Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
Hi can any1 tell me how to implement email functionality in azure without using sendgrid or any other 3rd party all. Can we have service bus to connect azure and exchange server to send emails.is it possible.or do we have exchange server web services to be accesses in azure and sends
email
The problem is not about having to use a third party, it is about the security and firewall implications — particularly with corporate security overlords. An exchange server can have outgoing smtp (even with username and password) enabled, and it is easy for any application (including those running on Azure) to send outgoing SMTP. The problem that you will invariably run into is that the perimeter security around the exchange server will not allow smtp from a public ip address (hackers frequently scan for open port 25, so that they can relay spam through unsuspecting mail servers). Windows Azure (roles and websites) cannot use a fixed (outgoing) ip, so firewall rules cannot be created.
Your options are:
Setup a VPN with your corporate network, so your Azure instance will send from a private IP address.
Run a mail relay service on an Azure VM. The VM can have an infinite lease on an IP address, so won't change (much). There are simple and cheap mail transfer agent services that run on Linux.
Use any 'ol smtp server. If you're not sending much out, you could use Google or even outlook.com. Outlook.com allows you to configure accounts that are hosted elsewhere, so you should be able to use smtp with your windows live id (Microsoft account).
I would avoid writing complicated code and services that use something like service bus. System.Net.Mail should be used to send to an smtp server.
One thing I've seen done in the past was to have the Windows Azure app put a message on a queue, along with optionally some larger data (attachments, large body text, etc.) in a blob. That gets the data stored in Windows Azure storage. From there, an on-premises app (e.g. Windows Service) could pull the queue and blob data, construct an email message, and send it to the on-premises Exchange server.
If you need everything to be cloud-hosted, then I would think you should be able to connect your Windows Azure apps to an Exchange web service endpoint (assuming you can properly secure that and make the web service connection).
Related
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 days ago.
Improve this question
I enabled custom domain to access blobs on my storage account. On the storage account i initially had Secure transfer disabled. I was able to access the blob using custom domain. When i enabled Secure transfer i get the message AccountRequiresHttps
When i checked the tooltip on Secure transfer required it says "
The secure transfer option enhances the security of your storage account by only allowing requests to the storage account by secure connection. For example, when calling REST APIs to access your storage accounts, you must connect using HTTPs. Any requests using HTTP will be rejected when 'secure transfer required' is enabled. When you are using the Azure files service, connection without encryption will fail, including scenarios using SMB 2.1, SMB 3.0 without encryption, and some flavors of the Linux SMB client. Because Azure storage doesn’t support HTTPs for custom domain names, this option is not applied when using a custom domain name."
I was expecting the Secure tranfer required option wont really apply to custom domain
We are migrating our website on Azure platform in PaSS model. our website needs to communicate to our back office system using web services.
Currently the Back Office system is in a providers data center. and we have a firewall which enables web service communication for specific IP's
Now website going to be hosted on Azure with PaSS model, can some one please advice which IP address we need to add in whitelist of our Back office firewall.
Please note we want to set up our web app to be out-scaled to multiple instances.
will each instance will be able to communicate with out Back office ?
Regards
Umesh Deshmukh
can some one please advice which IP address we need to add in
whitelist of our Back office firewall. Please note we want to set up
our web app to be out-scaled to multiple instances. will each instance
will be able to communicate with out Back office ?
For a long-term, Hybrid Connection is much better. If you still want to know whitelist the outbound IP of web app service, you could find these possible outbound IP addresses in additional outbound IP addresses setting of the web app properties. You can't know beforehand which IP address a given app instance will use to make the outbound connection, so your back-end service must open its firewall to all the outbound IP addresses of your app. You could get more details about Inbound and outbound IP addresses in Azure App Service.
You could use Azure Service Bus Relay to connect your web app to your on-premises database that's behind the firewall. Azure service bus relay uses internet port 80 so there should be no firewall issues. Hope it helps.
Within an App Service is a feature called a Hybrid Connection, which can be found under the Networking section of the App Service you want to connect to your back office.
You will create a new Hybrid Connection via the Portal.
Complete the form with the information that pertains to the back office system you want to connect to. You should always use a Fully Qualified Domain Name for all your back office systems. If you are connecting to multiple back office systems, you will need one Hybrid Connection for each one.
A Hybrid Connection relies on a Service Bus Relay to communicate with your on-premises resources.
You will install the Hybrid Connection Manager in your on-premises systems and connect it to the Service Bus Relay you created in the portal.
Once the Hybrid Connection you create in the Portal has been connected to a Hybrid Connection Manager (called a Listener), the connection will show as Connected in the Portal.
Once connected, an application running in an App Service will be able to communicate with your on-premises resources as if they were sitting right next to each other. There is going to be some inherent latency involved with using a Hybrid Connection and this should be planned for. The latency we have seen using Hybrid Connections have been minimal and are usually barely noticeable. I have even heard that people are streaming media from on-premises systems using Hybrid Connections.
