SlideShare a Scribd company logo

Snapmail: Report

A
Amina WADDIZ
1 of 13
Download to read offline
Snapmail The private cloud gateway for email sharing Charlie Huynh chuynh@enseirb-matmeca.fr Mathias Lacaud mlacaud@enseirb-matmeca.fr Thomas Marchal thmarchal@enseirb-matmeca.fr Pierre-Alexis Nardin pinardin@enseirb-matmeca.fr Maxime Peterlin mpeterlin@enseirb-matmeca.fr Mylène Tahar mtahar@enseirb-matmeca.fr Gabriel Vermeulen gavermeulen@enseirb-matmeca.fr Amina Waddiz awaddiz@enseirb-matmeca.fr Abstract. This project deals with the creation of a virtualized SMTP server which allows users to send mails with large attachments. The attachment is separated from the mail, saved on a private cloud, and replaced by a link. With this link, the receiver is able to see the content and download it if he wants. The cloud named Media@Home, was developed largely by other students during S9 projects. Thanks to this platform, the contents can be adapted, allowing the receiver to read them easily on any hardware and watch the videos in streaming. The main purpose of this project is to link Snapmail with Media@Home as a complete add-on, thus both the sender and the receiver can see the attachments in their Media@Home account, share it and modify it according to their permissions. 1 Context Nowadays, with computers and network performances growing fast, it has been necessary to think of new ways for data storing. Some companies are already offering cloud services such as Google Drive, Dropbox or Mega, but the problem is that they are keeping people’s data on their servers and allow themselves every right on it. 1 of 13
1.1 Snapmail, an add-on to a bigger application 1.1.1 Media@Home social network The Snapmail project has been built as an add-on to a bigger application which is Media@Home. Media@Home is a so- cial network allowing people to share media with each other, mainly videos or images. A Media@Home user can search for people to add them to a specific friend-circle such as "relatives", "friends" or "colleagues". What distinguish Me- dia@Home from traditional social networks like Facebook or Youtube is that it provides its users to get their own server at home: the Media@Home box. With this box, everyone can keep an eye on their data, delete them whenever they want and share it only with people they trust. Figure 1: Media@Home, a decentralised social network As shown in Figure 1, Media@Home still needs a central server to store information about the user account, and their bounds of friendship with the others. Each user owns their Media@Home box where their files are stored. Their friends, who belong to the right circle, can view their media directly on the owner’s box. Especially, Media@Home video player provides an adaptive streaming method, to adapt video quality according to the Internet speed. For Snapmail interest, Media@Home has been improved to do the same feature for images. Images are processed in four different sizes to be seen correctly in every hardware (mobile, tablet or computer). 2 of 13
1.1.2 Snapmail interaction with M@H Snapmail has been constructed as a gateway to link emails with Media@Home, to create an automatic upload of attached files to the user’s account, and therefore to their box. There are two different ways to link a mailbox to snapmail: the user can either use a regular mailbox and configure Snapmail manually, or choose to link automatically a Gmail or Microsoft account with OAuth. In the first case, the users must enter by themselves their SMTP parameters, by giving their mail address, password, host address and port of the gateway. In the second case, the users have nothing to do but authorize the app to benefit from Gmail or Yahoo to process their emails. The snapmail gateway is very convenient for the users to whom the service is offered, as they do not have to manage the file upload and sending the link to the recipient. 1.2 Traditional mail attachment to be outmoded 1.2.1 Attachment size and privacy Traditional emails attachments are limited in terms of size. Indeed, most of the email providers requires the attachment to be smaller than approximately 20Mb. This limit prevents users from sending for instance normal-sized videos or photograph albums, which is very restrictive. The Snapmail project is solving this issue by providing an enjoyable compromise between the initial mail attachment and the new cloud storage. When sending an email via snapmail, the attachment size is not restricted at all, it only depends on the user’s box capacity. Moreover, with Snapmail using Media@Home’s boxes, the privacy of the content is preserved: the owner is the only one responsible of it. 3 of 13
1.2.2 Cloud technologies: a must-have Nowadays, cloud solutions are the most considered because they provide a lot of advantages. They are very flexible, as people can access their data anywhere at any time, and allow collaboration between many users. The data are also prevented from being lost, as the files are no longer stored on a device but on a server like Media@Home box. 2 Snapmail: the mail add-on for Media@Home 2.1 The SMTP Server The configuration of the SMTP (Simple Mail Transfer Protocol) gateway uses the Subethasmtp API. The first task of the group was to find an API which was written in Java programming language preferably (as the whole Media@Home project was written in Java in the first place), without security flaw and with recent developments. Unlike other MTA (Mail Transfer Agent) API such as Postfix or Sendmail, Subethasmtp is an easy to understand Java library, without many security flaw, with a low memory consumption and with a vibrant community of developers behind this project. Subethasmtp is used to receive mails from a sender, treat and parse them into body parts in order to create a new mail. If there are attachments enclosed in the mail a process function is called to store the content on Media@Home and replace it by a link in the new mail. In the particular case of inline pictures, they are not replaced with a link due to the meaning they are carrying in the mail. Only then, the gateway will forward the new mail to the receiver’s smtp server which will deliver the mail to recipients. In terms of programming, different abstract Java interfaces had to be implemented in order to create the process functions for the smtp gateway. The connection to the smtp gateway is possible only if the user has an account on the existing Media@Home platform. If he wants to send attachments, they will be automatically uploaded on his content page on Media@Home and will be replaced in the mail by a link that directs receivers to the content on the sender’s box. With such process, senders store their content on their boxes therefore avoiding the manipulation and the storage of it on global internet servers. Thus, the mail server: Snapmail, keeps the notion of privacy that Media@Home 4 of 13
initiate. 2.2 The link between Media@Home and Snapmail Media@Home has a REST API that allows to get, create, modify and delete data such as users, contents and their details. Based on this architecture, new functionalities have been implemented in this API to deal with the needs of Snapmail and for new features for Media@Home itself. Therefor a new way to upload any type of content was added with the possibility to share the content directly in Media@Home. Moreover, everything necessary to set and get the data that Snapmail needs to send emails was developed. Finally, to allow the user to use Google, yahoo or Microsoft mail services to send emails, an automatism was created to link their Media@Home account with those services. Snapmail needs some specific data to be stored in the database of Media@Home. To send an email, it needs to know witch SMTP server to use with a username and a password. However, it only needs a token from a mail service provider if the user has linked his account with the service. This way, no password is stored in the database which means more security for the users. Snapmail needs to be developed as an add-on because Media@Home can be used without it. To do so, the code has been separated between Snapmail and Media@Home: if a feature can exist without Snapmail, then it belongs to Media@Home, if not it belongs to Snapmail. A new way to store any data with a generic key-values implementation has been developed not only for Snapmail but for any future Media@Home add-on. 2.3 Security 2.3.1 SSL/TLS The communication canal between the sender and the SMTP gateway is secured with SSL and TLS communications (SSL and TLS are cryptographic protocols designed to provide communications security over a computer network). This new canal ensures the secrecy and integrity of the content of mails sent. Both clients and the server are exchanging requests to agree on: a cipher algorithm, certificates, secret session key and the version of the standard used (TLSv1, SSLv3...)[1]. 5 of 13
These requests are possible only if the sender had prior specify on his MUA (Mail User Agent) that he needs a StartTLS connection. This will therefore upgrade a plain text connection to an encrypted connection without using a separate port for encrypted communication. On the contrary, if the content of the mail is not important, he can send it without using the StartTLS connection and thus using the simple plain text connection. In this last configuration, the mail will not be encrypted and the integrity cannot be ensured. 2.3.2 Security during API calls With the aim of sending requests and contents between the SMTP server and the Media@Home server, the basic access authentication is used. This method allows to authenticate the user asking for the Media@Home API, if this user wants to post a content or get information. The use is simple: both the username and the user’s password are encoded in base64 and added to the headers of the requests [2]. As these information are not encrypted, the basic access authentication is not secured enough against hackers. However, Snapmail is designed to be on the same server as Media@Home. Thus the requests can’t be seen easily, and this authentication is adequate to prevent average user identity theft. Regarding the request to get the attachments, no authentication is needed because the contents are supposed to be accessible by a user who does not have a Media@Home account. The basic security is provided by the length of the random code which identify the content. 2.3.3 Link with famous mail services Mail account passwords are the most important information to secure, to assure consumer’s confidence. Snapmail needs them to forward the mail to the normal SMTP server, which sends it straight up to the receiver using the common path. One approach is to use the most famous email service APIs to authenticate the email addresses, and send messages in their names without passwords in Snapmail side. These API can be called using the Oauth2 protocol [3]. If the users want to link their Media@Home account with their other email service account, they are redirected to the email service login page. By login and giving consent to Snapmail to forward emails in their name, the login servers 6 of 13
