17 September, 2019 by Fredrik Berggren on asp.net core, Authentication

Customize header for JwtBearer in asp.net core 2.2.

So we were upgrading to asp.net core, the old system where using a custom jwt validation. Since asp.net core Authentication comes with a built in AothenticationBuilder for Jwt we decided to use that one instead (seems reasonable right?)

One thing was that the old system where not using the Authorization header and where accepting with or without Bearer first.

So we needed a way to look at the custom header for a token and forward it to asp.net Authentication. Of course there is a simple solution to this. Here it is:

services.AddAuthentication()
.AddJwtBearer(options =>
                {
                    options.Events = new JwtBearerEvents
                    {
                        OnMessageReceived = ctx =>
                        {
                            if (ctx.Request.Headers.ContainsKey("SpecialApiKey"))
                            {
                                var bearerToken = ctx.Request.Headers["SpecialApiKey"].ElementAt(0);
                                var token = bearerToken.StartsWith("Bearer ") ? bearerToken.Substring(7) : bearerToken;
                                ctx.Token = token;
                            }
                            return Task.CompletedTask;
                        }
                    };
                });

services.AddAuthentication()

.AddJwtBearer(options =>

{

options.Events = new JwtBearerEvents

{

OnMessageReceived = ctx =>

{

if (ctx.Request.Headers.ContainsKey("SpecialApiKey"))

{

var bearerToken = ctx.Request.Headers["SpecialApiKey"].ElementAt(0);

var token = bearerToken.StartsWith("Bearer ") ? bearerToken.Substring(7) : bearerToken;

ctx.Token = token;

}

return Task.CompletedTask;

}

};

});

We simply add a new callback to OnMessageReceived in the Events.

We look for a header with the name SpecialApiKey then we see if it starts with Bearer and if so we strip that part out.

That’s all. Pretty smooth right?

Until next time, have a good one.

1 July, 2018 by Fredrik Berggren on blacklists, dns, email, senderbase, senderscore

depricating current version of emailstuff api

Right now we have a free api emailstuff (see previous post) for looking up talos reputation (former senderbase), senderscore, reputation authority and blacklists. This api have been used a lot by people and companies and that’s really cool to see. What’s not so cool to see is that the users (often big companies with a lot of ips) that uses the api on a daily basis just hammer it like crazy and not folowing the rate limits. So that makes us take action, either we need to start charging a lot of money (wich we do not wan’t) so we decided to take another path.

We are going to depricate the current api and will be releasing a new one in a few weeks. The new api will be fast and i mean really fast. We are right now looking at lookup for 30 blacklists, senderbase, senderscore, reputation authority in under 100ms.

But that’s not all, we will include cyren lookups in the results also, as far as i know we will be the only api supporting this, isn’t that amazing (tv-shop i know)

So if you are interested in continuing using this service you need to send an email to emailstuff[at]dattaproffs.se and we will get you up and running.

The current api will be closed 31/7/2018.

Best regards
Fredrik Berggren

29 October, 2017 by Fredrik Berggren on email, reputation, senderscore

Api for talos reputation (previous senderbase.org), senderscore, reputation authority and blacklists.

*UPDATE*
Updated with a swagger docs page here http://emailstuff.io/api-docs/
——

So with the senderbase rdns lookup discontinued i needed a way to check it by code. Earlier i wrote a post about how to query it with c# and HttpClient that was not a very solid solution. So i created emailstuff.io a api for checking, senderbase (now talos reputation), senderscore, reputation authority and some blacklists.

For now it is not documented and a lot of features missing but it will be updated frequently next couple of weeks. Please add feature requests in the comments.

