Slide 1
Slide 1 text
Email in Rails, and/or
Introduction to the
"Dark Depths of Email"
Ryo Kajiwara(sylph01) @ Fukuoka.rb
#149/150
Slide 2
Slide 2 text
୭ʁ
sylph01 / ֿݪ ཾ
Twitter: @s01
҉߸ͱ͔Ͱ͖·͢
Elixirͱ͔Ͱ͖·͢
Ruby·ΔͰΘ͔ΒΜ
Slide 3
Slide 3 text
No content
Slide 4
Slide 4 text
W3CͷձٞͰདྷ·ͨ͠
͍Ζ͍Ζweb-relatedͳεςοΧʔͱ
͔͋ΔͷͰ͋ͱͰ͔͚͍ͯͩ͘͞
Slide 5
Slide 5 text
No content
Slide 6
Slide 6 text
No content
Slide 7
Slide 7 text
No content
Slide 8
Slide 8 text
RailsͰϝʔϧͷͯ͢
Λѻ͑ΔΑ͏ʹͳͬ
ͨʂ
Slide 9
Slide 9 text
MTAʮͷʯೖΓޱΛ
උ͍͑ͯΔɺͱ͋Δ͚
ͲɺͲͪΒ͔ͱ͍͏ͱ
MTAʮ͔ΒͷʯೖΓޱ
Slide 10
Slide 10 text
͜ΕԿΛ͢Δͷͧ
• ड৴ϝʔϧΛActiveRecordΦϒδΣΫτʹม
• ActiveStorageͰϥΠϑαΠΫϧཧɺҰఆظؒܦͬͨΒࣗಈম
٫ʢআʣ
• ϝʔϧΛड͚ͨͱ͖ͷॲཧΛॻ͚Δ
Slide 11
Slide 11 text
ݸਓͰϝʔϧΔͷ͓͢͢
Ί͠·ͤΜ
• IMAPΔͱετϨʔδࠈʹؕΓ·͢
• ໎ϝʔϧରࡦ͠ΜͲ͍
• ઃఆϛεΔͱϝʔϧ͕૬खʹಧ͖·ͤΜ
• ͱ͍͏͔SMTPΛΊΖ
Slide 12
Slide 12 text
ͳͷͰGuidesʹॻ͍ͯ͋ΔΑ
͏ʹWebαʔϏεΛ͓͏
• Mailgun
• Mandrill
• Postmark
• SendGrid
• ·ͨAmazon SESʢଞʹൺΔͱࣗͰMTAཧ͢Δͷʹۙ͘
͋Δʣ
Slide 13
Slide 13 text
ͦΕͰΓͨ͘ͳͬ
ͨͱ͖ͷΛ͠·͢
Slide 14
Slide 14 text
: ͔͜͜ΒNot Ruby
Rubyͷݴ༿ͰؤுΓ͔͚ͨͬͨͲؒ
ʹ߹Θͳ͔ͬͨΑ…
Slide 15
Slide 15 text
SMTP
Ͳ͕͜SimpleͶΜMail Transfer Protocolɻ
RFC 821 → ݱࡏͷ࠷৽ RFC 5321
ʮϝʔϧΛόέπϦϨʔͷΑ͏ʹసૹ͢ΔʯͷͰʮSMTP
relayingʯͱ͔ʮϦϨʔαʔόʔʯͱ͔͍͏͚ΕͲݱతʹ͜ͷ
Πϝʔδ࣋ͬͯͳͯ͘Α͍Ͱ͢ɻ૬खઌυϝΠϯ໊ͷMXϨίʔ
υΛݟͯͦ͜ʹୟ͖͚ͭ·͢ɻ
Slide 16
Slide 16 text
No content
Slide 17
Slide 17 text
SMTPʹೝূ͕ͳ͍
SMTPϦϨʔػߏΛ࡞ΔͨΊͷϓϩτίϧͳͷͰɺͲ͔͜Βϝʔ
ϧ͕དྷ͔ͨΛ͍͍ͪͪೝূ͢Δඞཁ͕ͳ͍ɻཧ۶Θ͔Δͷ͚ͩ
Ͳ໎ϝʔϧ͕ͼ͜Δ࠷େͷݪҼͷҰ͕ͭ͜Εɻ
POP before SMTPɺSMTP-AUTHͳͲͷ֦ுͰೝূΛ͢Δɻ
Slide 18
Slide 18 text
SPF, DKIM
͜ͷϝʔϧͪΌΜͱ͜ͷυϝΠϯΛॴ༗͍ͯ͠Δਓʢͷαʔ
όʔʣ͔Βདྷͯ·͢Αɺͱ͍͏͜ͱΛ͍ࣔͨ͠ɻ
ͲͪΒDNSͷTXTϨίʔυʹهड़Λߦ͏ɻ
• SPF: ڐՄ͢ΔIPΞυϨεΛࢦఆɻ
• DKIM: ެ։伴ΛTXTϨίʔυʹઃఆɻαʔόʔൿີ伴Λར༻͠
ͯϝοηʔδʹॺ໊͢Δɻ
Slide 19
Slide 19 text
SPF
TXTϨίʔυʹIPΞυϨεɺ͘͠MXϨίʔυͷυϝΠϯ໊Λࢦ
ఆ͢Δ͚ͩɻ