return and authorization code used to get a time limited access token to call the API. Figure 2: Example of the Oauth2 protocol for a Google API call [4] However, the purpose is to link the account during the registration and to keep this link. Instead of using an access token, a special refresh token, given at the same time, is saved. This refresh token allows to request a new access token without starting all over again. To use Snapmail, users can link their Media@Home account to their Gmail or Microsoft account. The link to their yahoo account has not been developed because the Yahoo Mail API is deprecated since the beginning of 2015. 2.3.4 ClamAV : an antivirus scan Before storing the enclosed contents of mails into Media@Home, they will be analyze with an antivirus software in order to ensure that infected files will not be stored on boxes. This antivirus software help us to avoid security flaw. ClamAv, an open-source software able to detect many types of malicious software including viruses, was chosen to analyze the content of mails. In the SMTP gateway ClamAv is used as a daemon and for each attachment and embedded picture, a connection will be created between the server and the ClamAv service. Each content will be analyzed and if a content is infected the file will not be uploaded on Media@Home. Instead, a mail will be sent back to the sender and informed him of the infected content. Hence, in Snapmail, the ClamAv software is used as a server-side email virus scanner. In 7 of 13
the particular case of multiple attachments and if one of those is infected, only the safe attachments will be uploaded on Media@Home and so only the links to not infected files will be in the mail. 2.4 Virtualization with Docker Media@Home and Snapmail, in order to be fully functional, require multiple services and programs to be installed on the machine they are executed on. For instance, ffmpeg is used to process videos and images, ClamAV to run antivirus scans on the attached files sent with Snapmail, etc. It means that every machine, where Media@Home and Snapmail will be running on, needs to have those dependencies installed beforehand. This monotonous task was, in the early stages of development, performed by a bash script. The problem is that it only works with a specific operating system (which is, for this project, Ubuntu 14.04) because, even though all Linux distributions are essentially the same, there are a lot of differences that makes the portability of a script rather difficult such as commands or packages names. Not only the programs installed matter, but also their version. Some features might not be available depending on the versions used, which could end up crashing Media@Home or Snapmail. The idea is to easily provide the client (or even other members of the team) with stable and bug free versions of Me- dia@Home and Snapmail. Hence the need to not only deliver the project, but also the execution environment it was run and tested on, which is why it was decided to use Docker. Docker, which is still in the early stages of development, is an easy-to-use platform for developers and sysadmins to de- velop, ship, and run applications. To export the application and its execution environment, a Docker image has to be created from a Dockerfile. This Docker image, that will contain the application, is based on what is called a base Docker image. Those base images could, for example, contain an Ubuntu operating system and it has only the necessary files to reproduce the same environment as a standalone Ubuntu operating system. The Dockerfile specifies which base Docker image will be used and contains a list of commands that will set up the execution environment wanted. 8 of 13
Figure 3: Example of a Dockerfile Once the Dockerfile has been written, the Docker image is built from it and will be used to run Docker containers. A container uses a Docker image as a template and it is possible to run multiple containers based on a single image. One of the main advantages Docker brings is how lightweight those containers are and how few resources it requires. Running a container takes as much resources as a simple isolated process executed on the host operating system. An- other possible solution would have been to use virtual machine and, in comparison, it requires much more resources, because not only the application and its dependencies are required, but also an entire guest operating system that will run on top of the host operating system. The project uses six containers : • Media@Home - Box: based on a Linux docker image with Java 8 installed and contains the central server application of Media@Home. • Media@Home - Central: based on a Ubuntu docker image with Java 8 installed and contains the box application of Media@Home. 9 of 13
Figure 4: Docker Figure 5: Virtual Machines • Snapmail: based on a Ubuntu docker image with Java 8 installed and contains the Snapmail application. • Worker: based on a Ubuntu docker image with various tools to process videos and images installed. • DB: based on a Linux docker image with a MongoDB database installed. • ClamAV: based on a Linux docker image with Java 8 and the antivirus ClamAV installed. All these containers are automatically linked together and can be easily executed with a tool called docker-compose. Docker really helped throughout the development to set up and test Media@Home and Snapmail. It will most certainly show useful when these applications will be deployed at a larger scale. 3 Organisation and Management 3.1 Methodology To be organised, it was decided to work with an Agile methodology. The Agile method has been proved to be efficient in computer programming projects and it is a work method that encourages collaboration between students. Moreover, the project involved small cycles and a fast integration in order to solve issues which could have occurred following a previous integration. Thus, the Agile method fulfils all requirements for this project. 10 of 13
Figure 6: Main stages in Agile method In order to understand and give the priority to the needs of the users, the Agile methodology involves the clients during the whole development phase of the project. As their needs could change over time, a meeting was set every fortnight. Therefore, this project was planned according to fortnights. In this project, the clients were the supervisors. A user story is a definition of a client requirement containing enough information so it can be integrated to the project. It can be summarised as follows: As a (role), I want (something) so that (benefit). Naturally, the clients were involved in the development of these user stories during the meetings. Then, the tasks were were established from these user stories. There were enough tasks to be assigned for each person. However, two or three persons were allowed to work on the same task according to the individual preferences. The meetings were also the opportunity to show the progress of the project to the clients. They were divided in two steps including the demonstration of the last user story and the client feedback. Demonstrations had to be visual and show explicitly the new features to the client as a non-technical customer. The following discussion was an opportunity to collect client reactions and define the next iteration. 3.2 Tools To manage the source code and task assignments, GitHub and ZenHub services were respectively used. GitHub is a web-based Git repository which offers distributed revision control and source code management. It not 11 of 13
only allows to store and share privately the source code with all team members but also to access several collaboration features such as wikis, task management, and bug tracking. That way, it is possible for all the members of the group to stay informed, as well as the supervisors and to develop the different parts independently. Moreover it was possible to make GitHub fit the agile project management using a web add-on named ZenHub. It runs natively in GitHub interface and permits to manage projects with a simple board. A task lived six steps in the board before being closed (New Issues, Backlog, To Do, In Progress, To Test in pre-production, Done) that correspond to the agile methodology and can be feedbacked by peers at every step. That way, it is easier to keep control on the advancement of a task and to improve features during the process. 3.3 Issues Many technical problems were faced and it was necessary to deal with all of them before every demonstration. The biggest issue was the memory limitations for huge attachments, as SnapMail project was meant to provide a service that enables the user to send important size files, it was a priority to have a method that fixes this problem especially for videos. At first the maximum size was around 200MB, then this limit was successfully set to more than 2GB. Another problem was the integration of the Snapmail project to the private Cloud Media@Home. It was necessary to adapt Snapmail code to Media@Home’s one within each stage of the project. Moreover, while linking the service to some companies using OAuth2, some technical problems occurred. The link between the snapmail user account and Google/Microsoft was based on the adaptation of OAuth2 protocols of each company, which needed to be studied, implemented and tested. Conclusion The project consists in a new service to enhance the private social media Media@Home, a platform where members can share contents, which offers tools to help members to manage their private, social and business files such as private documents, photo and video albums. Nevertheless users needed a new tool to supervise their mailbox and share their contents in full privacy. The new Snapmail add-on provides this new feature. 12 of 13
References [1] https://www.ietf.org/rfc/rfc3207.txt [2] http://tools.ietf.org/html/rfc2617 [3] https://tools.ietf.org/html/rfc6749 [4] https://developers.google.com/identity/protocols/OAuth2 13 of 13