For now you can use these endpoints:

http://emailstuff.io/api/senderbase/[ipaddress] returns Bad, Neutral or Good
http://emailstuff.io/api/senderscore/[ipaddress] returns an int. -9999 = no data
http://emailstuff.io/api/reputationauthority/[ipaddress] returns an int. -9999 = no data
http://emailstuff.io/api/blacklist/[ipaddress] returns an object with the following information:

{
    "fwdReverseDnsMatch": true,
    "ptr": "mail1.mydomain.se.",
    "blacklistResult": [
        {
            "blacklist": "zen.spamhaus.org",
            "blacklist_url": "https://www.spamhaus.org/zen/",
            "listed": false,
            "ms": 36
        }]
}

{

"fwdReverseDnsMatch": true,

"ptr": "mail1.mydomain.se.",

"blacklistResult": [

{

"blacklist": "zen.spamhaus.org",

"blacklist_url": "https://www.spamhaus.org/zen/",

"listed": false,

"ms": 36

}]

}

http://emailstuff.io/api/emailinfo/[emailaddress] returns an object with the following information:

{
    "emailAddress": "fredrik@dattaproffs.se",
    "name": "fredrik",
    "domain": "dattaproffs.se",
    "isValid": true,
    "isRoleAddress": false,
    "isDisposable": false,
    "hasMx": true
}

{

"emailAddress": "fredrik@dattaproffs.se",

"name": "fredrik",

"domain": "dattaproffs.se",

"isValid": true,

"isRoleAddress": false,

"isDisposable": false,

"hasMx": true

}

These are subject to change both the endpoints and the data returned. But i will keep you posted on the blog and soon there will be a docs page for the API.

13 September, 2017 by Fredrik Berggren on create-react-native-app, react

Use correct ethernet adapter when using create react native app (CRNA)

So i stumbled over a problem when creating a new react native app with CRNA (create-react-native-app) which otherwise is amazing to get started fast with prototyping and build ios apps on your windows machine.

When you first create and run your app

create-react-native-app MyApp

cd MyApp

yarn start

create-react-native-app MyApp

cd MyApp

yarn start

You will get a QR-code to scan with the expo app on your phone. The builder will bundle the javascript on the fly and preview the app on your phone with live reloading.

One problem tho, you need to be on the same network on your phone as the builder, well that’s not really a problem but it became a problem for me because i run a lot of VMs on my machine and have VirtualBox and Hyper-V installed and running.

This gives me a lot of virtual ethernet adapters and the builder just selects the first one. That gave me some random ip like 172.115.56.77:19000 and I’m not on that network on my phone.

So how do we fix this? You need to set the interface metric on the adapter you want to be first.

After that is done you can just run yarn start again and now you will see that it’s the correct adapter.

Happy coding!

7 May, 2017 by Fredrik Berggren on Uncategorized

Public senderbase dns lookup is closed, here is how to look it up in c# using HttpClient and HtmlAgilityPack

*UPDATE*
I have created an API for all sorts of email and ip related info, read more here Api for talos reputation (previous senderbase.org), senderscore, reputation authority and blacklists.

So the answer from SenderBase is that public access to their DNS lookup (rf.senderbase.org) is closed. That’s a shame it was really handy to have a running service looking that up a few times a day.

So for now i’m using this code to look it up via HttpClient, it’s not as sufficient as DNS but it does the trick. If you are going to use this i do not recommend running it to often. According to the TOS you may not:

Exceed 1000 queries per day per IP or subnet
use any measure to circumvent this personal and non-commercial use limitation or other requirements in these Terms; or
modify, copy, distribute, transmit, display, perform, reproduce, publish, license, create derivative works from, transfer or sell the Materials or any information, software, products or features obtained from SenderBase.

And then it basically says “do not do bad stuff”.

I’m using ASP.NET Core and a fork of HtmlAgilityPack (because the official one does not have support for core yet)

I’m going to do this quick and dirty from the command line you can follow along using commandline, VS or your favorite tool.

