Email Messages UID in Java Mail API - jakarta-mail

Is there any way to get the an array of unique id for the messages stored in the in box folder of a mail account through Java language ?
Thanks in Advance.

Depends on exactly what you mean by "unique id".
There's the UIDFolder interface, which provides access to IMAP UIDs. But you need to understand the semantics of IMAP UIDs to understand just how "unique" they are, and aren't.
There's also the Message-ID header that appears on most messages. While it's typically more globally unique than IMAP UIDs, there's no guarantee of uniqueness.
What do you want to do with the unique id once you have it?

Related

Remove "[External]" tags added by email server

My organization has begun adding obnoxious warnings to the subject and body of any email that arrives from an external address. My organization allows email forwarding, and I forward to gmail. I would like to have the extra text automatically removed before I see them in gmail. This would not violate the policies at my organization. Some ideas I had:
(1) One option would be to set up a gmail filter that edits the message. This feature does not seem to exist.
(2) Another option would be to customize the display so that this particular text is never shown on the screen. Again, there seems to be no way to do this.
(3) I wrote a script in Google Apps to grab to the content of each offending email and send an edited version to myself, but there is no way to make the "from" field show the original sender (perhaps with good reason). I can put that information in "reply to" but the gmail client doesn't show it nicely. This removes the annoying extra text at the cost of the ability to easily see who sent the email. The core of it is this call:
GmailApp.sendEmail("<my_email_address>",newSubject,newBody,{
attachments: message.getAttachments(),
bcc: message.getBcc(),
cc: message.getCc(),
htmlBody: newBody,
replyTo: message.getFrom(),
});
Any ideas? This is becoming a big problem as the "nanny state" approaches, so I'm sure others will appreciate your solution.
Issue
It unfortunately seems that at the day of this post, there is no way of edditing a forwarded email with the Gmail API. Check the documentation to see what you can actually do with the Gmail API in regards to forwarding email addresses.
Workaround
Despite it is not possible to edit a forwarding email address, in your case you are interested in:
Edit the body and subject of the email address.
Preserve the information of who the sender was.
Therefore what you could do is:
Get the email address you want to edit. Get the body, subject and information about who was sending it and store that.
Create a new message where you edit the message you just got and write on the subject the from field that was in the message you just got.
Send that created message to your desired recipient just like it was a forwarding email.
I hope this has helped you. Let me know if you need anything else or if you did not understood something. :)
Apps Script
You can insert messages into your inbox with their original "From" field but a modified body.
Note: Inserting is different from sending because the message is created on the inbox with less validation than sending.
To use this on Apps Script, take a look at the Advanced Gmail Service.
Custom Application
Another idea on how to do this is to use a custom application (in any language you'd prefer) that:
scans your company inbox with IMAP
manipulates the message body to remove the artifacts you don't want
insert manipulated message into your Gmail inbox with the Gmail API

What is the difference between IMAPMessage.getUID() and Message-ID header?

What is the difference between these two from java mail perspective? I can see that 2 values are not same for a particular message. So what should I consider an IMAP message's unique id?
If I need to fetch message from an IMAP server corresponding to an unique id, should I use?
MessageIDTerm
or
IMAPFolder.getMessageByUID()
UID is the unique identification number of a email in a IMAP folder. Each mail in a folder is assigned a uid, it is you can say a index maintained by the mail folder. Whereas message-id is a header part of a email.
To understand in a simple term,
UID is a unique number which cannot be duplicated within a folder. If I copy same email twice in a folder, each will have same headers having same message-id but will have a different UID.
Other major difference is,
UID's are assigned by a imap server
MessageId's are set by the email
client.
So it is always better to rely on a UID to extract the email.
Refer : RFC - UID

Is there a way to link 2 the same email across multiple users

We are looking for a way to determine if an email in different users gmail is the same email. For example Person A sends an email to Person B and C who are in the same Google Apps instance.
When retrieving the email with the gmail API the Id and ThreadId are different for the email in both user B and C accounts. Is there some common identifier or is a case of using something like "Sender" + "Recipients" + "Time Sent" as the relating key?
Thanks for your help.
Not sure if/how this is related to Gmail API, but why not use the Message-Id header? (In conjunction with Date header and possibly From if you want to be sure/paranoid. Note that many assumptions may be broken if a mailing-list is part of the delivery to the recipients.)

How mobile signature works?

We are planning to use mobile sign for one of our application. But as far as I know there are some limitations for signing documents. The vendor we are working has a limitation that you should enter a pin code for every single document and it's attachments. This means if there is a document with 3 attachments, user should enter 4 pin codes in order to complete the mobile sign. This is NOT acceptable, so I wonder how mobile sign works around the globe? I mean other vendors also have the same limitation? Does mobile sign use messaging infrastructure? Would you please give me some information about Mobile Sign?
Thanks in advance.
Best Regards.
Let me explain how mobile signatures work. Based on the process you may infer some conclusion.
Technically the mobile signature is created by a security module when a request for it reaches the device (SIM card,) and after introducing the request to the user with a few explanation prompts, the device asks for a secret code that only the correct user should know. Usually this is in form of a PIN. If the access control secret was entered correctly, the device is approved with access to secret data containing for example RSA private key, which is then used to do the signature or other operations that the request wanted.
The PKI system associates the public key counterpart of the secret key held at the secure device with a set of attributes contained in a structure called digital certificate. The choice of the registration procedure details during the definition of the attributes included in this digital certificate can be used to produce different levels of identity assurance. Anything from anonymous but specific to high-standard real-word identity. By doing a signature, the secure device owner can claim that identity.
Thus, the mobile signature is a unique feature for:
Proving your real-world identity to third parties without
face-to-face communications.
Making a legally-binding commitment by sending a confirmed message to
another party.
Solve security problems of the online world with identity
confirmation (an anonymous but specific identity is often equally
good as a high-standards identity).

How to shibbolize a website

I have an application that uses email addresses for user authentication.
I know that some universities use Shibboleth for user authentication, and I was wondering what the process is for being able to read emails from the university database that is used for Shibboleth. Note that I do not care about authentication through Shibboleth, I only need to be able to read the email addresses.
Is it general for all universities that use Shibboleth, or is each a unique case?
Any links to documentation on how to do this process would be greatly appreciated. Thank you.
Shibboleth can be configured (IdP-side) to release user attributes along with authentication data, for example the user's email address. Client-side, assuming you're going though shibd, you'll need a setting in your attribute-map.xml that says "map attribute with OID x.y.z.a to environment variable USERMAIL" and then you get the result in that environment variable. The example config should already contain it.
This would be the same for everybody insofar as the OID for "email" is always the same, but you'd have to negotiate with the IdPs (universities) or their federations so that they will actually release that attribute to you.
Shibboleth is used by many institutions, but by no means all. Many use Athens, proxies or IP recognition, among other things.
As far as I am aware, a user's email address is not tied directly to the Shib system. When a user tries to access a Shibboleth-protected resource they are taken to their institution's login page to authenticate themselves. They might enter their email address to authenticate or they might enter a username, they might be auto logged-in based on their IP address, or something else.
The institution does send back an affiliation through Shib data transfer upon successful login, something like student#brown.ac.uk but this is not necessarily the email address the user used to login. I guess they could send that but it has not been used in system's I've worked on.
Shibboleth is commonly used to check that the user is from an institution that has purchased access to a protected resource rather than identifying a particular user from that institution so the user's email isn't needed.
Not sure if this helps at all: http://middleware.internet2.edu/eduperson/docs/internet2-mace-dir-eduperson-200806.html#eduPersonAffiliation

Resources