1 基础知识
1.1 邮件的基本概念
1.1.1 邮件的基本概念
– MUA即Mail User Agent,接受用户指令并将邮件传送至邮件传输代理
– MTA即Mail Transfer Agent,接收用户邮件并缓存队列中直至通过网络找到并投递给目标邮件传输代理
– MDA即Mail Deliver Agent,从本地邮件传输代理取得邮件并投递给本地最终用户
– MRA即Mail Receive Agent,接受邮件用户代理的邮件接收请求,通常支持IMAP或POP3协议
邮件角色实例详细如下,
– MUA的实例,如outlook express、foxmail属于邮件用户代理
– MTA的实例,如sendmail、postfix属于邮件传输代理
– MDA的实例,如procmail、dropmail属于邮件投递代理
– MRA的实例,如dovecot属于邮件接收代理
1.1.2 MTA的forward文件介绍
– 邮件转发信息文件通过路径“$HOME/.forward”创建
– 邮件转发信息文件如被MTA检测到则执行里面的转发规则
– 邮件转发信息文件每个命令扩展都需要单独占据一行
– 邮件转发信息文件每个命令扩展值不允许包含(:include:)定义
– 邮件转发信息文件基于文件所有者的用户ID下执行命令扩展
– 邮件转发信息文件权限如果出现组或全局可写或不属于用户则拒绝命令扩展
– 邮件转发信息文件所在的文件夹如果出现组可写则拒绝命令扩展
– 邮件转发信息文件直接编辑可能导致执行失败,建议使用mv等方式覆盖写入
– 邮件转发信息文件的配置范例,
vim ~/.forward
加入如下配置,
will@cmdschool.org
注:用户收到的邮件转发到“will@cmdschool.org”
1.2 Procmail
1.2.1 Procmail的介绍
– Procmail是一个邮件处理工具
– Procmail是MDA具体实现应用程序
– Procmail工具是作为标准输入流(stdin)的邮件处理工具
1.2.2 Procmail的功能
– Procmail支持根据发件人、主题、邮件长度的关键字等对邮件进行过滤、排序和存储
– Procmail支持在邮件客户端(Mutt、nmh)和邮件服务器(Sendmail、Postfix)
– Procmail支持过滤垃圾邮件、检查病毒、发送自动恢复等功能
1.2.3 Procmail的工作原理
– MTA(如sendmail)收到某一封邮件触发以下转发流程
– MTA检查“$HOME/.forward”文件的转发规则并执行,改邮件如匹配到则不执行“procmailrc”文件
– MTA在“forward”中没有找到改邮件匹配的规则,则加载“$HOME/.procmailrc”中定义的转发规则
– MTA根据“$HOME/.procmailrc”中INCLUDERC定义规则(*.rc)文件执行改邮件转发操作
– MTA在“*.rc”中没有找到改邮件匹配的规则,则改邮件默认转到变量“$DEFAULT”的定义默认路径
注:其实“forward”文件也支持直接调用“Procmail”
1.3 procmailrc文件
1.3.1 procmailrc文件简介
– procmailrc文件用于声明Procmail的转发规则或变量定义
– procmailrc文件支持混合声明环境变量和邮件转发规则
1.3.2 procmailrc定义说明
– procmailrc文件需要根据语法声明符合“egrep”匹配格式的条件
– procmailrc文件需要根据语法声明匹配成功后的操作(转发路径)
– procmailrc文件如执行完没有匹配的转发规则,则邮件送至变量“$DEFAULT”定义的路径存放
注:详细定义将在实践中详细介绍
2 最佳实践
2.1 环境配置
2.1.1 配置Sendmail环境
2.1.2 确认邮件收发正常
In mail01,
su - will echo 'it is only a test' | mail -s "test eamil" will@mail02.cmdschool.org
以上使用mail命令发送一封特使邮件给“ will@mail02.cmdschool.org”,然后到目标服务器使用同样的命查看,
In mail02,
su - will mail
如果看到如下信息,则邮件能正常收到,
Heirloom Mail version 12.5 7/5/10. Type ? for help. "/var/spool/mail/will": 1 message 1 new >N 1 will@mail01.cmdscho. Mon Jul 11 15:04 25/1099 "test eamil" &
更进一步地,你可以使用如下命令查看收件箱的邮件内容,
cat /var/spool/mail/will
可见如下邮件内容,
From will@mail01.cmdschool.org Mon Jul 11 15:04:46 2022 Return-Path: Received: from mail01.cmdschool.org (mail01.cmdschool.org [10.168.0.125]) by mail02.cmdschool.org (8.15.2/8.15.2) with ESMTPS id 26B74k2v006161 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT) for ; Mon, 11 Jul 2022 15:04:46 +0800 Received: from mail01.cmdschool.org (localhost [127.0.0.1]) by mail01.cmdschool.org (8.15.2/8.15.2) with ESMTPS id 26B74kCB005603 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT) for ; Mon, 11 Jul 2022 15:04:46 +0800 Received: (from will@localhost) by mail01.cmdschool.org (8.15.2/8.15.2/Submit) id 26B74kTd005602 for will@mail02.cmdschool.org; Mon, 11 Jul 2022 15:04:46 +0800 From: will@mail01.cmdschool.org Message-Id: Date: Mon, 11 Jul 2022 15:04:46 +0800 To: will@mail02.cmdschool.org Subject: test eamil User-Agent: Heirloom mailx 12.5 7/5/10 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit it is only a test You have mail in /var/spool/mail/will
需要注意的是,发件人(From)是“will@mail01.cmdschool.org”
2.2 安装Procmail
In mail02,
dnf install -y procmail
安装完毕后,可以使用如下命令查看安装的版本,
procmail -v
可见如下提示,
procmail v3.22 2001/09/10 Copyright (c) 1990-2001, Stephen R. van den Berg Copyright (c) 1997-2001, Philip A. Guenther Submit questions/answers to the procmail-related mailinglist by sending to: And of course, subscription and information requests for this list to: Locking strategies: dotlocking, fcntl() Default rcfile: $HOME/.procmailrc It may be writable by your primary group Your system mailbox: /var/spool/mail/root