Create a new console application

dotnet new console -n senderbaselookup

1	dotnet new console -n senderbaselookup

Add the following package in *.csproj

  <ItemGroup>
    <PackageReference Include="DevZH.HtmlAgilityPack" Version="1.4.9.4-final" />
  </ItemGroup>

</ItemGroup>

Restore packages

dotnet restore

1	dotnet restore

Replace program.cs with this

using System;
using System.Net;
using System.Net.Http;
using HtmlAgilityPack;

namespace senderbaselookup
{
    class Program
    {
        static void Main(string[] args)
        {
            var ip = args[0];
            var result = "unknown";
            try
            {
                var cookies = new CookieContainer();
                cookies.Add(new Uri("http://www.senderbase.org"), new Cookie("tos_accepted", "1330588800", "/"));

                using (var handler = new HttpClientHandler() { CookieContainer = cookies })
                using (var client = new HttpClient(handler))
                {
                    var response = client.GetStringAsync("https://www.senderbase.org/lookup/?search_string=" + ip);

                    var doc = new HtmlDocument();
                    doc.LoadHtml(response.Result);
                    var documentNode = doc.DocumentNode;
                    result = documentNode.SelectSingleNode("//table[@class='tabular info_table']//tr[4]/td[2]/div[@class='leftside']").InnerText;
                    
                }
            }
            catch
            {
                //silence is golden
            }

            System.Console.WriteLine($"SenderBase result: {result}");
            Console.ReadKey();
        }


    }
}

using System;

using System.Net;

using System.Net.Http;

using HtmlAgilityPack;

namespace senderbaselookup

{

class Program

{

static void Main(string[] args)

{

var ip = args[0];

var result = "unknown";

try

{

var cookies = new CookieContainer();

cookies.Add(new Uri("http://www.senderbase.org"), new Cookie("tos_accepted", "1330588800", "/"));

using (var handler = new HttpClientHandler() { CookieContainer = cookies })

using (var client = new HttpClient(handler))

{

var response = client.GetStringAsync("https://www.senderbase.org/lookup/?search_string=" + ip);

var doc = new HtmlDocument();

doc.LoadHtml(response.Result);

var documentNode = doc.DocumentNode;

result = documentNode.SelectSingleNode("//table[@class='tabular info_table']//tr[4]/td[2]/div[@class='leftside']").InnerText;

}

catch

{

//silence is golden

}

System.Console.WriteLine($"SenderBase result: {result}");

Console.ReadKey();

}

First we need to add the cookie telling SenderBase that we accept the TOS (you know tha one a told you about in the beginning) then we use the HttpClient to connect and read the result as a string. Last but not least we use HtmlAgilityPack to parse the document and find the reputation result we are looking for.

Build to see that everything works and then run it. The first argument is going to be the IP you wan’t to test.

dotnet build

dotnet run IPADDRESS

dotnet build

dotnet run IPADDRESS

That’s it, not as fast, easy and elegant as the DNS lookup but this will do for now. Will keep working on the dns lookup again soon.

5 May, 2017 by Fredrik Berggren on Uncategorized

c# Entity Framework 6 set transaction isolation level

I needed to set the transaction isolation level when using Entity Framework 6.x to use SET TRANSACTION ISOLATION LEVEL READ UNCOMMITTED;

Found this easy way to do it, not sure if it fits your need but it’s one way.

public partial class MyContext : DataContext
	{
		public MyContext() : base("Name=MyConnectionStringName")
		{
			Database.ExecuteSqlCommand("SET TRANSACTION ISOLATION LEVEL READ UNCOMMITTED;");
		}
         }

public partial class MyContext : DataContext

{

public MyContext() : base("Name=MyConnectionStringName")

{

Database.ExecuteSqlCommand("SET TRANSACTION ISOLATION LEVEL READ UNCOMMITTED;");

}

Just use Database.ExecuteSqlCommand in DataContext constructor.

ktnxbye

20 March, 2017 by Fredrik Berggren on dns, email

Check if your forward and reverse dns match

When sending email it’s a best practice that your sending ips reverse and forward resolutions match.