Recommended

Alternative Methods Of Communication To Consumer
Alternative Methods Of Communication To ConsumerAlternative Methods Of Communication To Consumer
Alternative Methods Of Communication To Consumerguestf9788dc7
 
About Web and E-mail
About Web and E-mailAbout Web and E-mail
About Web and E-mailsai prakash
 
How e-mail, chat, ATM, Skype, VOIP, online submission (online forms), online ...
How e-mail, chat, ATM, Skype, VOIP, online submission (online forms), online ...How e-mail, chat, ATM, Skype, VOIP, online submission (online forms), online ...
How e-mail, chat, ATM, Skype, VOIP, online submission (online forms), online ...Amit Maisheri - Senior Analyst at eClerx
 
Electronic mail
Electronic mailElectronic mail
Electronic mailAbid Fakhre Alam
 
Email
EmailEmail
Emailmitzchusa
 
Electronic mail
Electronic mailElectronic mail
Electronic mailDiwaker Pant
 
Mail services
Mail servicesMail services
Mail servicesZia Sarwar
 
How e mail works
How e mail worksHow e mail works
How e mail worksMuhammad Taqi
 

Recommended

Alternative Methods Of Communication To Consumer
Alternative Methods Of Communication To ConsumerAlternative Methods Of Communication To Consumer
Alternative Methods Of Communication To Consumerguestf9788dc7
 
About Web and E-mail
About Web and E-mailAbout Web and E-mail
About Web and E-mailsai prakash
 
