Page 1 of 2

Anyone use Amazon Simple Email Service?

Posted: Tue Dec 18, 2018 5:49 pm
by John connor
I'm wondering if it's doable and how to do it. Right now I use gmail, but if I could use something more capable I'll use it.

Re: Anyone use Amazon Simple Email Service?

Posted: Tue Dec 18, 2018 8:57 pm
by EA117
No, not currently a user, nor even aware before you mentioned it. That all sounds very interesting and high-functioning with regard to giving you a constant and consolidated view of your sending reputation.

At "US$0 for the first 1000" (both sending and receiving) and "no minimum charges", are they telling me that in my case my email system would be forever free? 😜

Make or break for me will be whether my hosting service would allow the outbound SMTP traffic from phpBB. But ASES does appear to support multiple alternative TCP ports -- and both implicit and explicit TLS -- that makes the chances it might succeed as good as they could be.

For what it's worth, this developer guide seemed to provide the clearest view of what to do and what would happen: https://docs.aws.amazon.com/ses/latest/DeveloperGuide/

Re: Anyone use Amazon Simple Email Service?

Posted: Wed Dec 19, 2018 6:23 am
by John connor
EA117 wrote:
Tue Dec 18, 2018 8:57 pm
At "US$0 for the first 1000" (both sending and receiving) and "no minimum charges", are they telling me that in my case my email system would be forever free? 😜
Indeed it would. I use an extension called Amazon S3 that off loads attachments to Amazon to lessen server load and I paid nothing. But now I have expanded my S3 buckets to home backups using the program CloudBerry so now I pay around 30 cents or so a month. Come to think of it, I haven't been charged in a while now since I lessened the backup period to one of my desktops to once per week. :D I don't backup the whole computer as that's not needed. I backup key important data like my browser profile, pictures, videos, etc. Then I periodically clone the whole computer to an external SSD using AOMEI Backupper. I then store my clones in a fireproof safe rated for electronics. They only cost around $35.

I have a pretty damn decent backup system. Like with my forum I encrypt that backup and it's tossed on S3 and several other locations including a DVD/RW disk. If I grow I'll migrate to blu-ray. :lol: Those suckers can hold 100 GB +! And I know of a great program that's excellent at splitting large files with hash and CRC checks. So if I miraculously grow beyond the compression space of 100+ GB with FTP files and the database, I'll just split the archive in two parts. I don't foresee that happening anytime soon though.

Anyway, if you use simple email service let me know how it goes. My host allows SMTP so I use Gmail right now, but it's limited and I'd rather have something more robust and allows mass email sending. I'm sure with Gmail they'll cut me off at 100 emails or something.

I don't ever want to use PHPmail with my host since that will expose my origin IP through an MX lookup. I'm behind CloudFlare and have taken every precaution I can think of to mitigate origin IP exposure. I'm well aware of Kali, Shodan and the wonderful tool NMAP/Zenmap. That's why I want my origin IP hidden. For free you can't beat CloudFlare at what they offer. In fact, I was getting a boat ton of ref spam via Tor, and while I block Tor with a security script, my log was filling up with that garbage. So I added the T1 designator for Tor in my CloudFlare firewall as a Recaptcha challenge and all is good again. Bot has been stopped in its tracks. :lol: I can't out right block Tor in CloudFlare like I would prefer because you need an enterprise plan for that capability. So I'm stuck with just the Recpatcha option. Better than nothing in terms of blocking bots. And if surpassed my script 403s 'em.


Yeah, between CloudFlare and AWS and what they offer, you can't beat it. Scalable CDNs are the future. In fact, a good majority of the Internet you browse uses a CDN in one facet or another and most may in fact be from AWS and CloudFlare. At least that's what I read on a website about how a dude found out where a lot of Amazon server locations were at in "spook vile" USA Virginia. Pretty interesting article.

Edit-

Looks like the emoticon you used there comes from a CDN. :lol: I've seen other people use those non-standard phpBB emoticons. Where do they come from?

And here's the CDN where that emoticon came from. :ugeek: https://www.jsdelivr.com/ God help us if we get hit with a solar flare or EMP

Re: Anyone use Amazon Simple Email Service?

Posted: Wed Dec 19, 2018 4:16 pm
by EA117
Thanks for all the interesting details. Lots of stuff to look into when I get a chance. It's been very interesting to see the evolution of how these "big data" companies saw the opportunities to sell the same services they needed to develop for their own business. Like "Oh, we need to scale our infrastructure to 100x our current size? How about we scale to 1000x then, and sell the other 900x?" Dude, calm down, you're just a a shopping.... hmm, that's pretty nice.
John connor wrote:
Wed Dec 19, 2018 6:23 am
I've seen other people use those non-standard phpBB emoticons. Where do they come from?
Input of emoji is done "natively" on many platforms, by which I mean the input method is simply using the Unicode consortium-defined values that represent the different emoji, in pretty much the same way we all agree on using the Unicode values which represent "A", "B", "C", etc. i.e. The actual message, and the actual input, knows nothing of "an image"; and the emoji is simply just another character value like every other character in the message.

