阅读(2537) (7)

15.3 设置用户别名邮箱

2019-05-14 11:52:43 更新

用户别名功能是一项简单实用的邮件账户伪装技术,可以用来设置多个虚拟信箱的账户以接受发送的邮件,从而保证自身的邮件地址不被泄露,还可以用来接收自己的多个信箱中的邮件。刚才我们已经顺利地向root账户送了邮件,下面再向bin账户发送一封邮件,如图15-14所示。

图15-14 向服务器上的bin账户发送邮件

在邮件发送后登录到服务器,然后尝试以bin账户的身份登录。由于bin账户在Linux系统中是系统账户,默认的Shell终端是/sbin/nologin,因此在以bin账户登录时,系统会提示当前账户不可用。但是,在电子邮件服务器上使用mail命令后,却看到这封原本要发送给bin账户的邮件已经被存放到了root账户的信箱中。

    [root@linuxprobe ~]# su - bin 
    This account is currently not available. 
    [root@linuxprobe ~]# mail
    Heirloom Mail version 12.5 7/5/10. 
    Type ? for help. 
    "/var/mail/root": 4 messages 4 new > 
    U 1 user@localhost.com Fri Jul 10 09:58 1630/123103 "[abrt] full crash r" 
    U 2 Anacron Wed Aug 19 17:47 17/619 "Anacron job 'cron.dai" 
    U 3 boss Sat Aug 15 19:02 118/3604 "Hello~" U 
    4 boss Wed Aug 19 18:49 116/3231 "你好,用户Bin。" 
    &> 4 
    Message 4: 
    From boss@linuxprobe.com Wed Aug 19 18:49:05 2017 
    Return-Path: <boss@linuxprobe.com> 
    X-Original-To: bin@linuxprobe.com 
    Delivered-To: bin@linuxprobe.com 
    From: "boss" <boss@linuxprobe.com> 
    To: <bin@linuxprobe.com>
    Subject: 你好,用户Bin。 
    Date: Wed, 19 Aug 2017 18:49:05 +0800 
    Content-Type: multipart/alternative; boundary="----=_NextPart_000_0006_01D0DAAF.
    B9104E90" 
    X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AdDabKrQzUHVBTgRQMaCtUs
    VtqfL1Q== Content-Language: zh-cn Status: R Content-Type: text/plain; charset="gb2312"
    ………………省略部分输出信息………………
    这是一封发给用户Bin的文件。
    &> quit
    Held 4 messages in /var/mail/root

太奇怪了!明明发送给bin账户的邮件怎么会被root账户收到了呢?其实,这就是使用用户别名技术来实现的。在aliases邮件别名服务的配置文件中可以看到,里面定义了大量的用户别名,这些用户别名大多数是Linux系统本地的系统账户,而在冒号(:)间隔符后面的root账户则是用来接收这些账户邮件的人。用户别名可以是Linux系统内的本地用户,也可以是完全虚构的用户名字。

下述命令会显示大量的内容,考虑到篇幅限制,这里已经做了部分删减,其实际的输出名单将是这里的两倍多。

    [root@linuxprobe ~]# cat /etc/aliases
    #
    # Aliases in this file will NOT be expanded in the header from
    # Mail, but WILL be visible over networks or from /bin/mail.
    #
    # >>>>>>>>>> The program "newaliases" must be run after
    # >> NOTE >> this file is updated for any changes to
    # >>>>>>>>>> show through to sendmail.
    #
    # Basic system aliases -- these MUST be present.
    mailer-daemon: postmaster
    postmaster: root
    # General redirections for pseudo accounts.
    bin: root
    daemon: root
    adm: root
    lp: root
    sync: root
    shutdown: root
    halt: root
    mail: root
    news: root
    uucp: root
    operator: root
    games: root
    gopher: root
    ftp: root
    nobody: root
    radiusd: root
    nut: root
    dbus: root
    vcsa: root
    canna: root
    wnn: root
    rpm: root
    nscd: root
    pcap: root
    apache: root
    webalizer: root
    dovecot: root
    fax: root
    quagga: root
    radvd: root
    pvm: root
    amandabackup: root
    privoxy: root
    ident: root
    named: root
    xfs: root
    gdm: root
    mailnull: root
    postgres: root
    sshd: root
    smmsp: root
    postfix: root
    netdump: root
    ldap: root
    squid: root
    ntp: root
    mysql: root
    desktop: root
    rpcuser: root
    rpc: root
    nfsnobody: root
    ingres: root
    system: root
    toor: root
    manager: root
    dumper: root
    abuse: root
    newsadm: news
    newsadmin: news
    usenet: news
    ftpadm: ftp
    ftpadmin: ftp
    ftp-adm: ftp
    ftp-admin: ftp
    www: webmaster
    webmaster: root
    noc: root
    security: root
    hostmaster: root
    info: postmaster
    marketing: postmaster
    sales: postmaster
    support: postmaster
    # trap decode to catch security attacks
    decode: root
    # Person who should get root's mail
    #root: marc

现在大家能猜出是怎么一回事了吧。原来aliases邮件别名服务的配置文件是专门用来定义用户别名与邮件接收人的映射。除了使用本地系统中系统账户的名称外,我们还可以自行定义一些别名来接收邮件。例如,创建一个名为xxoo的账户,而真正接收该账户邮件的应该是root账户。

    [root@linuxprobe ~]# cat /etc/aliases
    #
    # Aliases in this file will NOT be expanded in the header from
    # Mail, but WILL be visible over networks or from /bin/mail.
    #
    # >>>>>>>>>> The program "newaliases" must be run after
    # >> NOTE >> this file is updated for any changes to
    # >>>>>>>>>> show through to sendmail.
    #
    # Basic system aliases -- these MUST be present.
    mailer-daemon: postmaster
    postmaster: root
    # General redirections for pseudo accounts.
    xxoo: root
    bin: root
    daemon: root
    adm: root
    lp: root
    ………………省略部分输出信息………………

保存并退出aliases邮件别名服务的配置文件后,需要再执行一下newaliases命令,其目的是让新的用户别名配置文件立即生效。然后再次尝试发送邮件,如图15-15所示:

图15-15 向服务器上的xxoo账户发送邮件

这时,使用root账户在服务器上执行mail命令后,就能看到这封原本要发送给xxoo账户的邮件了。最后,刘遄老师再啰嗦一句,用户别名技术不仅应用广泛,而且配置也很简单。所以更要提醒大家的是,今后千万不要看到有些网站上提供了很多客服信箱就轻易相信别人,没准发往这些客服信箱的邮件会被同一个人收到。

    [root@linuxprobe ~]# mail
    Heirloom Mail version 12.5 7/5/10. Type ? for help.
    "/var/mail/root": 5 messages 1 new 4 unread
    U 1 user@localhost.com Fri Jul 10 09:58 1631/123113 "[abrt] full crash report"
    U 2 Anacron Wed Aug 19 17:47 18/629 "Anacron job 'cron.daily' on mail.linuxprobe.com"
    U 3 boss Wed Aug 19 18:44 114/2975 "hello"
    4 boss Wed Aug 19 18:49 117/3242 "你好,用户Bin。"
    >N 5 boss Wed Aug 19 19:18 115/3254 "这是一封发送给xxoo用户的邮件。"