How e-mail, chat, ATM, Skype, VOIP, online submission (online forms), online ...
How e-mail, chat, ATM, Skype, VOIP, online submission (online forms), online ...How e-mail, chat, ATM, Skype, VOIP, online submission (online forms), online ...
How e-mail, chat, ATM, Skype, VOIP, online submission (online forms), online ...Amit Maisheri - Senior Analyst at eClerx
 
Electronic mail
Electronic mailElectronic mail
Electronic mailAbid Fakhre Alam
 
Email
EmailEmail
Emailmitzchusa
 
Electronic mail
Electronic mailElectronic mail
Electronic mailDiwaker Pant
 
Mail services
Mail servicesMail services
Mail servicesZia Sarwar
 
How e mail works
How e mail worksHow e mail works
How e mail worksMuhammad Taqi
 
How email works
How email worksHow email works
How email worksAmandeep Kaur
 
Electronic mail
Electronic mailElectronic mail
Electronic mailBhojak Rajendra(rahul)
 
Chapter2 Application
Chapter2 ApplicationChapter2 Application
Chapter2 ApplicationDiego Corrales
 
Electronic Mail
Electronic MailElectronic Mail
Electronic MailOwaîs Járå
 
Lecture 9 electronic_mail_representation_and_transfer
Lecture 9 electronic_mail_representation_and_transferLecture 9 electronic_mail_representation_and_transfer
Lecture 9 electronic_mail_representation_and_transferSerious_SamSoul
 
Electronic mail
Electronic mailElectronic mail
Electronic mailJyothishmathi Institute of Technology and Science Karimnagar
 
How Email Works
How Email WorksHow Email Works
How Email WorksSahil Babbar
 
Email Security, The Essence of Secure E-mail
Email Security, The Essence of Secure E-mailEmail Security, The Essence of Secure E-mail
Email Security, The Essence of Secure E-mailRalph van der Pauw
 
Pop (post office protocol)e mail (electronic mail)
Pop (post office protocol)e mail (electronic mail)Pop (post office protocol)e mail (electronic mail)
Pop (post office protocol)e mail (electronic mail)MDSHABBIR12
 
how email works
how email workshow email works
how email worksharikaveeravalli
 
Internet mail server
Internet mail server Internet mail server
Internet mail server Akasha Kumar Das
 
Mail Server Project Report
Mail Server Project ReportMail Server Project Report
Mail Server Project ReportKavita Sharma
 
Overview of TCP IP
Overview of TCP IPOverview of TCP IP
Overview of TCP IPuniversity of education,Lahore
 
Mail server_Synopsis
Mail server_SynopsisMail server_Synopsis
Mail server_SynopsisManmeet Sinha
 
Simple Mail Transfer Protocol
Simple Mail Transfer ProtocolSimple Mail Transfer Protocol
Simple Mail Transfer ProtocolVinod Gurram
 
E -MAIL AND INTERNET
E -MAIL AND INTERNETE -MAIL AND INTERNET
E -MAIL AND INTERNETProf Ansari
 
Smtp
SmtpSmtp
SmtpRomarsAcharya
 
Sherbimet e mail serverit
Sherbimet e mail serveritSherbimet e mail serverit
Sherbimet e mail serveritXhendris Ismaili
 
Web Programming: Basics of Internet and Introduction to HTML5 and CSS
Web Programming: Basics of Internet and Introduction to HTML5 and CSSWeb Programming: Basics of Internet and Introduction to HTML5 and CSS
Web Programming: Basics of Internet and Introduction to HTML5 and CSSKajal Singh
 
Email Client Server System
Email Client Server SystemEmail Client Server System
Email Client Server Systemzareena Zareena34
 
application layer
application layerapplication layer
application layerBishalWosti1
 
Email
EmailEmail
EmailPrabesh Shrestha
 

More Related Content

What's hot

Lecture 9 electronic_mail_representation_and_transfer
Lecture 9 electronic_mail_representation_and_transferLecture 9 electronic_mail_representation_and_transfer
Lecture 9 electronic_mail_representation_and_transferSerious_SamSoul
 
Email Security, The Essence of Secure E-mail
Email Security, The Essence of Secure E-mailEmail Security, The Essence of Secure E-mail
Email Security, The Essence of Secure E-mailRalph van der Pauw
 
Pop (post office protocol)e mail (electronic mail)
Pop (post office protocol)e mail (electronic mail)Pop (post office protocol)e mail (electronic mail)
Pop (post office protocol)e mail (electronic mail)MDSHABBIR12
 
Mail Server Project Report
Mail Server Project ReportMail Server Project Report
Mail Server Project ReportKavita Sharma
 
Mail server_Synopsis
Mail server_SynopsisMail server_Synopsis
Mail server_SynopsisManmeet Sinha
 
Simple Mail Transfer Protocol
Simple Mail Transfer ProtocolSimple Mail Transfer Protocol
Simple Mail Transfer ProtocolVinod Gurram
 
E -MAIL AND INTERNET
E -MAIL AND INTERNETE -MAIL AND INTERNET
E -MAIL AND INTERNETProf Ansari
 
Web Programming: Basics of Internet and Introduction to HTML5 and CSS
Web Programming: Basics of Internet and Introduction to HTML5 and CSSWeb Programming: Basics of Internet and Introduction to HTML5 and CSS
Web Programming: Basics of Internet and Introduction to HTML5 and CSSKajal Singh
 

What's hot (20)

How email works
How email worksHow email works
How email works
 
Electronic mail
Electronic mailElectronic mail
Electronic mail
 
Chapter2 Application
Chapter2 ApplicationChapter2 Application
Chapter2 Application
 
Electronic Mail
Electronic MailElectronic Mail
Electronic Mail
 
Lecture 9 electronic_mail_representation_and_transfer
Lecture 9 electronic_mail_representation_and_transferLecture 9 electronic_mail_representation_and_transfer
Lecture 9 electronic_mail_representation_and_transfer
 
Electronic mail
Electronic mailElectronic mail
Electronic mail
 
How Email Works
How Email WorksHow Email Works
How Email Works
 
Email Security, The Essence of Secure E-mail
Email Security, The Essence of Secure E-mailEmail Security, The Essence of Secure E-mail
Email Security, The Essence of Secure E-mail
 
