Python
我的伺服器是否使用 SSL 加密來傳遞電子郵件?
我已經部署了一個小郵件伺服器,使用
sendmail. 我認為代理已正確配置為接受加密和不加密的傳遞請求。這是因為,使用以下 telnet 會話:usr@host:~$ nc -Cw 60 localhost 25 220 mail.mydomain.com ESMTP Sendmail 8.15.2/8.15.2/Debian-14~deb10u1; Tue, 8 Dec 2020 19:24:30 GMT; (No UCE/UBE) logging access from: localhost(OK)-localhost [127.0.0.1] EHLO localhost 250-mail.mydomain.com Hello localhost [127.0.0.1], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-EXPN 250-VERB 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-AUTH DIGEST-MD5 CRAM-MD5 250-STARTTLS 250-DELIVERBY 250 HELP MAIL FROM: postmaster@mydomain.com 250 2.1.0 postmaster@mydomain.com... Sender ok RCPT TO: myemail@hotmail.it 250 2.1.5 myemail@hotmail.it... Recipient ok DATA 354 Enter mail, end with "." on a line by itself From: postmaster@mydomain.com To: myemail@hotmail.it Subject: Sendmail test This is a test mail delivered with Sendmail. . 250 2.0.0 0B8JOUMo005314 Message accepted for delivery QUIT 221 2.0.0 mail.mydomain.com closing connection..和Python程式碼片段:
def send_mail_ssl(subject, text, receiver, sender): body = _BODY_PATTERN.format(sender=sender, receiver=receiver, subject=subject, text=text) context = ssl.create_default_context() with smtplib.SMTP_SSL('mail.mydomain.com', 465, context=context) as server: server.sendmail(sender, receiver, body) def send_mail_tls(subject, text, receiver, sender): body = _BODY_PATTERN.format(sender=sender, receiver=receiver, subject=subject, text=text) context = ssl.create_default_context() try: server = smtplib.SMTP('mail.mydomain.com', 25) server.ehlo() server.starttls(context=context) server.ehlo() server.sendmail(sender, receiver, body) except Exception as e: print(e) finally: server.quit()…電子郵件發送成功。但是,我不確定是否與目標 SMTP 節點建立了加密會話以傳遞電子郵件。我怎麼能檢查這個?
12/09 更新 由於它們已在評論中提到,我將在這裡添加一些包含在我的測試電子郵件中的標題:
Received: from AM6EUR05HT200.eop-eur05.prod.protection.outlook.com (2603:10a6:3:e3::27) by HE1PR06MB3930.eurprd06.prod.outlook.com with HTTPS via HE1PR0502CA0017.EURPRD05.PROD.OUTLOOK.COM; Tue, 8 Dec 2020 17:43:15 +0000 Received: from AM6EUR05FT016.eop-eur05.prod.protection.outlook.com (2a01:111:e400:fc11::49) by AM6EUR05HT200.eop-eur05.prod.protection.outlook.com (2a01:111:e400:fc11::294) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3632.17; Tue, 8 Dec 2020 17:43:14 +0000 Authentication-Results: spf=pass (sender IP is MYSERVERIP) smtp.mailfrom=mail.mydomain.com; live.it; dkim=none (message not signed) header.d=none;live.it; dmarc=bestguesspass action=none header.from=mail.mydomain.com;compauth=pass reason=109 Received-SPF: Pass (protection.outlook.com: domain of mail.mydomain.com designates MYSERVERIP as permitted sender) receiver=protection.outlook.com; client-ip=MYSERVERIP; helo=mail.mydomain.com; Received: from mail.mydomain.com (MYSERVERIP) by AM6EUR05FT016.mail.protection.outlook.com (10.233.240.243) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3632.17 via Frontend Transport; Tue, 8 Dec 2020 17:43:14 +0000 X-IncomingTopHeaderMarker: OriginalChecksum:A8C3955649979800BCCE5770882A4FE8994D8B0B90393756BB8AD24255EBB904;UpperCasedChecksum:DC234C8D58F32E07B6AFB42D6ABE9D17CF745F6968D869D01974CBC93315655A;SizeAsReceived:484;Count:6 Received: from mail.mydomain.com (mail.mydomain.com [MYSERVERIP]) by mail.mydomain.com (8.15.2/8.15.2/Debian-14~deb10u1) with ESMTPS id 0B8HhDPU003097 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT) for <myemail@hotmail.it>; Tue, 8 Dec 2020 17:43:14 GMT [...]
- 第一次嘗試 - 使用 telnet 會話使用經典連接到 SMTP 埠 tcp/25。沒關係,也很標準。您可以使用它,在 EHLO 之後,您可以使用 STARTTLS 切換到加密會話。但是你的 Python 被配置為使用 SMTP over SSL 所謂的 SMTPS,前段時間嘗試過,後來大部分被放棄了。它使用 tcp/465 並且從一開始就被加密。有一些缺點。
- 所以是的,您的 Python 在向您的送出伺服器發送電子郵件時使用了一種加密。但這與將電子郵件從您的送出伺服器傳輸到最終目標伺服器(直接或與另一個中繼)無關。它由所涉及的伺服器及其算法列表、設置偏好等進行協商。AFAIK SMTP MTA 之間沒有強制加密的標準。