Zaslužiti nagrada skrivati vsi oglasi
Objave: 10   Obiskan od: 134 users
23.09.2019 - 04:42
 Dave (Administrator)
As some of you may have already noticed, emails from atWar have started flowing again. Things like the forgot password email, turn reminders for casual games, etc. That's because I've finally moved our mailserver over to it's new home, and dealt with the can of worms that entailed.

If you're interested in hearing more about the adventure that was the atWar mail system, read on...

As some of you know, moving our servers in general has been a huge pain in the ass. (And I'm still not totally done with it, but that's another story...) So I wasn't super eager to tackle the mailserver.

The first problem to consider is how some bad guy could use the mailserver as a vector for DDOSing atWar. There's no way to keep a mailserver's IP address secret. You can't proxy a mailserver with CloudFlare, like we do with our other servers. The mailserver's real IP address will always be discoverable... that's just how it must be for emails to work.

To solve this, you keep the mailserver separate from the webserver, or any other servers you need to protect. That's easy. The hard part was getting a modern, properly secured mailserver to communicate with atWar's legacy code.

Amok & Ivan setup the original mailserver using software called hMailServer. It's great software and I have nothing against it. However it's Windows-only software, and I didn't want to deal with the extra expense and hassle of having another Windows server, just to run a mailserver. So for our new mailserver I chose Linux-based alternatives.

I setup our new mailserver using Postfix + Dovecot, plus a few other things. Nothing unusual about that. Naturally I configured everything to have strong security from the outset. I created an inbox and up to this point everything was working perfectly. Then I tried to connect our existing website and game code to the new server...

The legacy atWar code actually had 3 different mechanisms for sending emails: 1) the core game code has a C# mailer, 2) the website has it's own separate C# mailer, and 3) the website also uses the PHP mail() function for certain things. For various reasons, none of these could make a secure SMTP connection (i.e. using TLS). In other words, none of these could communicate *securely* with the new mailserver.

Sure, I could have just disabled any security and things would have worked great... but there was also another problem. A glaring security hole: the website's C# mailer was totally open to the public! Anyone knowing the correct URL could use it to send any email to any address, no limits -- a spammer's dream! (I don't have any proof that anyone exploited it, but if not it was only a matter of time.)

Maybe there were some quick patches or workarounds I could have found for each these issues, but that would not be moving in the right direction. It's really overdue that atWar gets with the times. So once again, just as every seemingly "simple" atWar project tends to do, "move the mailserver" snowballed into "fix all the mail-related things on atWar".

Well, that process is finally done. The open-to-the-public mailer is gone. Various mail-related functions have been replaced with one secure mailer. The new mailserver securely communicates with the game and website, and does not expose the IP address of those servers (only it's own). If somebody DDOSes the mailserver, the worst that'll happen is I can't login to check my inbox. I think I can live with that. The main servers won't be affected in any way.

The last step was to migrate our inboxes. There are various @atwar-game.com email addresses that I or others use for certain things. Some of those inboxes have existed since before my time, and I wanted to preserve the history of emails should we ever need them again. The only problem was I had never migrated inboxes from hMailServer to Dovecot before, and their data formats were a little different. I found a solution to this using imapsync... major props to Gilles Lamiral for this excellent software!

So there you have it, another task done. Now the next step will be to setup mailing lists, so we can start doing email marketing and newsletters again. As I understand it that's something that atWar hasn't done since back in the Afterwind days.

Cheers,
Dave
----
All men can see these tactics whereby I conquer,
but what none can see is the strategy out of which victory is evolved.
--Sun Tzu

Nalaganje...
Nalaganje...
23.09.2019 - 04:48
Great work! Sounds like a pain in the ass.
@Everyone Stop complaining about development <3
----
Nalaganje...
Nalaganje...
23.09.2019 - 04:58
Hats off to you dave
----
they said play atwar,they said it would be fun,dam

We are not the same - I am a Martian
Nalaganje...
Nalaganje...
23.09.2019 - 05:10
----
Do you fear death? Do you fear that dark abyss? All your deeds laid bare. All your sins punished.
Nalaganje...
Nalaganje...
23.09.2019 - 06:24
Prispeval Davy Jones, 23.09.2019 at 05:10



----
Nalaganje...
Nalaganje...
23.09.2019 - 07:49
Prispeval JUGERS2, 23.09.2019 at 06:24

Prispeval Davy Jones, 23.09.2019 at 05:10





----

Nalaganje...
Nalaganje...
23.09.2019 - 11:20
 4nic
----
''Everywhere where i am absent, they commit nothing but follies''
~Napoleon


Nalaganje...
Nalaganje...
23.09.2019 - 16:49
Just use gmail
----
Happiness = reality - expectations
Nalaganje...
Nalaganje...
23.09.2019 - 18:06
Cool and kudos to you for doing that but some of us still experience a lot of lag...
Nalaganje...
Nalaganje...
26.09.2019 - 20:25
 Hall
Quite the undertaking, thank you for making moves in the right direction! atWar is awesome and only needs some marketing magic to make it take off even more.
Nalaganje...
Nalaganje...
atWar

About Us
Contact

Zasebnost | Pogoji uporabe | Pasice | Partners

Copyright © 2024 atWar. All rights reserved.

Pridružite se nam na

Povej naprej