Pop (post office protocol)e mail (electronic mail)
Pop (post office protocol)e mail (electronic mail)Pop (post office protocol)e mail (electronic mail)
Pop (post office protocol)e mail (electronic mail)
 
how email works
how email workshow email works
how email works
 
Internet mail server
Internet mail server Internet mail server
Internet mail server
 
Mail Server Project Report
Mail Server Project ReportMail Server Project Report
Mail Server Project Report
 
Overview of TCP IP
Overview of TCP IPOverview of TCP IP
Overview of TCP IP
 
Mail server_Synopsis
Mail server_SynopsisMail server_Synopsis
Mail server_Synopsis
 
Simple Mail Transfer Protocol
Simple Mail Transfer ProtocolSimple Mail Transfer Protocol
Simple Mail Transfer Protocol
 
E -MAIL AND INTERNET
E -MAIL AND INTERNETE -MAIL AND INTERNET
E -MAIL AND INTERNET
 
Smtp
SmtpSmtp
Smtp
 
Sherbimet e mail serverit
Sherbimet e mail serveritSherbimet e mail serverit
Sherbimet e mail serverit
 
Web Programming: Basics of Internet and Introduction to HTML5 and CSS
Web Programming: Basics of Internet and Introduction to HTML5 and CSSWeb Programming: Basics of Internet and Introduction to HTML5 and CSS
Web Programming: Basics of Internet and Introduction to HTML5 and CSS
 
Email Client Server System
Email Client Server SystemEmail Client Server System
Email Client Server System
 

Similar to Snapmail: Report

Web3 Messaging Infrastructure Is Building on Upcomings DAO.docx
Web3 Messaging Infrastructure Is Building on Upcomings DAO.docxWeb3 Messaging Infrastructure Is Building on Upcomings DAO.docx
Web3 Messaging Infrastructure Is Building on Upcomings DAO.docxUpcomings
 
Mail tracker mini
Mail tracker miniMail tracker mini
Mail tracker minipendyam
 
3150710_CN_GTU_Study_Material_Presentations_Unit-2_13082021073829PM.pdf
3150710_CN_GTU_Study_Material_Presentations_Unit-2_13082021073829PM.pdf3150710_CN_GTU_Study_Material_Presentations_Unit-2_13082021073829PM.pdf
3150710_CN_GTU_Study_Material_Presentations_Unit-2_13082021073829PM.pdfKrishnaShah908060
 
Zemanta: A Content Recommendation Engine
Zemanta: A Content Recommendation EngineZemanta: A Content Recommendation Engine
Zemanta: A Content Recommendation EngineClaudiu Mihăilă
 
Final year project report on Internet And Interanet Emailing server
Final year project report on Internet And Interanet Emailing serverFinal year project report on Internet And Interanet Emailing server
Final year project report on Internet And Interanet Emailing serversachin993
 
Winds of change from vendor lock in to the meta cloud
Winds of change from vendor lock in to the meta cloudWinds of change from vendor lock in to the meta cloud
Winds of change from vendor lock in to the meta cloudIEEEFINALYEARPROJECTS
 
Clientserver Presentation
Clientserver PresentationClientserver Presentation
Clientserver PresentationTuhin_Das
 
Application layer protocol - Electronic Mail
Application layer protocol - Electronic MailApplication layer protocol - Electronic Mail
Application layer protocol - Electronic MailAmishaSahu3
 
Internet 8th level imen tek bouaziz 2016
Internet 8th level imen tek bouaziz 2016Internet 8th level imen tek bouaziz 2016
Internet 8th level imen tek bouaziz 2016imen Tekaya Bouaziz
 
Intranet mailing system
Intranet mailing systemIntranet mailing system
Intranet mailing systemsaili mane
 
Hhs en09 email_security
Hhs en09 email_securityHhs en09 email_security
Hhs en09 email_securityShoaib Sheikh
 
Encrypting E-mail Messages
Encrypting E-mail MessagesEncrypting E-mail Messages
Encrypting E-mail MessagesD's Surti
 
SMTP - SIMPLE MAIL TRANSFER PROTOCOL
SMTP - SIMPLE MAIL TRANSFER PROTOCOLSMTP - SIMPLE MAIL TRANSFER PROTOCOL
SMTP - SIMPLE MAIL TRANSFER PROTOCOLVidhu Arora
 

Similar to Snapmail: Report (20)

application layer
application layerapplication layer
application layer
 
Email
EmailEmail
Email
 
Web3 Messaging Infrastructure Is Building on Upcomings DAO.docx
Web3 Messaging Infrastructure Is Building on Upcomings DAO.docxWeb3 Messaging Infrastructure Is Building on Upcomings DAO.docx
Web3 Messaging Infrastructure Is Building on Upcomings DAO.docx
 
Mail tracker mini
Mail tracker miniMail tracker mini
Mail tracker mini
 
CS6551 COMPUTER NETWORKS
CS6551 COMPUTER NETWORKSCS6551 COMPUTER NETWORKS
CS6551 COMPUTER NETWORKS
 
3150710_CN_GTU_Study_Material_Presentations_Unit-2_13082021073829PM.pdf
3150710_CN_GTU_Study_Material_Presentations_Unit-2_13082021073829PM.pdf3150710_CN_GTU_Study_Material_Presentations_Unit-2_13082021073829PM.pdf
3150710_CN_GTU_Study_Material_Presentations_Unit-2_13082021073829PM.pdf
 
Zemanta: A Content Recommendation Engine
Zemanta: A Content Recommendation EngineZemanta: A Content Recommendation Engine
Zemanta: A Content Recommendation Engine
 
Final year project report on Internet And Interanet Emailing server
Final year project report on Internet And Interanet Emailing serverFinal year project report on Internet And Interanet Emailing server
Final year project report on Internet And Interanet Emailing server
 
Iota data marketplace
Iota data marketplaceIota data marketplace
Iota data marketplace
 
