接收Pop / IMAP电子邮件,然后以加密方式转发到gmail


8

基本上,我有一个可以以POP3或IMAP身份访问的电子邮件帐户。我想接收所有传入的电子邮件,对它们进行加密,然后将加密的版本转发到我的gmail帐户(这样我就可以在我的手机/ gmail帐户上看到主题/通知;并可能用通行密码解密邮件-尽管这是最后一个)步骤一开始无需实施)。

我可能可以编写一个python脚本来执行此操作,但是使用适当的linux工具似乎是一种更好的方法。我已经设置了postfix(以卫星配置)来发送外发邮件。

在Linux盒子上读取POP3 / IMAP并将其转换为gpg的最简单方法是,用我的公钥加密电子邮件的正文和附件(而不是主题标头),然后将其转发给我的gmail帐户?

(记录下来,这违反了我的工作政策(部分是为了遵守美国HIPAA法),使我无法将电子邮件的未加密版本发送到手机;因为有人可能会故意(或无意间)将受保护的数据通过电子邮件发送到手机。 Work认为GPG是安全的。)


j3e.de/pgp-mime-encrypt-in-procmail.html建议使用procmail / formail的解决方案
Olivier Berger

Answers:


3

我只是看到了其他答复,并且猜测我从未写出我实际实现的解决方案。事实证明,python imaplib很简单,我编写了一个非常快速的脚本。除非进行一些更改(例如,使我的各种USERNAME,EMAILPASSWORD,WORKDOMAINNAME,MYGPGKEYID匿名)。我也不只是发送加密的邮件;但请在主题前加上发件人的用户名,并将一些标头内容放在GPG之前(以防我在手机上阅读并且无法解密的情况)。

#!/usr/bin/python

import imaplib
import email
from datetime import datetime,timedelta
import shelve
from subprocess import Popen, PIPE

def piped_call(command1, arg1_list, command2, arg2_list):
    """
    if arg1_tuple = (a10, a11, a12); arg2_tuple is (a20, a21)    
    This executes "command1 a10 a11 a12 | command2 a20 a21 a22"
    """
    if type(arg1_list) not in (list, tuple):
        arg1_list = [arg1_list,]
    if type(arg2_list) not in (list, tuple):
        arg2_list = [arg2_list,]
    p1 = Popen([command1,]+list(arg1_list), stdout=PIPE)
    p2 = Popen([command2,]+list(arg2_list), stdin=p1.stdout, stdout=PIPE)
    p1.stdout.close()
    return p2.communicate()[0]

shlf = shelve.open('/home/USERNAME/mail/mail.shlf')
# This shelf (a persistent python dictionary written to file) has as its key 
# the IMAP message ids of all emails that have been processed by this script.
# Every time the script runs, I fetch all emails from the current day
# (except from midnight to 1am, where I fetch all emails since yesterday)
# and then send all emails that haven't been sent previously 
# by checking message ids against the python shelf.

M = imaplib.IMAP4_SSL(host='imap.WORKDOMAINNAME.com', port=993)
M.login('EMAILUSERNAME', 'EMAILPASSWORD')
M.select()
dt = datetime.now() - timedelta(0,5*60*60) 
# Only search for messages since the day of an hour earlier.  
# This way messages from yesterday don't get lost at midnight; as well as limiting the number of messages to process through to just todays.    
typ, uid_data = M.uid('search', None, '(SINCE %s)' % dt.strftime('%d-%b-%Y'))

for num in uid_data[0].split():
    typ, data = M.uid('fetch', num, '(RFC822)')
    e = email.message_from_string(data[0][1])
    print 'Message %s\n%s\n' % (num, e['subject'])
    if num not in shlf:
        sender_email = e['return-path']
        for s in ('<', '>', '@WORKDOMAINNAME.com'):
            sender_email = sender_email.replace(s,'')
        subject = "%s: %s" % (sender_email, e['Subject'])
        body = ("From: %s\n"
                "To: %s\n"
                "Cc: %s\n"
                "Subject: %s\n\n" % (e['From'], e['To'], e['Cc'], e['subject']))
        payload = e.get_payload()
        if type(payload) in (list, tuple):
            payload = str(payload[0])
        else:
            payload = str(payload)
        encrypted_payload = piped_call('echo', (payload,),
                                       'gpg', ('-e', '-a', '-r', 'MYGPGKEYID'))
        body += encrypted_payload
        piped_call('echo', (body,), 
                   'mail', ['USERNAME@gmail.com', '-s', subject])
        shlf[num] = datetime.now()


M.close()
M.logout()

然后,我在crontab中添加了以下几行(上面的脚本在名为mail的目录中的名称为mail.py),因此它将在工作日的正常时间内每5分钟运行一次(MF 8-7pm),而在其他时间则不那么频繁运行。(crontab -e)

# Every 5 minutes, M-F from 8am - 7pm.    
*/5 8-19 * * 1-5  cd /home/USERNAME/mail && ./mail.py >> /home/USERNAME/mail/mail.log 2>&1
# Every 30 minutes, Sat&Sun from 8am-7pm
0,30 8-19 * * 6,7  cd /home/USERNAME/mail && ./mail.py >> /home/USERNAME/mail/mail.log 2>&1
# Every 30 minutes, M-F 8pm-2am; (no emails 2am-8am)
0,30 0-2,20-23 * * 1-5  cd /home/USERNAME/mail && ./mail.py >> /home/USERNAME/mail/mail.log 2>&1
# Every 60 minutes, Sat&Sun hours 8pm-2am; (no emails 2am-8am)
0 0-2,20-23 * * 6-7  cd /home/USERNAME/mail && ./mail.py >> /home/USERNAME/mail/mail.log 2>&1

1

1
您能否提供有关如何设置fetchmail来完成所有这些操作的某种解释?
Michael Mrozek

我认为这样做不会成功。似乎可以很轻松地获取和转发邮件,但是我看不到如何在转发之前插入GPG加密步骤。如果我错了,请纠正我。
jimbob博士2011年

嘿jimbob博士,我假设一旦您在本地收到邮件,便会使用postfix安装将其通过gpg传递/挂接并转发结果。您的脚本可以解决问题,但是在您的问题中,您提到要使用Linux上的工具。很高兴您解决了!
rjp 2011年

1

我也需要转发加密的root邮件,并在这里总结我的发现:http : //www-public.it-sudparis.eu/~berger_o/weblog/2006/01/20/secure-forwarding-of- roots-mail-through-gpg /

也许这也可以解决您的需求。


+1谢谢;尽管我可能会继续解决问题。
jimbob博士2012年

我在博客文章中提到的脚本已从Web上消失,但是archive.org似乎具有这些脚本的副本。有关详细信息,请参见web.archive.org/web/20100504140526/http://linux.oregpreshaz.hu/…–
Olivier Berger
By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.