When looking up IPv4 addresses you use a special domain called in-addr.arpa so if you want to know the ptr of 8.8.4.4 just run this

nslookup -q=ptr 4.4.8.8.in-addr.arpa

//OR THIS SHORTHAND

nslookup -q=ptr 8.8.4.4

Non-authoritative answer:
4.4.8.8.in-addr.arpa    name = google-public-dns-b.google.com

nslookup -q=ptr 4.4.8.8.in-addr.arpa

//OR THIS SHORTHAND

nslookup -q=ptr 8.8.4.4

Non-authoritative answer:

4.4.8.8.in-addr.arpa name = google-public-dns-b.google.com

See the name = in the answer, that’s the PTR not to see if we have a confirmed forward and are good to go we need to see if the domains A-record match the IP we looked up. Run this

nslookup -q=a google-public-dns-b.google.com

Non-authoritative answer:
Name:    google-public-dns-b.google.com
Address:  8.8.4.4

nslookup -q=a google-public-dns-b.google.com

Non-authoritative answer:

Name: google-public-dns-b.google.com

Address: 8.8.4.4

See the Address part in the answer it matches the ip we checked PTR on. That means that they are matching.

ktnxbye!

15 March, 2017 by Fredrik Berggren on asp.net core, javascript, react

Getting started with cross platform ASP.NET Core, aspnet SpaServices, React and webpack

So i’m using visual studio and doing .net mvc web development with angular. I wanted to try out react and there is a new version of aspnet core out there so i thought what the hell i will give it i try. I will assume some knowledge of asp.net mvc, javascript and this is just a “how did i set it up” not a “i will learn you everything”.

One thing that i find confusing is the core versioning, Scott Hanselman said in the lastest standup that it isn’t really that hard if you tell it the right way. I think that MS haven’t done that really. There is Runtime, SDK and Tooling all of them in different versions. But i figured it out (just dowloaded the lastet ones and prayed) 🙂

Before i get started in how i did this you will need to know that all i wanted was to get something up and running ie bare minimum. I know there is templates in both dotnet cli and VS 2017 but i wanted to do it from scratch. The tools i will be using is Visual Studio code, dotnet cli and node with yarn as the package manager.

So let’s get started! Buckle up…

First download and install ASP.NET Core SDK 1.1
Install Node and install Yarn when you have these things installed you are ready to go.

For IDE i’m using Visual Studio Code as mentioned above, you can install that if you wan’t a really smooth experience with intellisense and so on but any text editor will do.

The first thing we need to do is create a new dotnet application, i will go with the default mvc template. Open up a command prompt and execute the following commands:

mkdir coremvcreact
cd coremvcreact
dotnet new mvc

mkdir coremvcreact

cd coremvcreact

dotnet new mvc

After that you will have a folder with these files and folders:

Then in the same command prompt we can execute these commands to see if it runs:

dotnet restore
dotnet run

1 2	dotnet restore dotnet run

If everything goes well we should be able to open http://localhost:5000 in your browser and see the default mvc biolerplate page.

Let’s go on and install some clientside packages via yarn (uses npm repository) first of init a package.json by running

yarn init

yarn init

We will be prompted with some questions i will for now just press enter until the file package.json is generated. This is what we will end up with:

{
  "name": "foldername",
  "version": "1.0.0",
  "main": "index.js",
  "license": "MIT"
}

{

"name": "foldername",

"version": "1.0.0",

"main": "index.js",

"license": "MIT"

}

Now we are going to add the dependencies and devDependencies we require to create a super basic react application, a super neat feature of Visual Studio Code is that you will get intellisense and autocomplete! in package.json sweetness. This is what the finished package.json will look like.

{
  "name": "ReactTest",
  "version": "1.0.0",
  "main": "index.js",
  "license": "MIT",
  "dependencies": {
    "react": "^15.4.2",
    "react-dom": "^15.4.2"
  },"devDependencies": {
    "aspnet-webpack": "^1.0.28",
    "aspnet-webpack-react": "^1.0.5",
    "babel": "^6.23.0",
    "babel-core": "^6.24.0",
    "babel-loader": "^6.4.0",
    "babel-preset-es2015": "^6.24.0",
    "babel-preset-react": "^6.23.0",
    "babel-preset-stage-0": "^6.22.0",
    "webpack": "^2.2.1",
    "webpack-hot-middleware": "^2.17.1"
  }
}

{

"name": "ReactTest",

"version": "1.0.0",

"main": "index.js",

"license": "MIT",

"dependencies": {

"react": "^15.4.2",

"react-dom": "^15.4.2"

