Difference between revisions of "AppSuite:OX Mail App"

Line 147: Line 147:
 
To prepare a certain Open-Xchange Middleware node to spawn permanent push listeners the following properties need to be configured in file '/opt/open-xchange/etc/mail-push.properties':
 
To prepare a certain Open-Xchange Middleware node to spawn permanent push listeners the following properties need to be configured in file '/opt/open-xchange/etc/mail-push.properties':
  
* com.openexchange.push.allowPermanentPush
+
* com.openexchange.push.allowPermanentPush<b>
 
  This is the general switch to enable/disable support for permanent listeners on a node. Thus needs to be set to "true"
 
  This is the general switch to enable/disable support for permanent listeners on a node. Thus needs to be set to "true"
* com.openexchange.push.allowedClient
+
* com.openexchange.push.allowedClient<br>
 
  Specify the comma-separated list of clients which are allowed to receive notifications about new mails, “open-xchange-mobile-api-facade*” should be added here if you plan to use for for the new OX Mail v2 apps.
 
  Specify the comma-separated list of clients which are allowed to receive notifications about new mails, “open-xchange-mobile-api-facade*” should be added here if you plan to use for for the new OX Mail v2 apps.
* com.openexchange.push.credstorage.enabled
+
* com.openexchange.push.credstorage.enabled<br>
 
  As permanent listeners are required to run without an active session, the credential storage can be used to store user credentials in installations that do not support a master authentication to the mail storage Hence, if the property com.openexchange.mail.passwordSource" (mail.properties) is not set to "global" this property is required to be set to "true"
 
  As permanent listeners are required to run without an active session, the credential storage can be used to store user credentials in installations that do not support a master authentication to the mail storage Hence, if the property com.openexchange.mail.passwordSource" (mail.properties) is not set to "global" this property is required to be set to "true"
* com.openexchange.push.credstorage.passcrypt
+
* com.openexchange.push.credstorage.passcrypt<br>
 
  This property is required if "com.openexchange.push.credstorage.enabled" is set to "true". It does specify the passphrase to use to symmetrically encrypt the stored credentials. The passphrase is required to be equal on each cluster member.
 
  This property is required if "com.openexchange.push.credstorage.enabled" is set to "true". It does specify the passphrase to use to symmetrically encrypt the stored credentials. The passphrase is required to be equal on each cluster member.
* com.openexchange.push.credstorage.rdb
+
* com.openexchange.push.credstorage.rdb<br>
 
  Once the credential storage is enabled, Open-Xchange offers two ways of storing the user-associated login/password combination. In cluster memory (default) or persisted to database. While the first way ensures that no user credentials are persisted nowhere in the Open-Xchange installation, it has the big disadvantage the stored credentials are gone once the last cluster members gets shut-down. Therefore there is also the possibility to store the credentials inside the database. Of course, no matter where the credentials are stored, they are encrypted using the value from com.openexchange.push.credstorage.passcrypt" property
 
  Once the credential storage is enabled, Open-Xchange offers two ways of storing the user-associated login/password combination. In cluster memory (default) or persisted to database. While the first way ensures that no user credentials are persisted nowhere in the Open-Xchange installation, it has the big disadvantage the stored credentials are gone once the last cluster members gets shut-down. Therefore there is also the possibility to store the credentials inside the database. Of course, no matter where the credentials are stored, they are encrypted using the value from com.openexchange.push.credstorage.passcrypt" property
  

Revision as of 09:58, 4 May 2018

OX Mail v2

The OX Mail v2 is a companion app for OX App Suite, and brings the power of OX App Suite web-based email to your customers' mobile devices. The OX Mail v2 is a native app designed specifically for Android and iOS smartphones and tablets.

With a focus on security and user-experience, OX Mail v2 serves all your email needs on the go. Most notably you can answer and process mails even when you are offline, mails are synced when you go online. For completing addresses, OX Mail v2 uses the address book of the device along with all received and sent mails. When you have deleted an email by accident, you can easily undo that. Furthermore OX Mail v2 provides a list of known features such as pushing new emails onto your device, supporting mail folders, handling attachments, showing the number of unread email, and so on.

Key Benefits

  • Quick and easy to install
  • Incoming emails are instantly displayed on the mobile device
  • User-friendly due to native design and integration
  • Available for iOS and Android mobile and tablet devices
  • Offline capable – Answer and manage your mails even when you are offline - your work will be synced once you get online again
  • Privacy features like Certificated Pinning (Android only for now), securely stored credentials, securely stored mail bodies, securely stored attachments and integration with Dovecot Anti-Abuse Shield

This app is brought to you by Open-Xchange. You can choose between using our OX-branded app as part of your OX App Suite license or to order a version that is adapted to your brand and published under your name.

Requirements

OX App Suite v7.8.4

OX App Suite is a modular platform designed for Telcos, Hosters, and other Service Providers and delivers a wide range of cloud-based services. These include email, file sharing, collaborative document editing, document management, time management, cloud storage and metrics for monitoring end-user behavior. More information can be found at https://www.open-xchange.com/portfolio/whats-new/

The OX Mail v2 app requires at least OX App Suite version 7.8.4-rev22.

