Reputation: 16121
How to send an email in GAE on behalf of a yahoo, hotmail, or .edu user?
On GAE, a non-gmail user can create a Google Account using their non-gmail email and log into a google app engine application. However, sending from that email does not appear to work all the time.
For example, suppose [email protected] creates a google account and they log in. Then, GAE should be able to send email from [email protected] during a user request.
The problem is that this does not appear to work for yahoo email accounts and others. In my experience, only the following users can have email sent on their behalf:
- Currently logged in gmail users
- Currently logged in users with emails that run on google apps
- Administrators
However, you cannot send email on behalf of users with the following email address:
- yahoo and hotmail users
- .gov or .mil users
- most .edu users, although I think some schools use google apps and they work.
If I send from those email addresses, I get the following error:
message.send();
File "/base/python_runtime/python_lib/versions/1/google/appengine/api/mail.py", line 799, in send
raise ERROR_MAP[e.application_error](e.error_detail)
InvalidSenderError: Unauthorized sender
Am I missing something here?
I know there are similar questions out there on this topic but I don't think they nail them.
Upvotes: 3
Views: 6781
Answers (3)
Reputation: 459
For me it looks like Google has changed something. I've had an application running 1,5 years without problems (and changes) but suddenly on 2011-05-03 sending emails for example on behalf of Yahoo users stopped working.
This change also affected other non-Google (non-developer users).
Upvotes: 2
Reputation: 38247
Your application has no right to originate email from addresses you don't own.
Doing so is called spoofing and there has been a lot of work done in the last 8 years to prevent spoofing: DKIM, SPF...
If you need to send email you need to have your own email address(es)/domain to send the email from for this application and you'll need to handle bounces as well.
Update:
Google Accounts
Google accounts can be created using 3rd party domain email addresses (e.g. hotmail, yahoo, *.edu, etc). There will be an email confirmation step to verify the email address, but there may be no greater relationship than this. The email address is the "username" and there's a password created with Google that has nothing to do with the 3rd party domain.
Google accounts don't have to have a mail service component. You can create a Google account and not have Gmail.
Google email on a 3rd party domain
Google Apps can be run "on" 3rd party domains, this can, but not necessarily include Google email.
Google email could be run on any domain without any other "Apps", they offer email outsourcing which is quite attractive to the Education sector. In this scenario, Google is authoritative for email for that domain.
On behalf of mailing
Google email has the functionality to set up "On Behalf of" emailing. This requires configuration. A confirmation email is sent to the target account. Once created the email is sent using the originating account's email address in the mail envelope, so any delivery status messages (delays, rejections) will be returned to this account. The originating email address will also be in the sender header. The address that you're sending on behalf of will appear in the from header in the messages, but otherwise, with regards to security settings and validation, it's a Google email from Google.
A quick search has returned some tech blog websites that suggest that they are considering retiring this feature in favour of supporting third party SMTP services.
Third party SMTP server
So someone could configure their Google Email account with the SMTP server, username and password of their mail service provider and use it to send email via their Google mail interface through the valid servers of their mail service provider. This email would therefore genuinely "originate" from that domain's infrastructure.
I've not read the documentation for this GAE function to send email. However, I can see that if someone is signed into their Google account and that account has a mail service, then it could be possible to send email from that account using an API.
However, Google will not generate email "From" 3rd party domains for which it has not been assigned authority over. The email would not be valid; it would be "spoofed". It may not comply with a variety of security enhancements, could be used maliciously and would bring them into disrepute.
I hope this makes the situation clearer for you.
If the documentation is lacking in this regard, it could be that those who wrote it, being so familiar with email, might find it hard to imagine someone would think it were possible.
Upvotes: 2
Reputation: 12838
If [email protected] creates a Google account and logs in, you will be able to send on behalf of their Gmail user, but not their Yahoo user. Same for Hotmail. As for .gov, .mil or .edu, there's nothing special about these TLDs. If they are Google Apps domains, you can send from them, otherwise you cannot.
Note, though, that you can specify a Reply-To address when sending mail. This can be any email address whatsoever, so if you use a reply-to address of [email protected] on outbound mail and the recipient clicks reply, this should be the address that's populated as the recipient.
Upvotes: 1
Related Questions
- sending mails with GAE local environment
- Sending Emails on GAE through smtp.gmail.com in Python
- GAE Python - Receive incoming email on @mydomain.com address
- How to send email from [email protected] with GAE?
- GAE send email from gmail account
- GAE: Send email from any arbitrary email address in Google Apps domain
- Sending email on behalf of Google Apps user
- Send emails from the user that is logged in in my GAE application
- Difficulties with sending mail from GAE
- How do I send an email from a non-gmail account using the appengine