Free, without registration, but with SMS
In Yandex. Mail, a new opportunity has just recently appeared - letters in SMS. We made it not only for those who like to send free text messages, but also for those who need a quick response from the recipient. Now from the web interface of the mail, along with the letter, you can send an SMS message with a link to a copy of the letter itself.
The link will open in a special mobile interface that does not require authorization. There you can read the letter and reply to it. At the same time, it does not matter at all what service the recipient's email is on. Today we will reveal some secrets about the technical details of the implementation.
It was possible to notify the recipient about the sent letter earlier, but with minor restrictions. For example, if the letter was sent not to Yandex. Mail, the SMS looked like this:
')
This was the usual notification without the ability to read the letter and respond to it. In addition, the notification was sent only after the letter was delivered to the addressee. We did this specifically in order to exclude the possibility of sms delivery before the third-party server accepts the letter. Implemented by adding encrypted service headers to the letter and checking these headers in DSN- bounce received from the receiving party. In the new version, we have redrew everything.
First, they gave access to the sent letter. The new version implies more than just a delivery receipt. Now you can tell the user that he was sent a letter, regardless of whether it is delivered to his mailbox.
This allows you to give access to the letter, even if another mail service for some reason loses the letter, or if the recipient was entered incorrectly. The letter itself, opened from SMS, looks like this:
And secondly, due to the fact that in the new version of the sender-receiver chain, the need to receive a letter by another server disappeared, we allowed ourselves to send SMS immediately after sending the letter.
We devoted a lot of time and attention to the issue of security, because it can be called the most difficult in this task. Many aspects of the architecture were initially worked out, based precisely on considerations of the security of user data from any encroachment and fraud:
For these purposes, a separate database is deployed - MongoDB . It is simple, lightweight, scales well and will be useful to us in the future for various tasks. The experience of learning MongoDB turned out to be interesting and useful - the freedom to manage collections and the structure of records allows programmers to be less dependent on database administrators. It speeds up the design, prototyping, development and provides an opportunity to experiment with formats and operations.
The performance of this base also makes it easy to use it for more "difficult" tasks. Load testing showed that with mixed queries and small amounts of data (100b, 3kb), the “web server -> backend -> mongoS -> DB” bundle withstands at least 6000 requests per second, and the response time is within 40 milliseconds. A multi-threaded backend implementing business logic and a pool of connections to the database are used. During testing, the base consisted of a single machine with SATA disks. Now its configuration consists of three shards, in each - a replica of three machines on SSD-drives. To use a pool of connections, a tcp balancer is raised above all MongoS, because the C ++ driver cannot connect to several machines with failover.
In addition, we have taken many other measures to protect the user's letters from unauthorized viewing and use. In various parts of the system, various hashes, digests are generated and verified, hosts and timestamps are checked. The reference shortener has been specifically re-configured so that the identification hash is longer and has a uniform distribution, which makes it unnecessary to search for links.
Like any new feature, we launch letters in SMS quite carefully: you need to be sure that the service will not only work correctly, but also withstand the load. That is why, at first, we do not place the setting for sending SMS to a prominent place, leaving it behind the tick “Send SMS to the addressee after sending a letter” at the very bottom of the page writing the letter.
It seems to us that the flight is now normal, so in the near future a new opportunity will be advanced in the mail interface. And although we usually do not disclose our plans, today we will make an exception and show the screenshot of the SMS sending interface in the form in which millions of Yandex.Mail users will see it after it passes all the tests:
The link will open in a special mobile interface that does not require authorization. There you can read the letter and reply to it. At the same time, it does not matter at all what service the recipient's email is on. Today we will reveal some secrets about the technical details of the implementation.
It was possible to notify the recipient about the sent letter earlier, but with minor restrictions. For example, if the letter was sent not to Yandex. Mail, the SMS looked like this:
')
This was the usual notification without the ability to read the letter and respond to it. In addition, the notification was sent only after the letter was delivered to the addressee. We did this specifically in order to exclude the possibility of sms delivery before the third-party server accepts the letter. Implemented by adding encrypted service headers to the letter and checking these headers in DSN- bounce received from the receiving party. In the new version, we have redrew everything.
First, they gave access to the sent letter. The new version implies more than just a delivery receipt. Now you can tell the user that he was sent a letter, regardless of whether it is delivered to his mailbox.
This allows you to give access to the letter, even if another mail service for some reason loses the letter, or if the recipient was entered incorrectly. The letter itself, opened from SMS, looks like this:
And secondly, due to the fact that in the new version of the sender-receiver chain, the need to receive a letter by another server disappeared, we allowed ourselves to send SMS immediately after sending the letter.
Security
We devoted a lot of time and attention to the issue of security, because it can be called the most difficult in this task. Many aspects of the architecture were initially worked out, based precisely on considerations of the security of user data from any encroachment and fraud:
- When a user sends an email with an SMS notification, it is saved as sent. Based on unique data, a key is generated, encrypted using AES and wrapped for convenience in Base64 . All operations with the letter occur on this key.
- When you try to open a letter by reference from an SMS message, the time of its creation is checked. The letter is available only within two hours after sending. It seems to us that two hours is enough to read the SMS and answer it. And since the possibility of replying to a letter from a page without viewing authentication is potentially unsafe, we have limited the number of replies from it.
- In order to prevent spam from being sent, we decided not to send various meta-information (addresses, phone numbers, etc.) from the client by http-arguments. Thus, they can not be changed and send a letter to an arbitrary address.
For these purposes, a separate database is deployed - MongoDB . It is simple, lightweight, scales well and will be useful to us in the future for various tasks. The experience of learning MongoDB turned out to be interesting and useful - the freedom to manage collections and the structure of records allows programmers to be less dependent on database administrators. It speeds up the design, prototyping, development and provides an opportunity to experiment with formats and operations.
The performance of this base also makes it easy to use it for more "difficult" tasks. Load testing showed that with mixed queries and small amounts of data (100b, 3kb), the “web server -> backend -> mongoS -> DB” bundle withstands at least 6000 requests per second, and the response time is within 40 milliseconds. A multi-threaded backend implementing business logic and a pool of connections to the database are used. During testing, the base consisted of a single machine with SATA disks. Now its configuration consists of three shards, in each - a replica of three machines on SSD-drives. To use a pool of connections, a tcp balancer is raised above all MongoS, because the C ++ driver cannot connect to several machines with failover.
In addition, we have taken many other measures to protect the user's letters from unauthorized viewing and use. In various parts of the system, various hashes, digests are generated and verified, hosts and timestamps are checked. The reference shortener has been specifically re-configured so that the identification hash is longer and has a uniform distribution, which makes it unnecessary to search for links.
About future
Like any new feature, we launch letters in SMS quite carefully: you need to be sure that the service will not only work correctly, but also withstand the load. That is why, at first, we do not place the setting for sending SMS to a prominent place, leaving it behind the tick “Send SMS to the addressee after sending a letter” at the very bottom of the page writing the letter.
It seems to us that the flight is now normal, so in the near future a new opportunity will be advanced in the mail interface. And although we usually do not disclose our plans, today we will make an exception and show the screenshot of the SMS sending interface in the form in which millions of Yandex.Mail users will see it after it passes all the tests:
Source: https://habr.com/ru/post/171957/
All Articles