Mobile API Facade

The Mobile API Facade is a server component that brings the new native mobile mail apps together with the OX App Suite. We’ve built the façade based on the technology used and proven in the OX App Suite middleware. The facade is developed in Java, utilizing the OSGIFramework. Further information can be found at: http://oxpedia.org/wiki/index.php?title=AppSuite:Mobile_API_Facade.

TLS 1.2

The communication between the OX Mail v2 app and its end points needs to be secured with TLS 1.2. Please make sure that your infrastructure is capable of handling TLS 1.2 HTTP requests without downgrading the connection.

Pricing & Availability

This email app is available for both iOS and Android and can be downloaded for free from the corresponding App Stores. Availability will be confirmed by Open-Xchange via the usual communication channels.

Please contact your Open-Xchange account manager for further information and pricing details.

OX Mail v1 Availability

In accordance with the supported platform policy, Open-Xchange will discontinue maintenance and support for OX Mail v1.0 by end of Q1 2018. Existing customers with OX Mail v1.0 in their portfolio, please contact Open-Xchange Sales or send a mail to oxmailapp@open-xchange.com for further information.

OX Mail v2 Availability

The exact date when the clients become available depends on the approval process of the respective app stores.

Migration from OX Mail v1 to OX Mail v2

There is currently no direct upgrade path for end users from the previous version of OX Mail to the latest. Upgrading to OX Mail v2

The OX Mail v2 appears as new app in the app stores. When the end user installs the new version, the old version stays untouched on the device. As both apps have the same name, it is strongly advised to deinstall the old version before installing the new verison.The user should also deinstall the previous version to prevent the display of notifications for the old app.

Migrating Data to OX Mail v2

The OX Mail v1 is an online client and does not store anything locally. Therefore all email data is stored in App Suite and is immediately available in the OX Mail v2.

One exception is the custom signature. It is stored in the App Suite but is not used by the OX Mail v2. The custom signature is therefore not lost, but also not accessible anymore.

Migrating Settings to OX Mail v2

Non of the app settings of the OX Mail v1 will be used after the upgrade.

Branding for Partners and Customers

With OX Mail v2 it is possible for customers and partners to request the addition, and change, of a variety of branding elements in the app. This includes changing colors, graphical assets and icons.

For more information about branding, the cost of this service and what can be done please message oxmailapp@open-xchange.com, or contact Open-Xchange Sales.

Download & Installation

Installation of the Clients

The OX Mail v2 is available via the different App Stores for iOS and Android:

  • OX Mail v2 in Apple App Store
  • OX Mail v2 in GooglePlay

Installation of Mobile API Facade

Installation Guide and configuration options can be found under: http://oxpedia.org/wiki/index.php?title=AppSuite:Mobile_API_Facade

= Load Balancer Setup

See http://oxpedia.org/wiki/index.php?title=AppSuite:Mobile_API_Facade#Proxy_configuration

= TLS Configuration

See http://oxpedia.org/wiki/index.php?title=AppSuite:Mobile_API_Facade#Configuration_Mobile_API_Facade

Download & Installation of Packages

OX Mail v2 is available with the following backend packages:

  • open-xchange-mobile-api-facade-push-certificates - Certificates for cloud-based push notifications
  • open-xchange-pns-mobile-api-facade - The Mobile Api Facade bundle for Push Notification Service

Installation on the server varies depending on the underlying distribution, details are available in the following chapters.

Redhat Enterprise Linux 6 or CentOS 6

Add the following repositories to your Open-Xchange yum configuration:

 [open-xchange-backend-updates]
name=Open-Xchange-backend-updates
baseurl=https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/RHEL6/
gpgkey=https://software.open-xchange.com/oxbuildkey.pub
enabled=1
gpgcheck=1
metadata_expire=0m

[open-xchange-mail] name=Open-Xchange-mail baseurl=https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/mail/stable/mail/RHEL6/ gpgkey=https://software.open-xchange.com/oxbuildkey.pub enabled=1 gpgcheck=1 metadata_expire=0m
[open-xchange-mailapp] name=Open-Xchange-mailapp baseurl=https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/mail/stable/mailapp/RHEL6/ gpgkey=https://software.open-xchange.com/oxbuildkey.pub enabled=1 gpgcheck=1 metadata_expire=0m

and run

$ yum install open-xchange-mobile-api-facade-push-certificates open-xchange-pns-mobile-api-facade

Redhat Enterprise Linux 7 or CentOS 7

Add the following repositories to your Open-Xchange yum configuration:

 [open-xchange-backend-updates]
name=Open-Xchange-backend-updates
baseurl=https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/RHEL7/
gpgkey=https://software.open-xchange.com/oxbuildkey.pub
enabled=1
gpgcheck=1
metadata_expire=0m