},"devDependencies": {

"aspnet-webpack": "^1.0.28",

"aspnet-webpack-react": "^1.0.5",

"babel": "^6.23.0",

"babel-core": "^6.24.0",

"babel-loader": "^6.4.0",

"babel-preset-es2015": "^6.24.0",

"babel-preset-react": "^6.23.0",

"babel-preset-stage-0": "^6.22.0",

"webpack": "^2.2.1",

"webpack-hot-middleware": "^2.17.1"

}

The dependencies is just react and react-dom these are needed for react to even think about running 😉

The babel packages is for transpiling “newer” javascript to javascript that current browsers understand. webpack is for utilizing and doing the packaging of the javascript. We will later go into how that’s done with webpack.config.js

The aspnet-* packages is for running the SpaServices in development mode.

Save the file and go to the command prompt and execute

yarn

yarn

to install all the packages. we could have just run

yarn add packagename packagename <-- for dependencies

yarn add --dev packagename packagename <-- for devDependencies

yarn add packagename packagename <-- for dependencies

yarn add --dev packagename packagename <-- for devDependencies

but i prefer VS Code with autocomplete.

With ASP.NET Core back to csproj files again we are going to add the SpaServices package to the csproj file.

<ItemGroup>
    <PackageReference Include="Microsoft.AspNetCore" Version="1.1.1" />
    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="1.1.2" />
    <PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="1.1.1" />
    <PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.1.1" />
    <PackageReference Include="Microsoft.VisualStudio.Web.BrowserLink" Version="1.1.0" />
    <PackageReference Include="Microsoft.AspNetCore.SpaServices" Version="1.1.0" />
    <!-- Add the following package -->
    <PackageReference Include="Microsoft.AspNetCore.SpaServices" Version="1.1.0" />
</ItemGroup>

</ItemGroup>

The run

dotnet restore

1	dotnet restore

Now we are ready to clean up in the folders and start writing some code. Delete the following folders and files in wwwroot also remove the bower files in root.

Now we need to create these folders and files

webpack.config.js
App\index.js 
App\Components\Main.js

webpack.config.js

App\index.js

App\Components\Main.js

Open the webpack.config.js and paste the following code:

const path = require('path');
const webpack = require('webpack');
const outputDir = './wwwroot/js'

module.exports = (env) => {
    const isDevBuild = !(env && env.prod);
    return[{
    entry:{app: './App/index.js'},
    output: {
        path: path.resolve(__dirname, outputDir),
        filename: '[name].bundle.js',
        publicPath: '/js/'
    },
    module: {
        rules: [
            {
                test: /\.js/,
                exclude: /node_modules/,
                use: [{
                    loader: 'babel-loader',
                    options: { presets: [['es2015', { "modules": false }], 'react', 'stage-0'] }
                }]
            }
        ]
    },
    plugins: [
        
        new webpack.optimize.CommonsChunkPlugin({
            name: 'commons',
            filename: 'commons.js',
            minChunks: 2
        })

    ].concat(isDevBuild ? [
        // Plugins that apply in development builds only
            new webpack.SourceMapDevToolPlugin({
                filename: '[file].map', // Remove this line if you prefer inline source maps
                moduleFilenameTemplate: path.relative(outputDir, '[resourcePath]') // Point sourcemap entries to the original file locations on disk
            })
    ] : [
        // Plugins that apply in production builds only
            new webpack.optimize.UglifyJsPlugin()
    ]),
}]

}

const path = require('path');

const webpack = require('webpack');

const outputDir = './wwwroot/js'

module.exports = (env) => {

const isDevBuild = !(env && env.prod);

return[{

entry:{app: './App/index.js'},

output: {

path: path.resolve(__dirname, outputDir),

filename: '[name].bundle.js',

publicPath: '/js/'

module: {

rules: [

{

test: /\.js/,

use: [{

loader: 'babel-loader',

options: { presets: [['es2015', { "modules": false }], 'react', 'stage-0'] }

}]

}

]

plugins: [

new webpack.optimize.CommonsChunkPlugin({

filename: 'commons.js',

minChunks: 2

})

