There are 2 parts here, I have an issue with SMTP sending anonymously and I have a question about the SQL Connection MDF vs OWIN series regarding security.
First part: I am working on a website where I have finished with register and I need to work on a email verification.
I know this may be a duplicated topic, but I've been going through the similar topics and tried a lot of solutions and no luck.
I am trying to send a NoReply anonymous email to any users with a verification code, and the main issue is that I cannot send the anonymous SMTP email. I can't use gmail or anything like that. My site is called eOfferList and the email should be like "NoReply@eOfferList.com" which is why I called it anonymous.
The error I've been getting is "Failure sending email" which isn't coherent since I don't know what exactly is causing that error. I've tried many different ways such as with/without credentials and did as much research as I could, but no luck:
My code:
MailMessage mail = new MailMessage("NoReply@eOfferList.com", email);
SmtpClient client = new SmtpClient();
mail.IsBodyHtml = true;
mail.Subject = "EOfferList Registration verify";
mail.Body = "Thank you for registering to eOfferList.com. Please click in the link below to verify your account\n";
client.UseDefaultCredentials = false;
client.Port = 465;
client.EnableSsl = true;
client.Host = "mail.eOfferList.com";
client.DeliveryMethod = SmtpDeliveryMethod.Network;
client.Send(mail);
Even I've tried to change SSL and port, still no luck. So, anything I can do to send the anonymous email? Or what do you guys at least recommend?
PS: If I have to use OWIN, then I'll have to rebuild my whole project which leads me to another week of work and to the second part of this topic.
Second part: I wonder what is the security difference between OWIN and using Model/SQL server database.
Basically I am using this code to start the SQL connections:
using (eOfferListDBEntities eDb = new eOfferListDBEntities())
{
using(SqlConnection con = new SqlConnection(eDb.Database.Connection.ConnectionString))
{
//Code goes here
}
}
I don't know how to use OWIN yet, so I am now using Entity Model/SQL server database and I parameterize all of my data and hashed any of my important info.
I am wondering what is/isn't secure about Model/SQL with parameters/hash and about OWIN, because I want to decide whether or not I should rebuild my whole project and start using OWIN.
The only main thing I am worried about is having hackers access to any of SQL data. I mean IF what I'm doing now is secured enough to not let hackers get any of information from my database, then I won't have to rebuild my project.
What do you guys recommend about database security, should I leave it as is or should I rebuild and start using OWIN?
Aucun commentaire:
Enregistrer un commentaire