ྫ: example.net. IN TXT "v=spf1 ip4:192.0.2.1 -all"
Slide 20
Slide 20 text
DKIM
• opendkimΛΠϯετʔϧͯ͠ઃఆ͢Δ
• Δ͜ͱଟ͍ͷͰৄࡉDigitalOceanͷνϡʔτϦΞϧࢀর -
https:/
/www.digitalocean.com/community/tutorials/how-to-
install-and-configure-dkim-with-postfix-on-debian-wheezy
• ެ։伴ɾൿີ伴ϖΞͷੜͱTXTϨίʔυͷੜΛͬͯ͘
ΕΔ
Slide 21
Slide 21 text
No content
Slide 22
Slide 22 text
DMARC
• ϔομʹࣔ͞ΕΔૹ৴ऀͷυϝΠϯ(Header-From)ͱMAIL FROM
ίϚϯυͰ͞ΕΔૹ৴ऀͷυϝΠϯ(Envelope-From)ͷҰகΛ
औΔ
• Header-FromͷυϝΠϯ໊ͱDKIMͷ"d="Ͱ༩͑ΒΕΔυϝΠϯ
໊ͷҰகΛऔΔ
ͱ͍͏ՃͷೝূΛ͢Δɻࣦഊͨ͠߹ʹυϝΠϯΦʔφʔʹ
ͷ͋ΔϝʔϧΛใࠂͰ͖ΔΈ͋Δɻ
Slide 23
Slide 23 text
SPF, DKIM, DMARCͷઃ
ఆϛε͔ͳΓଟ͍
αʔϏεͬͯͯDNSઃఆΕΔͱ
໎ϝʔϧѻ͍͞Ε·͢
Slide 24
Slide 24 text
ड৴͢Δଆͱͯ͠
ʮ໎ϝʔϧड৴
ϘοΫεʹೖͬͨ࣌
Ͱෛ͚ʯ
MTAͰݕূͪΌΜͱ͠Α͏
Slide 25
Slide 25 text
ૹΔଆͰؾΛ͚ͭͳ
͖Ό͍͚ͳ͍͜ͱ
Slide 26
Slide 26 text
LTͩͱೖΓΒͳ͍ͷ
Ͱ؆୯ʹհ
Slide 27
Slide 27 text
GoogleͷҰׅૹ৴ΨΠυϥΠ
ϯ
https:/
/support.google.com/a/answer/81126?hl=ja
ૹΔଆ͜Εकͬͯͳ͍ͱ͍ͭͷؒʹ͔໎ϝʔϧϑΥϧμߦ͖
ʹͳΓ·͢ɻ
ૹ৴ϘϦϡʔϜ͕େ͖͍߹Postmaster ToolsΛ͏ͱΑ͍ɻ
Slide 28
Slide 28 text
mail-tester.com
https:/
/www.mail-tester.com/
͜͜ʹϝʔϧૹΔͱIP͕ϒϥοΫϦετ͞ΕͯΔ͔Ͳ͏͔Ұൠ
తͳઃఆϛεʹ͍ͭͯڭ͑ͯ͘ΕΔɻ
Slide 29
Slide 29 text
No content
Slide 30
Slide 30 text
DigitalOcean͔Βૹͬͯ
ͨΒMSNʹϒϩοΫ͞
ΕͯͨͰ͟͝Δ
Slide 31
Slide 31 text
No content
Slide 32
Slide 32 text
چWILLCOMܥͷΞυϨ
εʹ௨৴͢Βड͚
͚ͯΒ͑ͳ͔ͬͨ
Slide 33
Slide 33 text
No content
Slide 34
Slide 34 text
ݸਓͰϝʔϧΔͷ͓͢͢
Ί͠·ͤΜ(࠶)
• IMAPΔͱετϨʔδࠈʹؕΓ·͢
• ໎ϝʔϧରࡦ͠ΜͲ͍
• ઃఆϛεΔͱϝʔϧ͕૬खʹಧ͖·ͤΜ
• ͱ͍͏͔SMTPΛΊΖ
Slide 35
Slide 35 text
ͳͷͰWebαʔϏεΛ͓͏
(࠶)
• Mailgun, Mandrill, Postmark, SendGrid, Amazon SES
• αʔόʔӡ༻Λؙ͛Ͱ͖Δ͠
• ໎ϝʔϧରࡦͬͯ͘ΕΔ
• IPΞυϨεͷϨϐϡςʔγϣϯཧͬͯ͘ΕΔ
Slide 36
Slide 36 text
Ͳ͏ͯ͠Γ͍ͨ
ํʹ
͏ͪΐͬͱ౿ΈࠐΜͩ༰Λ"Dark
Depths of SMTP"(ٕज़ॻయ4ॳग़)ͱ͍͏
ຊͰॻ͍͍ͯ·͢
͜ͷۀຊ͕࠷ۙग़ͯͳ͍ͷͰ͓
ͦΒ͘࠷৽Ͱ͢
ͳ͓౦ํཁૉදࢴ͚ͩͰ͢ɻ
Slide 37
Slide 37 text
Welcome to
SMTPপ