[open-xchange-mail] name=Open-Xchange-mail baseurl=https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/mail/stable/mail/RHEL7/ gpgkey=https://software.open-xchange.com/oxbuildkey.pub enabled=1 gpgcheck=1 metadata_expire=0m
[open-xchange-mailapp] name=Open-Xchange-mailapp baseurl=https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/mail/stable/mailapp/RHEL7/ gpgkey=https://software.open-xchange.com/oxbuildkey.pub enabled=1 gpgcheck=1 metadata_expire=0m
and run $ yum install open-xchange-mobile-api-facade-push-certificates open-xchange-pns-mobile-api-facade

Debian GNU/Linux 8.0 (Jessie)

Add the following repositories to your Open-Xchange apt configuration:

deb https://software.open-xchange.com/products/appsuite/stable/backend/updates/DebianJessie /
deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/mail/stable/mail/DebianJessie /
deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/mail/stable/mailapp/DebianJessie /
and run $ apt-get update $ apt-get install open-xchange-mobile-api-facade-push-certificates open-xchange-pns-mobile-api-facade

SUSE Linux Enterprise Server 12

$ zypper ar https://LDBUSER:LDBPASSWORD@software.open-xchange.com/products/appsuite/stable/backend/updates/SLE_12 backend-updates
$ zypper ar https://software.open-xchange.com/products/mail/stable/mail/SLE_12 mail
$ zypper ar https://software.open-xchange.com/products/mail/stable/mailapp/SLE_12 mailapp
$ zypper ref $ zypper install open-xchange-mobile-api-facade-push-certificates open-xchange-pns-mobile-api-facade

Setup and Configuration

Setup Middleware Notifications

The existing push framework of the Open-Xchange Middleware has been extended by the capability to spawn "permanent" listeners for incoming new message deliveries. Up to that point the life cycle for a listener was bound to at least one active session, which is associated with a client that is allowed to receive push notifications.

With introduction of the previously mentioned capability, listeners can be started without the need for an existent session right on the start of an Open-Xchange Middleware node. In addition those permanent listeners are spread approximately even over capable cluster members as - dependent on the underlying implementation - a listener representation may open/hold resources (socket connections) in order to receive notifications about new message deliveries.

To prepare a certain Open-Xchange Middleware node to spawn permanent push listeners the following properties need to be configured in file '/opt/open-xchange/etc/mail-push.properties':

  • com.openexchange.push.allowPermanentPush
This is the general switch to enable/disable support for permanent listeners on a node. Thus needs to be set to "true"
  • com.openexchange.push.allowedClient
Specify the comma-separated list of clients which are allowed to receive notifications about new mails, “open-xchange-mobile-api-facade*” should be added here if you plan to use for for the new OX Mail v2 apps.
  • com.openexchange.push.credstorage.enabled
As permanent listeners are required to run without an active session, the credential storage can be used to store user credentials in installations that do not support a master authentication to the mail storage Hence, if the property com.openexchange.mail.passwordSource" (mail.properties) is not set to "global" this property is required to be set to "true"
  • com.openexchange.push.credstorage.passcrypt
This property is required if "com.openexchange.push.credstorage.enabled" is set to "true". It does specify the passphrase to use to symmetrically encrypt the stored credentials. The passphrase is required to be equal on each cluster member.
  • com.openexchange.push.credstorage.rdb
Once the credential storage is enabled, Open-Xchange offers two ways of storing the user-associated login/password combination. In cluster memory (default) or persisted to database. While the first way ensures that no user credentials are persisted nowhere in the Open-Xchange installation, it has the big disadvantage the stored credentials are gone once the last cluster members gets shut-down. Therefore there is also the possibility to store the credentials inside the database. Of course, no matter where the credentials are stored, they are encrypted using the value from com.openexchange.push.credstorage.passcrypt" property







With setting the properties above the configuration on the Open-Xchange Middleware node is prepared to spawn permanent listeners.

Now an appropriate push bundle/package needs to be installed that supports spawning permanent listeners. Currently Open-Xchange ships with three implementations:

   open-xchange-push-dovecot (also requires the optional open-xchange-rest package)
   open-xchange-push-imapidle (Not recommended, therefore disabled for IMAP-IDLE by default. com.openexchange.push.imapidle.supportsPermanentListeners=false)
   open-xchange-push-mailnotify

Putting all together the following execution flow is taken to decide whether permanent listeners are spawned or not:

Ox mail push configuration 2.png

To check at any time what listeners are currently running, there is a new command-line tool "/opt/open-xchange/sbin/listpushusers" that outputs the user-id/context-id pair along-side with the information if the listener is of permanent nature or bound to an active session:

Ox mail push configuration 3.png An exemplary out put might look like: ~# /opt/open-xchange/sbin/listpushusers user=249, context=1, permanent=true user=402, context=1, permanent=true

Push Setup

The push setup requires a working OX App Suite and the Mobile API Facade.

Simply said the main purpose of the Mobile Push functionality is to register an OSGi event handler converting an incoming OSGi event with topic "com/openexchange/push" to an appropriate native push reaching the mobile device using either APN or GCM.