  33. None

  34. ݸਓͰϝʔϧ΍Δͷ͸͓͢͢ Ί͠·ͤΜ(࠶) • IMAP΍ΔͱετϨʔδ஍ࠈʹؕΓ·͢ • ໎࿭ϝʔϧରࡦ͸͠ΜͲ͍ • ઃఆϛεΔͱϝʔϧ͕૬खʹಧ͖·ͤΜ • ͱ͍͏͔SMTPΛ΍ΊΖ

  35. ͳͷͰWebαʔϏεΛ࢖͓͏ (࠶) • Mailgun, Mandrill, Postmark, SendGrid, Amazon SES •

    αʔόʔӡ༻Λؙ౤͛Ͱ͖Δ͠ • ໎࿭ϝʔϧରࡦ΍ͬͯ͘ΕΔ • IPΞυϨεͷϨϐϡςʔγϣϯ؅ཧ΋΍ͬͯ͘ΕΔ

  36. Ͳ͏ͯ͠΋΍Γ͍ͨ ํʹ͸ ΋͏ͪΐͬͱ౿ΈࠐΜͩ಺༰Λ"Dark Depths of SMTP"(ٕज़ॻయ4ॳग़)ͱ͍͏ ຊͰॻ͍͍ͯ·͢ ͜ͷ෼໺͸঎ۀຊ͕࠷ۙग़ͯͳ͍ͷͰ͓ ͦΒ͘࠷৽Ͱ͢ ͳ͓౦ํཁૉ͸දࢴ͚ͩͰ͢ɻ

  37. Welcome to SMTPপ