How do companies like facebook send notification emails to users? - mass-emails

How do companies like facebook send notification emails to users? Is it part of the code for their site or do they use a third-party email marketing company?

Facebook hosts their email delivery services internally. Therefore, it's part of the code for their own services.
Other companies have chosen other solutions, including the use of email services, or their own.

Related

Integrating Whatsapp with Aws- for sending msgs about aws services

I'm looking for AWS integration with whatsapp.
when any user start the aws services , that should be notify on whatsapp
is there any youtube link, or reference available on the internet?
thanks in advance
Whatsapp apis are not public.
To get the approval you need to give your application to facebook team here
But as far Facebook team is not directly approving the requests they are suggesting,
In order to ensure a high quality experience for businesses and users, we're in a limited public preview.
To go to market on WhatsApp Business API during this time, please consider using a Business Solution Provider. Facebook has partnered with over 46 global providers who specialize in WhatsApp business to consumer messaging. Search the WA Business API provider directory now.
Good luck.. you can't rely on the consumer Whatsapp for an API (in fact they might ban your number if you try using one of the reverse engineered API on github).. but you can get the business API here .. if you can work out how to find the actual API spec.. you are probably better off to use something with a well established api connector to AWS though

SSO solutions for Django

I have several Django websites and I want to create a centralized auth provider. The auth provider site would contain the user accounts and be the only repository for user details and passwords. Users would log into the auth provider site and when they visit each satellite website for the first time, an account is created on that site. Subsequent visits to the satellite site would result in them being sent to the auth provider site to login first. On returning they are automatically logged in to the satellite site. My only difficulty is that the auth provider site would be on the internet and the satellite sites are in DMZs on private networks with access to the internet. So the satellite sites cannot establish any outgoing connections to the auth provider.
I still need the ability to log into the satellite sites using the locally configured admin user.
I looked at OAuth2 but I don't think that fits my needs. I'm currently reading about OpenID but I noticed a comment that the satellite server contacts the OpenID server, which cannot happen in my configuration. When I say OpenID I mean that I would have to run my own server as I need 100% control over the users. Are there any other solutions I've not mentioned yet that meet my requirements?
Thanks
What you're looking for is essentially SAML.
Unfortunately, I'm not aware of any good off-the-shelf open source solutions for this.
If you're looking for a service solution, the company I work at (Stormpath) provides a library that does this. It's free to use. https://github.com/stormpath/stormpath-django

Google Apps API - get subscription details

I'm writing an utility to email an alert when:
a Google Apps domain's number of users approaches the subscription limit
a Google Apps domain's subscription is coming up for renewal
I found the data for point 1 in the Admin Settings API in fields called MaximumNumberOfUsers and CurrentNumberOfUsers
Unfortunately I cannot find any subscription/billing details in the APIs except in the Reseller APIs (which doesn't help me, I'm not a reseller)
This information is available in other cloud product APIs, like Office 365 etc.
Does anyone know if this information is accessible via an API?
The License Manager API provides a way to get/update/assign licenses to users but does not provide details about subscription renewals.
There is no API function currently to retrieve the renewal date.

Authentication with website, mobile app, and webservice

I am creating a service that will include a website, a mobile app, and a web service.
Both the website and mobile app will talk to the web service to interact with the database and any other backend items.
I would like users to be able to log in with other services (such as google, facebook, twitter, etc.)
I have two questions in implementing this:
1.) Should I use OpenID or OAuth? I'm not sure which is better for the situation. I have no need to actually access features from a users account, I just want them to be able to log in with accounts they already have,
2.) Where should I implement the authentication? Do I have to implement it both on the website and on the mobile app, or could I have both talk to the web service and do the authentication there?
Thanks
If you are just doing authentication and not syncing any account details, I think OpenID is the way to go. From a security standpoint, I would say to implement your authentication on the website and on the app and not in the webservice. You want to handle credentials the least amount possible and especially avoid sending the credentials via webservice if not using SSL.

Secure messaging using Secure MIME is it reliable?

We have an automatic reporting and notification system written in .net that sends emails with plain text. We are having to encrypt the messages that we send our clients.
The possible implementation approaches we have:
Send messages as S/Mime email with attachments.
Plain text email with that just contains a link to a web site that will display the message over https.
It seems like S/Mime is a simpler solution, as we won't need to create the web application or secure it.
Our concern is our interoperability with our clients email clients and more importantly their email filtering software.
Has anyone had success or issues deploying a Secure MIME messaging solution?
Given the wealth of different clients people use these days for email, like BlackBerry, Iphone, Android, Samsung, Nokia, Thunderbird, Outlook (Express), Apple Mail, web mail etc, I would go for the web application over https. It does take an extra step of clicking the link, and logging in, but it could be used from a lot more devices without extra configuration steps.
How are you going to solve the problem of provisioning the destination certificates? If you send mail to 1000 users, you need to send it 1000 times, and each time use a different public key, the one for the current destination (so that only he/she can decrypt it and read it). Having each individual report final user create a key for himself and send you the associated public key so you can associate the report mail with it is problematic. Some PKI infrastructure products can help, but only inside a (tighly run) organization.
Securing only your web site seems easier to manage, since you'll have all the ends under your control. You still have to handle authentication, but that can be handled at the HTTP level (eg. Digest, or even Basic over HTTPS).
SideNote: (you can edit this in an answer) Not all mobile clients support SMIME. sadly the native android mail client (on Nexus 4, Nexus 5 etc...) does not support S/MIME . also, I personally have issues with the samsung galaxy SMIME support. Best (external and paid for...) solution I have found so far for android is MySecuredMail.