More information about Hybrid Connections can be found here.
I have a mobile application that communicates with a REST based web-service. The web-service lives behind the firewall and talks to other systems. Currently this web-service requires a firewall port to be opened and a SSL cert generated for each installation. Mobile apps sends login credentials so web-services can login to custom back-end systems.
Recently a customer approached us asking how could we deploy this to 50 offices. As we don't want to say modify every firewall in every office, we're looking for options.. This is a list of possible solutions and my thoughts on each one:
Open firewall port and expose https webservice - This is our current
solution but we dont want to have to contact 50 network admins and explain why we need to do this.
VPN - Too heavy weight, complex and expensive, we only need access
to one server. Does not solve problem as firewall needs to be
modified.
Microsoft Azure Hybrid Connection Manager - This provides a managed
service where the Azure cloud will expose an end point. Azure will
also expect connections from a easy to install application that
lives behind the firewall. When a REST call is made to the cloud
end-point, the request is forward down socket that was initiated by
the software behind the firewall. This does what we want but as its
a Microsoft Solution there might impose other requirements that our
customers might not want. Currently the simple Hybrid Connection Manager is free. But for how long?
Jscape MFT Gateway - Similar to Azure but you can host their server anywhere. Not that expensive but is not opensource.
Netty - A async java library/toolkit where this type of application could easily be build. Client and server apps would need to be build and deployed. Dont know what we dont know about Netty.
MDM, AirWatch, BlackBerry BES - A MDM based solution would work expect that MDM's are centrally managed and are not often in every office where the backend services are located. Airwatch has an AppTunnle but im not sure about the specifics.
At this point the Microsoft and Jscape systems are possible solutions.
But most likely these solutions will require us to modify the mobile software to work around issues such as:
How does the user know which server to login to? A locator service
needs to be built such that, an email address is used to lookup their
office, or they need to select their office location from a list.
While the connection is SSL many company might want some additional protection since network login information will be send down the pipe.
How is load balancing and fail-over managed?
So, at this point i'm looking for more options. The best option would be a commercial product that offers some level of customization. Second, would like a well used open-source product that could be installed in Aws and customized.
Thanks
The best approach we found was to use the PUTTY API and setup a reverse proxy.
I have a site hosted on Windows Azure and currently I am using SendGrid to send emails. However, we have Mimecast as our email provider and it is marking all emails received from SendGrid as spam.
Is there a way to use Mimecast as the SMTP Relay service from my Windows Azure application?
Well,
Azure as such does not apply any restriction on the outgoing traffic (beside some bandwidth throttling based on the Size of the VM you are running on, but this quite generous). So in practice you can use any SMTP relay service.
Whether you can use Mimecast specifically, you shall turn to Mimecast support or products page. But there is nothing in Azure that would stop you from using this or that service (any service).
And Yes, you can use System.Net.Mail.SmtpClient or any other Smtp Client library to talk to external SMTP Service. Whether that external SMTP Service will accept your connection or not, is not subject to any kind of Azure limitation, but sole decision of the service you chose to use.
You should raise a ticket with SendGrid so they can manage this situation. The reason SendGrid is provided is to precisely avoid your mail being marked as spam. You will be unlikely to see any successful mail delivery if you route SMTP traffic directly from an Azure host to a receiving SMTP server.
I don't know how to begin on the following. I will explain with the picture below what i want to do.
Like you so you have 2 parts. The local part and the azure part. The azure part is my part. The local network could be a customer, ....
What i went to do is running a service on the pc's and send that data to the local server/gateway. But how can i detect to what server it needs to connect. I don't install any service on the local pc's, that does the customer itself. But i don't want that he needs to do configuration. Just like they install the server/gateway part.
I will run a webservice on azure that gets information from the server/gateway on the local network. So thats no problem. On azure there are some other application that will process the messages.
Also how can you send some message back to the local network? When you say on azure ping the other local computer on the network. You should send a message to the server/gateway on your local network. But how?
So i have 2 questions(see above for more information):
Connecting from the clients to the server/gateway
Send some information back to the local netwerk
You can use Virtual Network, Azure Connect to create a "connection" or "hybrid cloud" between the PCs and the Azure cloud. However, if you are talking about web based/simple messaging and the PCs have internet connectivity why not just route the messages through a secure (SSL/TLS) connection to the cloud?
For broadcasting/push-type notifications, please look at SignalR (http://signalr.net/). Microsoft is making that part of the ASP.NET platform: http://channel9.msdn.com/Events/Build/2012/3-034
It has some real nice functionality like gracefully, falling back on multiple mechanisms if advanced things like WebSockets are not supported by the server/client. This is an ideal solution and super scalable, since it is server based and very light on the client.
If you need to connect only one or more services running on you local network and make them available publicly via azure cloud.
The most straight forward solution i found was to use the services bus. Its require nearly no modification to you business network.