Winds of change from vendor lock in to the meta cloud
Winds of change from vendor lock in to the meta cloudWinds of change from vendor lock in to the meta cloud
Winds of change from vendor lock in to the meta cloud
 
Nt1330 Unit 7
Nt1330 Unit 7Nt1330 Unit 7
Nt1330 Unit 7
 
Clientserver Presentation
Clientserver PresentationClientserver Presentation
Clientserver Presentation
 
Application layer protocol - Electronic Mail
Application layer protocol - Electronic MailApplication layer protocol - Electronic Mail
Application layer protocol - Electronic Mail
 
Internet 8th level imen tek bouaziz 2016
Internet 8th level imen tek bouaziz 2016Internet 8th level imen tek bouaziz 2016
Internet 8th level imen tek bouaziz 2016
 
Intranet mailing system
Intranet mailing systemIntranet mailing system
Intranet mailing system
 
Hhs en09 email_security
Hhs en09 email_securityHhs en09 email_security
Hhs en09 email_security
 
Aisha Email System
Aisha Email SystemAisha Email System
Aisha Email System
 
Protocols and its standards
Protocols and its standardsProtocols and its standards
Protocols and its standards
 
Encrypting E-mail Messages
Encrypting E-mail MessagesEncrypting E-mail Messages
Encrypting E-mail Messages
 
SMTP - SIMPLE MAIL TRANSFER PROTOCOL
SMTP - SIMPLE MAIL TRANSFER PROTOCOLSMTP - SIMPLE MAIL TRANSFER PROTOCOL
SMTP - SIMPLE MAIL TRANSFER PROTOCOL
 

