Email server on AWS EC2 - amazon-web-services

High level, what I'm tying to do:
We want to create a specific email address for each of our customers on our domain name (example customer01#xyz.com). When an email is received at that address, our system will associate the attachment with that customer and process it a certain way. The email addresses will only be used for this purpose, so I don't really need a user interface or anything (although it might be nice to have for troubleshooting).
I've just started using AWS and have an overall understanding of the services. I'm planning on doing this on an EC2 instance.
I'm assuming it's possible to set up a mail server (incoming mail only) to constantly monitor all the customer specific email address and process any attachments that come in.
Where do I even start with researching this (I've Googled it but need more direction)? Here are some questions that come to mind:
1) What mail server software is best for this? Or is this even needed?
2) Is it possible to write code to monitor the incoming email for ALL email addresses simultaneously? I don't mind buying existing software if it fits our needs.
I'm a programmer myself but will not be coding this project. I'll be hiring someone from Elance but I want to at least have a general knowledge of what is needed before posting the job.
Thanks for any advice or links to helpful sites to get me in the right direction here.

Your requirement concentrates on processing the received Incoming Emails. AWS doesn't have any out of the box service / solution. Amazon Provides SES - Simple Email Service, which will help you deliver emails.
You need to build your solution on SMTP Servers like MS Exchange or Apache James etc.

This product: http://www.email2db.com/ should do what you want. You could install it on EC2 or even use their hosted edition. Not cheap, but I suspect a lot cheaper than hiring someone to write something with 1/10 the features.

There are some cloud services that provide such solution like Mailgun or Mandrill. Presonally I've only used Mailgun and it's awesome. You setup routing rules based on regexp on a domain and you can set them up to be redirected as a POST to your website. Both providers have a free tier of 10-12k mails per month wich is great.
Regards,
Marc

Related

Prevent a user from "hammering" a web service

I have a MVC 5 internet application with a web service that is hosted on Azure. I am wanting to implement some sort of security that prevents any users from "hammering" the web service. When I say "hammering", I am referring to a user constantly attacking a url thousands of times.
I have done some research online, yet cannot find any relevant resources.
Should I write my own code for this, or is there a library/tool that I can implement?
I am thinking of doing the following if I should write this myself:
Each time a user accesses the web service, increment a count variable for the ip address.
If the ip address count variable exceeds a number (i.e. 1000), do not send the web service data to the user
Before I write this myself, is there a library/tool that I can implement instead of writing my own?
Thanks in advance.
EDIT
Sorry, I forgot to add that I am not using a virtual machine, and instead, I have a website with a web API service.
Azure provides protection already for DDoS attacks. Take a look at the Microsoft Azure Trust Center documentation. There is a ton of protection and detection built into the platform and as for best practices for writing secure code, you will find that in the resources section of the trust center. But, writing code to count the number of requests from an IP address as you mentioned is not the way to go. Simon W points out an obvious problem with this approach in the comments.

Are there any web services or other APIs that let you purchase something without having to set up an account first?

I am trying to prototype a system that will display a list of choices to a user, and allow them to place an order for the one they select (an over simplification of the prototype, but sufficient to get to the point). I have the users credit card number, billing and shipping addresses, and other contact information, but I can't find any web services that will let me actually purchase something with this information to complete the prototype. I have checked directories such as Programmable Web and Xmethods, but they just seem to point to APIs that let you check for prices and availability, but not actually place an order. Does such a thing exist, or is there some reason (such as security) that I am missing, that prevents such a service from being offered?
The most important thing about online shopping is the security of transmitted information (e.g. credit card data). So the ideal case is to transmit these information directly to the related bank's (issuer of the credit card) payment services, rather than passing it via other service providers. This is what 3-D Secure does.
So when you use a common API this means putting an extra broker between, and passing the secure information to this party which increases vulnerability. Since such a broker cannot use 3-D secure (since it is not the merchant so not possible to make an agreement with the banks) and it should pass the information to online shopping site.
Moreover, an online shoping site can block traffic coming from such an intermediary webservice at any time if you do not make an obligatory agreement and making agreements for each online merchant is practically not very possible.
There is no such free API available the simple reason behind that information like credit card is very secure and confidential and there will security threat on free API's.
here is list of best 10 online payment system
http://sixrevisions.com/tools/online-payment-systems/
and this one who providing live demo
http://www.fastcharge.com/
I think it is possible though I don't know in depth information. I think this is what you see. In next steps you will be redirected to payment gateway of the bank and then you can complete the transactions just by answering some security questions. I think this is a service you should obtain from the bank. And I haven't seen any universal API that can perform the task you have mentioned.
Dialog GSM - Sri Lanka
Anything.lk - Sri Lanka

AWS and Railo setup

I wondered if anyone can point me in the right direction in regards to installing Railo on AWS.
In my spare time I've put together a website to sell illustrations, but due to cost I'm unable to keep on spending money hosting it on a dedicate CF server with almost zero budget for marketing. I've been toying with the idea of setting up an account with Amazon and installing Railo.
Over the past few months I've had different advice, such as get a S3 account to host the images and an EC2 account for Railo for the website and DB with SSL, or just have S3 account where I will be able to host Railo and have my images on the same server. I'm not sure what is best and I was wondering if you can advise what you think a good solution would be.
I've read a few blogs some with good details on setups but they seem to be over a year+ old, so I'm not sure if they are valid solution any more. It's very much over my head, as I'm a developer, but I'm very eager to learn new things especially about the cloud service as it's not a common area to get involved in when working for companies. In the past I used to tag a long to server rooms and understand the infrastructure but now everything is done remotely and it's not so easy to get involved.
Any basic advice/advanced advice from your experiences of what I should follow and if you know of any good resources would be very much appreciated.
Should I get an S3 and EC2 AWS setup or will one of them do (will need DB connectivity)?
Load balancing two EC2 instances will that be hard to configure, I will need to web servers.
I just posted this very topic a few weeks ago. Should still be more than up to date:
http://blog.nictunney.com/2012/03/railo-tomcat-and-apache-on-amazon-ec2.html
HTH