].concat(isDevBuild ? [

// Plugins that apply in development builds only

new webpack.SourceMapDevToolPlugin({

filename: '[file].map', // Remove this line if you prefer inline source maps

moduleFilenameTemplate: path.relative(outputDir, '[resourcePath]') // Point sourcemap entries to the original file locations on disk

})

] : [

// Plugins that apply in production builds only

new webpack.optimize.UglifyJsPlugin()

]),

}]

}

Most of this is just copied from the JavaScriptServices templates and it’s pretty straight forward. What’s the entry of our app ./App/index.js where should webpack output the result ./wwwroot/js and the name will be app.bundle.js

The module part is where babel comes in, we tell webpack to look for *.js files but not in the node_modules folder. Use the babel-loader and the presets defined in options.

The plugins is not bare minimum but handy the first one CommonChunksPlugin will look for parts that are included in more then 2 places and separate them to their own .js file. And if there is a dev build we also generate Source maps for the js files generated.

Because we used the mvc template when running dotnet new we get some boilerplate code we don’t need. So change these files Views\Shared\_Layout.cshtml and Views\Home\Index.cshtml to this:

<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>@ViewData["Title"] - ReactTest</title>

</head>
<body>
        @RenderBody()

    @RenderSection("Scripts", required: false)
</body>
</html>

<!DOCTYPE html>

<html>

<head>

<title>@ViewData["Title"] - ReactTest</title>

</head>

<body>

@RenderBody()

@RenderSection("Scripts", required: false)

</body>

</html>

<div id="react-app">

</div>

@section scripts{
    <script src="~/js/commons.js"></script>
    <script src="~/js/app.bundle.js"></script>
}

</div>

@section scripts{

}

Lets add code to the react js files we created earlier

App\index.js 
App\Components\Main.js

1 2	App\index.js App\Components\Main.js

import React, { Component } from 'react';
import {render} from 'react-dom'

import Main from './Components/Main'

render((
    <Main />
), document.getElementById('react-app'));

import React, { Component } from 'react';

import {render} from 'react-dom'

import Main from './Components/Main'

render((

), document.getElementById('react-app'));

import React, { Component } from 'react';

class Main extends Component {

    render() {
        return (
            <div>
                This is the Main Component
            </div>
        );
    }
}

export default Main;

import React, { Component } from 'react';

class Main extends Component {

render() {

return (

<div>

This is the Main Component

</div>

);

}

export default Main;

Now if we try to run

dotnet run

1	dotnet run

we will see this error in the console

this is because we have not packed the javascript files with webpack yet, run this (if we have wepack installed globally, if not read below)

webpack

webpack

For this to work we need to install webpack globally, i could not get this to work with yarn if you do it’s good to go but i needed to run

npm install -g webpack

1	npm install -g webpack

Then we can run dotnet run again. Tadaaaa it works we should now have this amazing react component showing in the browser

Now for the hot module reloading we need to add a few lines of code in Startup.cs

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
        {
            loggerFactory.AddConsole(Configuration.GetSection("Logging"));
            loggerFactory.AddDebug();

            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
                //**THIS IS WHAT WE NEED TO ADD
                app.UseWebpackDevMiddleware(new WebpackDevMiddlewareOptions(){
                    HotModuleReplacement = true,
                    ReactHotModuleReplacement = true
                });
                // **
            }
            else
            {
                app.UseExceptionHandler("/Home/Error");
            }

            app.UseStaticFiles();

            app.UseMvc(routes =>
            {
                routes.MapRoute(
                    name: "default",
                    template: "{controller=Home}/{action=Index}/{id?}");
            });
        }

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)

{

loggerFactory.AddConsole(Configuration.GetSection("Logging"));

loggerFactory.AddDebug();

if (env.IsDevelopment())

{

app.UseDeveloperExceptionPage();

//**THIS IS WHAT WE NEED TO ADD

app.UseWebpackDevMiddleware(new WebpackDevMiddlewareOptions(){

HotModuleReplacement = true,

ReactHotModuleReplacement = true

});

// **

}

else

{

app.UseExceptionHandler("/Home/Error");

