For my latest venture, MyFamilio, I needed to know if a user’s Email address is a Gmail one so that I could show the user his/her contacts from Gmail.
Figuring out if the user is on Gmail is usually easy – the Email ends with @gmail.com. But what happens for all of those Google Apps for Your domain (like my own, which uses the @sandler.co.il domain) ?
Well, you can easily detect that by running a DNS query on the MX record.
I wrote a small function in Python which uses dnspyhon to do just that, determine if an Email address is hosted on Gmail or not.
Check the gist here.
Check the gist here.
I’ve recently started to use Google Apps for Your domain to host my private emails on the sandler.co.il domain.
Google Apps for your domain is quite cool and was very easy to configure. I mainly moved to it due to the unbelievable amounts of SPAM and I didn’t have the power or time to configure SpamAssassin in a reasonable way that would actually work.
When I moved, one of the things I did was to change the “default” URL in which me and other members of my family use to access the web mail of the domain. Google Apps for your Domain allows you to do just that by configuring it in its configuration screen and settings a CNAME record that points to ghs.google.com.
After configuring everything I tested it out and noticed something disturbing.
It seems that CNAME (by design/default/whatever) does not support HTTPS, only HTTP. This means that the CNAME alias I configured will be resolved to mail.google.com/a/YourDomain.XXX (replace YourDomain.XXX with your domain ;-) ). If you are not authenticated you’ll be redirected to authenticate on an SSL protected address (https) and upon successful authentication you will be directed to http://mail.google.com/a/YourDomain.XXX (not https – not SSL).
This means that now, when you read or write Emails they are not protected. If you are sitting in an open WIFI network (passwordless network) people can easily sniff out your Emails and correspondence (I know that not using WPA will make you prune to man in the middle attacks, but that’s not the issue here). This is just one of the scenarios that you will be vulnerable (there are a few more).
It’s not that accessing https://mail.google.com/a/YourDOMAIN.XXX will not work. On the contrary, it will work fine and all the communication will be secured using SSL (https).
It seems Google is encouraging recklessness with their current configuration, instead of redirecting authenticated users to the secured version (https/SSL) of their web mail specifically because of the DNS CNAME limitations.
It is a simple fix on Google’s behalf which will increase the security dramatically.
I own a Nokia E61 cell phone. A nice phone all in all (aside from the backup problems my wife encountered).
Gmail has this cool little applet that lets me access my Gmail account in a nicer (and better cached) way from my cell phone. It’s a really nice program and I use it quite often.
It has one problem though. If you host your own domain through Google Apps for Your Domain to get the Gmail like interface for your Emails you cannot use this program.
Technically (as far as I could see) the interface is rather the same, the only different should be the user name and password. But there is a restriction in the user name in the mail applet that forces you to put an Email address with a suffix of @gmail.com only. It will not accept anything other than a @gmail.com user name.
Google Apps for your Domain has, however, a program for Blackberries. Not that there is anything wrong with that, but I would really like to have the current nice mail applet working with my hosted Google Gmail application.
I want the normal Gmail applet to work with my custom domain and Google Apps for your domain, otherwise I’m forced to use the not so nice Cell phone browser web mail access which is far less usable than the applet.
Is it too much to ask? I don’t think so, considering that it seems there shouldn’t be any problem supporting it technically (it’s the same backend). If any of you Google Apps for your Domains Googlers are reading this and there is a bigger issue/problem with forcing the mail applet to support Google Apps for Your Domain, I would love to know why (you can even ping me privately through my contact page).
Google Gmail recently got a new feature allowing one to open Word documents using Google Docs and we can safely assume that PDF and Excel (for use with Google Spreadsheets) documents are on their way as well.
Sometimes a Word document can be quite big with lots of added stuff like images, drawings and so on.
If Google can handle the on-the-fly (or at least on-mail-receive) Word documents conversions I do think that they can (and hopefully will) handle Movie files conversions like I suggest in my previous post about integrating YouTube/Google Video with Gmail.
Since copyright issues are the same for Word documents, having the movie converted and show only to the mail recipient shouldn’t be much of a problem.
I wonder if the Gmail team subscribed to RSS alerts on their product the same way as the Google Reader team :-)
A while back Google added a feature to Gmail so that you can see which of your friends is online and chat with them.
While this might look cool there is another side to this story, people can actually see when you are reading your Emails on your Gmail account.
I, for example, use GAIM as my main IM client and since Google Talk (GTalk) uses Jabber as its underlying protocol, it means that every Jabber supported client can connect to GTalk. Jabber has built in support to show your status and the client you are using and most Jabber clients (besides GTalk) allow you to see this text.
Google Talk’s integration within Gmail is implemented in such a way that Gmail is converted into a Jabber client. The engineers at Google Talk used the client text and it clearly shows “gmail” in it (as opposed to Talk.vXXXX that is shown for GTalk clients).
Since the option for having the Chat integration is turned by default, if you use a client that is different than GTalk (like GAIM) one can see exactly when his/her friend is inside Gmail.
What do you do when you are in Gmail? Probably reading (or at least seeing) Emails.
A bit annoying isn’t it? I don’t want anyone to know when I’m actually logging into my Gmail account and read/see my Emails.
Luckily you can turn this off. There is an option at the end of the page after you login into Gmail that says “Gmail view:”. In there you can select “standard without chat” which will turn off the GTalk integration.
I’m sure you’ll all have heard about the Gmail dot scandal and that it WAS confirmed by Google.
I’m not a heavy Gmail user but I do have an Email box there (like everyone else) but it DOES pisses me off, specifically since my Email HAS a dot in it.
This can also explain why I got an Email a while back from someone that claimed to be my wife (although she was referring to another Eran Sandler ;-) ).
If this was complained that long how come it wasn’t fixed? It’s outrageous that someone else, in certain cases, will be getting my private Emails. I feel so violated.
I just hope they’ll get their act together and fix this before all hell will break loose. They have enough privacy issues/concerns right now to deal with and I’m sure the folks at Google are not in the mood for another one.