Snapmail: Report

  • 1. Snapmail The private cloud gateway for email sharing Charlie Huynh chuynh@enseirb-matmeca.fr Mathias Lacaud mlacaud@enseirb-matmeca.fr Thomas Marchal thmarchal@enseirb-matmeca.fr Pierre-Alexis Nardin pinardin@enseirb-matmeca.fr Maxime Peterlin mpeterlin@enseirb-matmeca.fr Mylène Tahar mtahar@enseirb-matmeca.fr Gabriel Vermeulen gavermeulen@enseirb-matmeca.fr Amina Waddiz awaddiz@enseirb-matmeca.fr Abstract. This project deals with the creation of a virtualized SMTP server which allows users to send mails with large attachments. The attachment is separated from the mail, saved on a private cloud, and replaced by a link. With this link, the receiver is able to see the content and download it if he wants. The cloud named Media@Home, was developed largely by other students during S9 projects. Thanks to this platform, the contents can be adapted, allowing the receiver to read them easily on any hardware and watch the videos in streaming. The main purpose of this project is to link Snapmail with Media@Home as a complete add-on, thus both the sender and the receiver can see the attachments in their Media@Home account, share it and modify it according to their permissions. 1 Context Nowadays, with computers and network performances growing fast, it has been necessary to think of new ways for data storing. Some companies are already offering cloud services such as Google Drive, Dropbox or Mega, but the problem is that they are keeping people’s data on their servers and allow themselves every right on it. 1 of 13
  • 2. 1.1 Snapmail, an add-on to a bigger application 1.1.1 Media@Home social network The Snapmail project has been built as an add-on to a bigger application which is Media@Home. Media@Home is a so- cial network allowing people to share media with each other, mainly videos or images. A Media@Home user can search for people to add them to a specific friend-circle such as "relatives", "friends" or "colleagues". What distinguish Me- dia@Home from traditional social networks like Facebook or Youtube is that it provides its users to get their own server at home: the Media@Home box. With this box, everyone can keep an eye on their data, delete them whenever they want and share it only with people they trust. Figure 1: Media@Home, a decentralised social network As shown in Figure 1, Media@Home still needs a central server to store information about the user account, and their bounds of friendship with the others. Each user owns their Media@Home box where their files are stored. Their friends, who belong to the right circle, can view their media directly on the owner’s box. Especially, Media@Home video player provides an adaptive streaming method, to adapt video quality according to the Internet speed. For Snapmail interest, Media@Home has been improved to do the same feature for images. Images are processed in four different sizes to be seen correctly in every hardware (mobile, tablet or computer). 2 of 13
  • 3. 1.1.2 Snapmail interaction with M@H Snapmail has been constructed as a gateway to link emails with Media@Home, to create an automatic upload of attached files to the user’s account, and therefore to their box. There are two different ways to link a mailbox to snapmail: the user can either use a regular mailbox and configure Snapmail manually, or choose to link automatically a Gmail or Microsoft account with OAuth. In the first case, the users must enter by themselves their SMTP parameters, by giving their mail address, password, host address and port of the gateway. In the second case, the users have nothing to do but authorize the app to benefit from Gmail or Yahoo to process their emails. The snapmail gateway is very convenient for the users to whom the service is offered, as they do not have to manage the file upload and sending the link to the recipient. 1.2 Traditional mail attachment to be outmoded 1.2.1 Attachment size and privacy Traditional emails attachments are limited in terms of size. Indeed, most of the email providers requires the attachment to be smaller than approximately 20Mb. This limit prevents users from sending for instance normal-sized videos or photograph albums, which is very restrictive. The Snapmail project is solving this issue by providing an enjoyable compromise between the initial mail attachment and the new cloud storage. When sending an email via snapmail, the attachment size is not restricted at all, it only depends on the user’s box capacity. Moreover, with Snapmail using Media@Home’s boxes, the privacy of the content is preserved: the owner is the only one responsible of it. 3 of 13
  • 4. 1.2.2 Cloud technologies: a must-have Nowadays, cloud solutions are the most considered because they provide a lot of advantages. They are very flexible, as people can access their data anywhere at any time, and allow collaboration between many users. The data are also prevented from being lost, as the files are no longer stored on a device but on a server like Media@Home box. 2 Snapmail: the mail add-on for Media@Home 2.1 The SMTP Server The configuration of the SMTP (Simple Mail Transfer Protocol) gateway uses the Subethasmtp API. The first task of the group was to find an API which was written in Java programming language preferably (as the whole Media@Home project was written in Java in the first place), without security flaw and with recent developments. Unlike other MTA (Mail Transfer Agent) API such as Postfix or Sendmail, Subethasmtp is an easy to understand Java library, without many security flaw, with a low memory consumption and with a vibrant community of developers behind this project. Subethasmtp is used to receive mails from a sender, treat and parse them into body parts in order to create a new mail. If there are attachments enclosed in the mail a process function is called to store the content on Media@Home and replace it by a link in the new mail. In the particular case of inline pictures, they are not replaced with a link due to the meaning they are carrying in the mail. Only then, the gateway will forward the new mail to the receiver’s smtp server which will deliver the mail to recipients. In terms of programming, different abstract Java interfaces had to be implemented in order to create the process functions for the smtp gateway. The connection to the smtp gateway is possible only if the user has an account on the existing Media@Home platform. If he wants to send attachments, they will be automatically uploaded on his content page on Media@Home and will be replaced in the mail by a link that directs receivers to the content on the sender’s box. With such process, senders store their content on their boxes therefore avoiding the manipulation and the storage of it on global internet servers. Thus, the mail server: Snapmail, keeps the notion of privacy that Media@Home 4 of 13
  • 5. initiate. 2.2 The link between Media@Home and Snapmail Media@Home has a REST API that allows to get, create, modify and delete data such as users, contents and their details. Based on this architecture, new functionalities have been implemented in this API to deal with the needs of Snapmail and for new features for Media@Home itself. Therefor a new way to upload any type of content was added with the possibility to share the content directly in Media@Home. Moreover, everything necessary to set and get the data that Snapmail needs to send emails was developed. Finally, to allow the user to use Google, yahoo or Microsoft mail services to send emails, an automatism was created to link their Media@Home account with those services. Snapmail needs some specific data to be stored in the database of Media@Home. To send an email, it needs to know witch SMTP server to use with a username and a password. However, it only needs a token from a mail service provider if the user has linked his account with the service. This way, no password is stored in the database which means more security for the users. Snapmail needs to be developed as an add-on because Media@Home can be used without it. To do so, the code has been separated between Snapmail and Media@Home: if a feature can exist without Snapmail, then it belongs to Media@Home, if not it belongs to Snapmail. A new way to store any data with a generic key-values implementation has been developed not only for Snapmail but for any future Media@Home add-on. 2.3 Security 2.3.1 SSL/TLS The communication canal between the sender and the SMTP gateway is secured with SSL and TLS communications (SSL and TLS are cryptographic protocols designed to provide communications security over a computer network). This new canal ensures the secrecy and integrity of the content of mails sent. Both clients and the server are exchanging requests to agree on: a cipher algorithm, certificates, secret session key and the version of the standard used (TLSv1, SSLv3...)[1]. 5 of 13
  • 6. These requests are possible only if the sender had prior specify on his MUA (Mail User Agent) that he needs a StartTLS connection. This will therefore upgrade a plain text connection to an encrypted connection without using a separate port for encrypted communication. On the contrary, if the content of the mail is not important, he can send it without using the StartTLS connection and thus using the simple plain text connection. In this last configuration, the mail will not be encrypted and the integrity cannot be ensured. 2.3.2 Security during API calls With the aim of sending requests and contents between the SMTP server and the Media@Home server, the basic access authentication is used. This method allows to authenticate the user asking for the Media@Home API, if this user wants to post a content or get information. The use is simple: both the username and the user’s password are encoded in base64 and added to the headers of the requests [2]. As these information are not encrypted, the basic access authentication is not secured enough against hackers. However, Snapmail is designed to be on the same server as Media@Home. Thus the requests can’t be seen easily, and this authentication is adequate to prevent average user identity theft. Regarding the request to get the attachments, no authentication is needed because the contents are supposed to be accessible by a user who does not have a Media@Home account. The basic security is provided by the length of the random code which identify the content. 2.3.3 Link with famous mail services Mail account passwords are the most important information to secure, to assure consumer’s confidence. Snapmail needs them to forward the mail to the normal SMTP server, which sends it straight up to the receiver using the common path. One approach is to use the most famous email service APIs to authenticate the email addresses, and send messages in their names without passwords in Snapmail side. These API can be called using the Oauth2 protocol [3]. If the users want to link their Media@Home account with their other email service account, they are redirected to the email service login page. By login and giving consent to Snapmail to forward emails in their name, the login servers 6 of 13