(As opposed to "for each attempt to reference an emoji, actually send an <a href=> or [img] link to an image they wanted to be placed among the text." Which is the way these kinds of things started out on the web, way back when. And is probably how it's still done now for all the wild "custom emoji images" systems out there, which fall outside of the Unicode-defined specification.)

The first hurdle is for this Unicode character value to be stored correctly as part of the message. This used to not be possible in phpBB, but now (since 3.2) the Unicode character values can be correctly represented & used when writing and viewing messages in phpBB. With the correct Unicode character value being saved and regurgitated now, technically you could just "do nothing else." And simply let the individual browser/device/platform being used to read the message decide how to deal with these Unicode-defined emoji character value references when they show up in the presented html data, same as they have to do with every other character in the data.

But that would allow for varied and inconsistent display of the emojis, since not all platforms render them the same, and not all platforms render them at all. So it's actually in phpBB's viewing of the message (and not phpBB proper, but actually the s9e framework code phpBB utilizes) that the Unicode-defined character values are "replaced with a consistent set of images to represent the referenced emoticon."

Which -- finally to the answer of your question -- currently involves the s9e framework replacing those Unicode character references with emojiOne-based images, which hosts/pulls those images from the CDN you identified. And in the future could be replaced with "let's represent such characters using some other consistent mechanism."

So to be clear, the person inputting those emoticon references had no control and no idea how phpBB might actually end up rendering and representing those emoticons once you, John Conner, actually saw & read their message. Those persons are simply on their iPhone or iPad using their iOS input keyboard, or on Andriod using the input keyboard, etc. Or in my case, simply on Windows 10 using the "Windows key + period" entry keyboard. All of which are performing standards-based Unicode-defined emoji entry.

Now, with all that said, if you want to read more from people who actually know what they're talking about, jump in on the following thread: https://area51.phpbb.com/phpBB/viewtopi ... 20#p301481

Re: Anyone use Amazon Simple Email Service?

Posted: Wed Dec 19, 2018 5:59 pm
by stevemaury
John connor wrote:
Wed Dec 19, 2018 6:23 am

I don't ever want to use PHPmail with my host since that will expose my origin IP through an MX lookup. I'm behind CloudFlare and have taken every precaution I can think of to mitigate origin IP exposure.
Does your board have a URL? What if I pinged it? Would the DNS universe not have to know the IP address corresponding with your domain name?

Re: Anyone use Amazon Simple Email Service?

Posted: Thu Dec 20, 2018 2:22 am
by John connor
A lot of that kinda went over my head. :lol: I'm not a coder and don't even know PHP and all that. But I get the gist.

You're right, CDNs from what I read started out by companies needing project space? for lack of a better word for their needs. And it pretty much grew from there. It's amazing how CDNs have pretty much changed the Internet as we know it. Though, one would never know that just browsing around.

Re: Anyone use Amazon Simple Email Service?

Posted: Thu Dec 20, 2018 2:31 am
by John connor
stevemaury wrote:
Wed Dec 19, 2018 5:59 pm
John connor wrote:
Wed Dec 19, 2018 6:23 am

I don't ever want to use PHPmail with my host since that will expose my origin IP through an MX lookup. I'm behind CloudFlare and have taken every precaution I can think of to mitigate origin IP exposure.
Does your board have a URL? What if I pinged it? Would the DNS universe not have to know the IP address corresponding with your domain name?


If you ping my web address or even look me up at WHOIS all you'll see is the CloudFlare IP. You won't get the origin IP from my host where the server is located at. This is the nature of a reverse proxy and that's what CloudFlare is, i.e a reverse proxy. It's why TPB uses CloudFlare and so many others that want to hide. There's another I know of called Incapsula.

A reverse proxy like CloudFlare offers origin IP hiding ability, DDoS protection, caching at the edge server and a firewall among other things. I even have layer 7 DDoS protection that costs me around 30 cents a month thus far. If some bot were to come along and pull a vast amount of resources all at once, then CloudFlare will stop it. If I remember from what I read, it was CloudFlare that stopped one of the largest DDoS campaigns ever to exist. It was created using IoT devices.