}

app.UseStaticFiles();

app.UseMvc(routes =>

{

routes.MapRoute(

});

}

Remember to add a using at the top

using Microsoft.AspNetCore.SpaServices.Webpack;

1	using Microsoft.AspNetCore.SpaServices.Webpack;

Now delete the files in wwwroot\js and run the project again. Remeber these js-files is only there because we build them with the webpack command and we do not wan’t that. We wan’t everything to run with the following command so let’s try

dotnet run

1	dotnet run

Gah! Darn why doesn’t it work? Remember the code we put in Startup.cs for WebpackDevMiddleware it’s in a if statement to only run if the Hosting environment is in development mode and what do we see when running dotnet run?

Hosting environment: Production
Content root path: D:\folder\Reacttest
Now listening on: http://localhost:5000
Application started. Press Ctrl+C to shut down.

Hosting environment: Production

Content root path: D:\folder\Reacttest

Now listening on: http://localhost:5000

Application started. Press Ctrl+C to shut down.

That’s right t’s running in production by default. It’s an easy fix we just need to set the env to development and this is how we do it in different command promps / terminals

// PowerShell
$env:ASPNETCORE_ENVIRONMENT="Development"
// Windows cmd
set ASPNETCORE_ENVIRONMENT=Development
// *Nix
export ASPNETCORE_ENVIRONMENT="Development"

// PowerShell

$env:ASPNETCORE_ENVIRONMENT="Development"

// Windows cmd

set ASPNETCORE_ENVIRONMENT=Development

// *Nix

export ASPNETCORE_ENVIRONMENT="Development"

Run the correct one for your environment and then run again

dotnet run

1	dotnet run

If we try to change the text in Main.js and save we will see in the browser that it tries to HOT Reload but it won’t work because of

The following modules couldn't be hot updated: (Full reload needed)

1	The following modules couldn't be hot updated: (Full reload needed)

We need to accept hot reloading by changing the index.js to this

import React, { Component } from 'react';
import {render} from 'react-dom'

import Main from './Components/Main'

render((
    <Main />
), document.getElementById('react-app'));

// ADD THIS
if(module.hot){
    module.hot.accept()
}

import React, { Component } from 'react';

import {render} from 'react-dom'

import Main from './Components/Main'

render((

), document.getElementById('react-app'));

// ADD THIS

if(module.hot){

module.hot.accept()

}

Now save and do a full refresh of the browser then try to change the text in Main.js again

YIIIIHAAAA! We are live. Let’s just end here and i will get back to other stuff in a later post on how to expand on this.

Please let me know in the comments if there is better ways of doing these stuff i would appreciate it.

Code is up on github

Thanks for now

23 February, 2017 by Fredrik Berggren on dns, email, reputation

How to check Cisco Senderbase reputation from commandline

*UPDATE 2*
I have created an API for all sorts of email and ip related info, read more here Api for talos reputation (previous senderbase.org), senderscore, reputation authority and blacklists.

*UPDATE*
Since this no longer work i have created a solution in c# for now, not as “fancy” but it does the job. Go here to read the post Public senderbase dns lookup is closed, here is how to look it up in c# using HttpClient and HtmlAgilityPack

Senderbase is similar to Senderscore it is a reputation score for you IP address and/or domain you can use the website http://www.senderbase.org/ to lookup your IP. But if you just wan’t to check it from the command line this is how you do it.

First little about how the reputation is calculated.

Reputation scores in SenderBase may range from -10 to +10, reflecting the likelihood that a sending IP address is trying to send spam. Highly negative scores indicate senders who are very likely to be sending spam; highly positive scores indicate senders who are unlikely to be sending spam.

SenderBase combines multiple sources of information to determine a “reputation score” for any IP address. This information includes:

Email volume information provided by tens of thousands of organizations that regularly receive Internet email

Spam complaints received by the SpamCop service

Information on other DNS-based blacklists

This is the command to get the score if your IP is 1.2.3.4

nslookup -type=txt 4.3.2.1.rf.senderbase.org

Non-authoritative answer:
4.3.2.1.rf.senderbase.org        text = "5.5"

nslookup -type=txt 4.3.2.1.rf.senderbase.org

Non-authoritative answer:

4.3.2.1.rf.senderbase.org text = "5.5"

Here is the tricky part, if you do a lookup on the website you will get a grouped reputation Poor, Neutral and Good. So how do you know where the score you get in the dns lookup fits?