Amazon SES (Simple Email Service) for bulk e-mail, NOT for transactional e-mails? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 6 years ago.
Improve this question
The Amazon SES (Simple Email Service) self-described as a "highly scalable and cost-effective bulk and transactional email-sending service".
From everything that I can gather, and by perusing the AWS SDK as well as the SES guides and API, it looks great for transactional emails (i.e. application emails sent in a one-off fashion), but I cannot find anything about bulk emailing.
Based on the price-point, Amazon clearly wants/needs customers to send very large quantities of mail.
Is the expectation that you (as someone implementing Amazon SES) make individual calls per email send?
i.e. If you are sending a marketing email to 200,000 recipients, do you really make 200K requests to the SendEmail or SendRawEmail via curl (or whatever) or using the AWS sdk?
This seems impractical.
The docs now clearly state that you can add up to 50 recipients per message. So you can divide up your sender list in batches; for 200k recipients you would have to make 4k API calls. Not terribly convenient for bulk mails; I would guess Amazon is not orienting their service for this particular use.
If you take a look in the API reference it would certainly look like you can send to more than one account at a time per request.
SendEmail requires an argument of 'Destination' of type 'Destination'.
Destination has three properties: ToAddresses, CCAddresses, BCCAddresses - all are of type "string list".
If you look at the example requests in the Developer Guide, you'll see it specified the destination addresses as an argument similar to:
&Destination.ToAddresses.member.1=allan%40example.com
I'm going to go out on a limb and guess for a 'string list' they're expecting multiple addresses in a format similar to:
&Destination.ToAddresses.member.1=allan%40example.com
&Destination.ToAddresses.member.2=other%40example.com
&Destination.ToAddresses.member.3=asdfq%40example.com
...
&Destination.ToAddresses.member.1000=final%40example.com
I actually stumbled across your question looking for answers to some of my own questions about SES - as of yet the docs are complete enough to use, but not always terribly helpful - you often have to make some fun inferences to get answers - just a fair warning for you!
Cheers!
Edit: One other thing that might be possible I pulled from the quote you posted in your self-answer:
either by modifying the software to directly call Amazon SES, or reconfiguring it to deliver email through an Amazon SES SMTP relay as described above.
If you set up your own SMTP server, and just have it relay/forward through SES, that might handle your queuing/etc. You can just shoot out a few thousand e-mails and your SMTP server will handle queuing/etc before it hits Amazon.
Thanks NuclearDog,
Upon further review, I think the answer to the question is to call the api repeatedly, x times (below from the SES FAQ).
Lets say we are sending out 200K mailings. First, I would be very interested to know the realistic limit for how many "ToAddresses" we can tack on to one mailing. Once we know that, we could maybe batch sends into groups of 100 or so "ToAddresses" at a time.
Second, as with most bulk mailings, the content is slightly different per recipient, even if it is just a "Hello ," intro. Given that the mailing body will, while similar, will have personalization per email, I believe the expectation is simply to call the api over and over. I was thinking perhaps there would be some way to queue up multiple emails with one call, then do a send, but this is likely not realistic given the nature of the API.
SES is probably intended to be a bit more scalable in this fashion using one of the Amazon AWS database products.
For now, I think I would have to implement a queue or message system to call the api X times in an efficient so that all the api calls 1) don't take all day, and 2) don't tax our systems too much.
Q: Can I use Amazon SES to send bulk
email? Yes. Simply call the SendEmail
or SendRawEmail APIs repeatedly for
each email you would like to send.
Software running on Amazon EC2, Amazon
Elastic MapReduce, or your own servers
can compose and deliver bulk emails
via Amazon SES in whatever way best
suits your business. If you already
have your own bulk mailing software,
it’s easy to update it to deliver
through Amazon SES – either by
modifying the software to directly
call Amazon SES, or reconfiguring it
to deliver email through an Amazon SES
SMTP relay as described above.
You can use their Simple Queue Service to send bulk email.

Using Amazon MechanicalTurk if location is not US?

Amazon Mechanical Turk is a mass-micro outsourcing API, where you can get lots's of small simple tasks (e.g."Is there a shop in this image") done relatively cheaply (e.g. 0.10 U$ per image).
Amazon seems to assume that this service is mostly of interest to US companies. This results in difficulties if you want to use the service (as an "Requester"): for example there is no easy way of funding your Account without an US Bank account.
Can somebody share experiences of using the Service from outside the US?
Since Amazon doesn't let outside US access yet, you'll need to either:
Wait for Amazon to open it up to outside US, might be a long wait.
Get a good friend in the US to open a PO Box for you then use an online US bank to create an account. If you don't start a corporation or other legal business, they will need to provide their US drivers license to Amazon too.
Use a 3rd party provider like HIT-Builder who will let you post on Mechanical Turk using their US Amazon account.
I think they recently changed their rules - I am based in Australia, and as recently as 6 months ago I was unable to use Mechanical Turk. That recently changed and now I am able to post jobs on the service.
You may want to take a look at TurkPrime labs which offers this as a service to non-US based researchers.
The problem you have is that to actually be able to add funds to your account, you need to have a US billing address. If you can get round that issue, then it all works fine.