Go ahead and ping or WHOIS my domain. See what you get. Then look up the IP address. It will belong to CloudFlare. So you can NMAP that and everything else, but it won't show my SSH/FTP port, etc. It will only show ports like 80, 8080, 443, etc. Web facing ports. Hacking that means your hacking CloudFlare and not my server.

Re: Anyone use Amazon Simple Email Service?

Posted: Thu Dec 20, 2018 1:33 pm
by EA117
John connor wrote:
Thu Dec 20, 2018 2:22 am
A lot of that kinda went over my head. :lol:
No worries. I originally tried to answer the "where did those come from" question with just "it's phpBB doing that." But that answer seemed insufficient / to beg for some additional explanation of how/why that's the answer when "I'm not using smilies"... 😁

Re: Anyone use Amazon Simple Email Service?

Posted: Thu Dec 20, 2018 3:50 pm
by stevemaury
OK, what is the url of your phpbb board?

Re: Anyone use Amazon Simple Email Service?

Posted: Thu Dec 20, 2018 4:43 pm
by EA117
stevemaury wrote:
Thu Dec 20, 2018 3:50 pm
OK, what is the url of your phpbb board?
The one in his profile returns as being front-ended by Cloudflare: https://cyberpcforum.com/

So you can poke that one with a stick. 😃

Re: Anyone use Amazon Simple Email Service?

Posted: Fri Dec 21, 2018 6:37 am
by John connor
:lol:

I can't believe some people don't understand the concept of a reverse proxy. I did just get a new member join. Was that you? Looks like a hoster IP so I may be banning that ASN. I don't allow hoster IPs, Tor, CDNs and what have you connecting to my website. Granted there are like 1,000 out there though. :lol: But a vast majority of the popular ones are blocked.

So ping that URL and you'll just get the CloudFlare IP like I said. If you have a hard time understanding this concept of protecting the origin IP address, then I encourage you to shot CloudFlare an email. I'm not trying to BS you here or anything. What I'm saying is positively correct. Correct in that so long as you implement CloudFlare correctly and don't use your host's email, it makes it very difficult to find the origin IP address.

Re: Anyone use Amazon Simple Email Service?

Posted: Fri Dec 21, 2018 7:30 am
by Lumpy Burgertushie
my question would be ( no offense ) why are you so paranoid about someone knowing your IP address?

you really can not depend on any information you get about someone based on knowing their IP address.

robert

Re: Anyone use Amazon Simple Email Service?

Posted: Fri Dec 21, 2018 9:46 pm
by John connor
I guess you missed the part about me talking about NMAP, Shodan and everything else.

You really can't DDoS me as well. It would be a CloudFlare IP and they'd take care of it.

Re: Anyone use Amazon Simple Email Service?

Posted: Fri Dec 21, 2018 10:05 pm
by Lumpy Burgertushie
yes, but why? what are you doing that would require so much security setup?
why do you think your site would be so likely to be hacked?

like I said, I mean no offense about how you decide to setup your security, I have just been curious ever since you started posting about all the things you use for protecting your site. I have never seen anyone worry so much about the remote possibility of being hacked etc.


luck,
robrt

Re: Anyone use Amazon Simple Email Service?

Posted: Fri Dec 21, 2018 10:14 pm
by EA117
Lumpy Burgertushie wrote:
Fri Dec 21, 2018 7:30 am
you really can not depend on any information you get about someone based on knowing their IP address.
Based on other posts, I'll assume what you're referring to is geolocation data. i.e. "Looking up the information about your IP address doesn't tell me exactly where you live or where your computer is at." That is correct. For most cases, the IP address can't resolve anyone down to their actual city or street. But nor did we expect that it could, because most geolocation data is simply based on public records.

That public information is just "which ISP or entity owns this particular range of addresses" and "what router in which region does traffic to those addresses pass through." Only an ISP themselves or owning organization would know exactly "between December 3 and December 17, that IP address was in use at service address 123 Main Street." But the ISP isn't telling anyone that info without a subpoena, nor making it part of any public record.

The companies you voluntarily and involuntarily interact with -- the Googles, the shopping sites, etc. -- know exactly what IP address you're using and know who you are as a customer. But they're not making that information public either; or at least, they are getting into huge public embarrassments and customer confidence loss when they do make it public. Public geolocation databases for IP addresses know none of that information.

Neither geolocation nor personal identity are the issue here, though. Being "paranoid about the IP address" is what prevents someone from knowing what address they would need to attack if they wished to attack or distress cyberpcforum.com's server. For as long as John Conner successfully keeps this arrangement, the only thing they're attacking is CloudFlare; which CloudFlare is expecting, and is why they exist.

Exact personal identity is more likely to be disclosed through DNS registration information, which is also public record. But cyberpcforum.com has that base covered as well, by using a private registration service.