This is my findings:

Poor is between -10 and -1

Neutral is between -1 and 2

Good is between 2 and 10

If you have any other knowledge about the classification from the scoring please let me know in the comments.

22 February, 2017 by Fredrik Berggren on dns, email, telnet

How to validate email address with telnet

When collecting email addresses you will always validate it someway often the validation only consists of validating the format of the email address.

Bu what if you wan’t to know if an email address really exits without sending an actual email and ask (which is the absolute best way ofc)

Then you can use the command line with nslookup and telnet.

First thing we need to know what the domains mx-record is if there is any.

nslookup -type=mx dattaproffs.se

Non-authoritative answer:
dattaproffs.se  MX preference = 20, mail exchanger = mail2.dattaproffs.se
dattaproffs.se  MX preference = 10, mail exchanger = mail.dattaproffs.se

nslookup -type=mx dattaproffs.se

Non-authoritative answer:

dattaproffs.se MX preference = 20, mail exchanger = mail2.dattaproffs.se

dattaproffs.se MX preference = 10, mail exchanger = mail.dattaproffs.se

As you can see dattaproffs.se has two mx-records if the domain of the email you are trying to validate don’t have any mx-records you can stop right here because that domain can’t accept any emails.

If you find a mx you can go on with telnet like this:

telnet mail.dattaproffs.se 25

1	telnet mail.dattaproffs.se 25

If there is a mailserver on the other side you will get a response code 220.

220 vsp-inbound-01-02.binero.net ESMTP

1	220 vsp-inbound-01-02.binero.net ESMTP

Then you can start sending SMTP-commands:

EHLO dattaproffs.se
250-PIPELINING
250-SIZE 104857600
250-STARTTLS
250-ENHANCEDSTATUSCODES
250 8BITMIME
MAIL FROM: fredrik@dattaproffs.se
250 2.1.0 Ok
RCPT TO: fredrik@dattaproffs.se
250 2.1.5 Ok
RCPT TO: asdfasdfsadfsadgfdgdfvb@dattaproffs.se
554 5.7.1 Recipient address rejected: 5.1.1 <asdfasdfsadfsadgfdgdfvb@dattaproffs.se>: Recipient address rejected: User unknown in virtual mailbox table
QUIT
221 2.0.0 Bye

EHLO dattaproffs.se

250-PIPELINING

250-SIZE 104857600

250-STARTTLS

250-ENHANCEDSTATUSCODES

250 8BITMIME

MAIL FROM: fredrik@dattaproffs.se

250 2.1.0 Ok

RCPT TO: fredrik@dattaproffs.se

250 2.1.5 Ok

RCPT TO: asdfasdfsadfsadgfdgdfvb@dattaproffs.se

554 5.7.1 Recipient address rejected: 5.1.1 <asdfasdfsadfsadgfdgdfvb@dattaproffs.se>: Recipient address rejected: User unknown in virtual mailbox table

QUIT

221 2.0.0 Bye

The first command must be HELO yourdomain.com or EHLO yourdomain.com the difference between the two is that HELO does not respond with any information about the server which EHLO does.

Then MAIL FROM: name@yourdomain.com and you should get a 250 OK

Then RCPT TO: theemail@youwanttotest.com if you get a 250 OK here there is a pretty good guess that the email you have is correct and exists. This is not 100% proof of the email existing for example yahoo will always answer 250 OK and only after the DATA command will they tell you if the email address is ok or not. And you do not want to go there because if it exists the recipient will get your test email.

The reason why we test another recipient with RCPT TO: somejibberishxxzxnnzx@somedomain.com is to see if the mail server has catch-all configured. If you get 250 OK on your completely made up address there is a good chance that the server has catch-all and the it’s no way to know if the original email exists either.

The last command is just QUIT.

Validating email addresses with telnet