2.3 配置Procmail
2.3.1 切换邮件用户
su - will
2.3.2 创建procmailrc文件
vim ~/.procmailrc
加入如下配置,
VERBOSE=off MAILDIR=/var/spool/mail/$LOGNAME DEFAULT=$HOME/.mail/inbox LOGFILE=$HOME/.procmail/log INCLUDERC=$HOME/.procmail/general.rc # INCLUDERC=$PMDIR/other.rc # # add as many INCLUDERC's as you like # # end of .procmailrc
参数的意义如下,
– 变量“MAILDIR”声明MTA(即sendmail)的收件箱
– 变量“DEFAULT”声明找不到符合的处理规则的邮件存放的路径
– 变量“LOGFILE”声明转发后输出的日志记录文件路径
– 变量“INCLUDERC”声明引入的转发规则的路径(可定义一个以上)
根据配置的定义,我们需要手动创建如下目录和文件,
mkdir -p $HOME/.procmail $HOME/.mail touch $HOME/.procmail/log $HOME/.mail/inbox chmod 660 $HOME/.mail/inbox
根据上面的“INCLUDERC”配置,我们使用如下命令创建匹配规则,
vim ~/.procmail/general.rc
加入如下配置,
:0 * ^From.*will@mail01\.cmdschool.org\.org $HOME/.mail/elflord
参数的意义是,
– 表达式“:0”声明匹配规则的开始
– 表达式“* ”声明匹配的表达式(符合“egrep的匹配规则”)
– 表达式“$HOME/.mail/elflord”声明匹配成功后的操作(转发路径)
以上第二行的表达式可以使用如下命令验证,
cat /var/spool/mail/will | egrep ^From.*will@mail01\.cmdschool.org\.org
如果可以匹配到如下内容,则表达式能匹配成功,无内容则没有匹配到,请修改合适的表达式,
From will@mail01.cmdschool.org Mon Jul 11 15:04:46 2022 From: will@mail.cmdschool.org
根据配置的定义,我们需要手动创建如下目录和文件,
touch $HOME/.mail/elflord chmod 660 $HOME/.mail/elflord
2.3.3 测试procmail的转发规则
su - will tail -f $HOME/.procmail/log
使用以上监视日志命令后,我们使用如下命令将邮件内容变为输出流后通过管道交给“procmail”处理,
cat /var/spool/mail/will | /usr/bin/procmail
此时,监视的日志可见弹出如下消息,
From root@mail01.cmdschool.org Mon Jul 11 15:04:46 2022 Subject: test eamil Folder: /home/will/.mail/elflord 1099
根据配置,符合条件的邮件应转发到“$HOME/.mail/inbox”,你可以使用如下命令查看,
cat $HOME/.mail/elflord
可见如下转发的邮件,
From will@mail01.cmdschool.org Mon Jul 11 15:04:46 2022 Return-Path: Received: from mail01.cmdschool.org (mail01.cmdschool.org [10.168.0.125]) by mail02.cmdschool.org (8.15.2/8.15.2) with ESMTPS id 26B74k2v006161 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT) for ; Mon, 11 Jul 2022 15:04:46 +0800 Received: from mail01.cmdschool.org (localhost [127.0.0.1]) by mail01.cmdschool.org (8.15.2/8.15.2) with ESMTPS id 26B74kCB005603 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT) for ; Mon, 11 Jul 2022 15:04:46 +0800 Received: (from will@localhost) by mail01.cmdschool.org (8.15.2/8.15.2/Submit) id 26B74kTd005602 for will@mail02.cmdschool.org; Mon, 11 Jul 2022 15:04:46 +0800 From: will@mail01.cmdschool.org Message-Id: Date: Mon, 11 Jul 2022 15:04:46 +0800 To: will@mail02.cmdschool.org Subject: test eamil User-Agent: Heirloom mailx 12.5 7/5/10 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit it is only a test
2.3.4 测试邮件转发规则
In mail02,
su - will cat /dev/null > $HOME/.procmail/log cat /dev/null > /var/spool/mail/will cat /dev/null > $HOME/.mail/inbox cat /dev/null > $HOME/.mail/elflord
以上命令用于正式测试前清空之前的调试数据,然后使用如下命令从新发送测试邮件,
In mail01,
su - will echo 'it is only a test' | mail -s "test eamil" will@mail02.cmdschool.org
然后使用如下命令查询邮件转发的结果,
su - will cat $HOME/.mail/elflord cat $HOME/.procmail/log cat $HOME/.mail/inbox cat /var/spool/mail/will
正确的结果应该是,
– 命令1能读到刚才发送的测试邮件
– 命令2能读到邮件转发的日志
– 命令3读不到刚才转发的邮件
– 命令4读不到刚才转发的邮件
参阅文档
=========================
介绍资料
—————–
https://porkmail.org/era/procmail/mini-faq
https://wiki.archlinux.org/title/Procmail
https://linux.die.net/man/1/procmail
邮件过滤的解决方案
———————–
http://www.ii.com/internet/robots/
forward的使用与范例
——————–
https://man7.org/linux/man-pages/man5/forward.5.html
https://www.systutorials.com/docs/linux/man/5-forward/
https://kb.iu.edu/d/ablm
procmailrc的使用与范例
——————–
https://linux.die.net/man/5/procmailrc
procmail的配置范例
——————-
https://www.panix.com/~elflord/unix/procmail.html
没有评论