  • 7. return and authorization code used to get a time limited access token to call the API. Figure 2: Example of the Oauth2 protocol for a Google API call [4] However, the purpose is to link the account during the registration and to keep this link. Instead of using an access token, a special refresh token, given at the same time, is saved. This refresh token allows to request a new access token without starting all over again. To use Snapmail, users can link their Media@Home account to their Gmail or Microsoft account. The link to their yahoo account has not been developed because the Yahoo Mail API is deprecated since the beginning of 2015. 2.3.4 ClamAV : an antivirus scan Before storing the enclosed contents of mails into Media@Home, they will be analyze with an antivirus software in order to ensure that infected files will not be stored on boxes. This antivirus software help us to avoid security flaw. ClamAv, an open-source software able to detect many types of malicious software including viruses, was chosen to analyze the content of mails. In the SMTP gateway ClamAv is used as a daemon and for each attachment and embedded picture, a connection will be created between the server and the ClamAv service. Each content will be analyzed and if a content is infected the file will not be uploaded on Media@Home. Instead, a mail will be sent back to the sender and informed him of the infected content. Hence, in Snapmail, the ClamAv software is used as a server-side email virus scanner. In 7 of 13
  • 8. the particular case of multiple attachments and if one of those is infected, only the safe attachments will be uploaded on Media@Home and so only the links to not infected files will be in the mail. 2.4 Virtualization with Docker Media@Home and Snapmail, in order to be fully functional, require multiple services and programs to be installed on the machine they are executed on. For instance, ffmpeg is used to process videos and images, ClamAV to run antivirus scans on the attached files sent with Snapmail, etc. It means that every machine, where Media@Home and Snapmail will be running on, needs to have those dependencies installed beforehand. This monotonous task was, in the early stages of development, performed by a bash script. The problem is that it only works with a specific operating system (which is, for this project, Ubuntu 14.04) because, even though all Linux distributions are essentially the same, there are a lot of differences that makes the portability of a script rather difficult such as commands or packages names. Not only the programs installed matter, but also their version. Some features might not be available depending on the versions used, which could end up crashing Media@Home or Snapmail. The idea is to easily provide the client (or even other members of the team) with stable and bug free versions of Me- dia@Home and Snapmail. Hence the need to not only deliver the project, but also the execution environment it was run and tested on, which is why it was decided to use Docker. Docker, which is still in the early stages of development, is an easy-to-use platform for developers and sysadmins to de- velop, ship, and run applications. To export the application and its execution environment, a Docker image has to be created from a Dockerfile. This Docker image, that will contain the application, is based on what is called a base Docker image. Those base images could, for example, contain an Ubuntu operating system and it has only the necessary files to reproduce the same environment as a standalone Ubuntu operating system. The Dockerfile specifies which base Docker image will be used and contains a list of commands that will set up the execution environment wanted. 8 of 13
  • 9. Figure 3: Example of a Dockerfile Once the Dockerfile has been written, the Docker image is built from it and will be used to run Docker containers. A container uses a Docker image as a template and it is possible to run multiple containers based on a single image. One of the main advantages Docker brings is how lightweight those containers are and how few resources it requires. Running a container takes as much resources as a simple isolated process executed on the host operating system. An- other possible solution would have been to use virtual machine and, in comparison, it requires much more resources, because not only the application and its dependencies are required, but also an entire guest operating system that will run on top of the host operating system. The project uses six containers : • Media@Home - Box: based on a Linux docker image with Java 8 installed and contains the central server application of Media@Home. • Media@Home - Central: based on a Ubuntu docker image with Java 8 installed and contains the box application of Media@Home. 9 of 13
  • 10. Figure 4: Docker Figure 5: Virtual Machines • Snapmail: based on a Ubuntu docker image with Java 8 installed and contains the Snapmail application. • Worker: based on a Ubuntu docker image with various tools to process videos and images installed. • DB: based on a Linux docker image with a MongoDB database installed. • ClamAV: based on a Linux docker image with Java 8 and the antivirus ClamAV installed. All these containers are automatically linked together and can be easily executed with a tool called docker-compose. Docker really helped throughout the development to set up and test Media@Home and Snapmail. It will most certainly show useful when these applications will be deployed at a larger scale. 3 Organisation and Management 3.1 Methodology To be organised, it was decided to work with an Agile methodology. The Agile method has been proved to be efficient in computer programming projects and it is a work method that encourages collaboration between students. Moreover, the project involved small cycles and a fast integration in order to solve issues which could have occurred following a previous integration. Thus, the Agile method fulfils all requirements for this project. 10 of 13
  • 11. Figure 6: Main stages in Agile method In order to understand and give the priority to the needs of the users, the Agile methodology involves the clients during the whole development phase of the project. As their needs could change over time, a meeting was set every fortnight. Therefore, this project was planned according to fortnights. In this project, the clients were the supervisors. A user story is a definition of a client requirement containing enough information so it can be integrated to the project. It can be summarised as follows: As a (role), I want (something) so that (benefit). Naturally, the clients were involved in the development of these user stories during the meetings. Then, the tasks were were established from these user stories. There were enough tasks to be assigned for each person. However, two or three persons were allowed to work on the same task according to the individual preferences. The meetings were also the opportunity to show the progress of the project to the clients. They were divided in two steps including the demonstration of the last user story and the client feedback. Demonstrations had to be visual and show explicitly the new features to the client as a non-technical customer. The following discussion was an opportunity to collect client reactions and define the next iteration. 3.2 Tools To manage the source code and task assignments, GitHub and ZenHub services were respectively used. GitHub is a web-based Git repository which offers distributed revision control and source code management. It not 11 of 13
  • 12. only allows to store and share privately the source code with all team members but also to access several collaboration features such as wikis, task management, and bug tracking. That way, it is possible for all the members of the group to stay informed, as well as the supervisors and to develop the different parts independently. Moreover it was possible to make GitHub fit the agile project management using a web add-on named ZenHub. It runs natively in GitHub interface and permits to manage projects with a simple board. A task lived six steps in the board before being closed (New Issues, Backlog, To Do, In Progress, To Test in pre-production, Done) that correspond to the agile methodology and can be feedbacked by peers at every step. That way, it is easier to keep control on the advancement of a task and to improve features during the process. 3.3 Issues Many technical problems were faced and it was necessary to deal with all of them before every demonstration. The biggest issue was the memory limitations for huge attachments, as SnapMail project was meant to provide a service that enables the user to send important size files, it was a priority to have a method that fixes this problem especially for videos. At first the maximum size was around 200MB, then this limit was successfully set to more than 2GB. Another problem was the integration of the Snapmail project to the private Cloud Media@Home. It was necessary to adapt Snapmail code to Media@Home’s one within each stage of the project. Moreover, while linking the service to some companies using OAuth2, some technical problems occurred. The link between the snapmail user account and Google/Microsoft was based on the adaptation of OAuth2 protocols of each company, which needed to be studied, implemented and tested. Conclusion The project consists in a new service to enhance the private social media Media@Home, a platform where members can share contents, which offers tools to help members to manage their private, social and business files such as private documents, photo and video albums. Nevertheless users needed a new tool to supervise their mailbox and share their contents in full privacy. The new Snapmail add-on provides this new feature. 12 of 13
  • 13. References [1] https://www.ietf.org/rfc/rfc3207.txt [2] http://tools.ietf.org/html/rfc2617 [3] https://tools.ietf.org/html/rfc6749 [4] https://developers.google.com/identity/protocols/OAuth2 13 of 13