使用 bash 发送 S/MIME 加密的 html 电子邮件
Send S/MIME encrypted html email with bash
如何通过命令行发送加密和html格式的电子邮件?
这是我目前的代码:
# Encrypt email with a certificate
openssl cms -encrypt -in "/tmp/email_to_be_sent.html" -out "/tmp/encrypted.txt" -from $SENDER -to $RECEIVER -subject "Test: Encrypted message" -des3 "/tmp/$CERT.pem"
# Send the encrypted email
cat "/tmp/encrypted.txt" | sendmail -f $SENDER $RECEIVER
生成的加密邮件/tmp/encrypted.txt如下
To: recipient@mail.com
From: sender@mail.com
Subject: Test: Encrypted message
MIME-Version: 1.0
Content-Disposition: attachment; filename="smime.p7m"
Content-Type: application/pkcs7-mime; smime-type=enveloped-data;name="smime.p7m"
Content-Transfer-Encoding: base64
MIIDjAYJKoZIhvcNAQcDoIIDfTCCA3kCAQAxggFZMIIBVQIBADA9MDcxHDAaBgNVBAoME0V1cm9wZWFu
AxAlApQsmjzCwQoonT57JetCp7DHJdHWU1bkLIZWPPBRwa2EB0ZdxOXIvtg7rJavnnbxeTghblM45Pur
A+6BDKJbWvXFyxb...
问题是,一旦进入收件人收件箱并解密,邮件就没有 html 格式,并且 html 像 <html><body></body></html> 这样的代码在邮件中仍然可读。
Stefan 的评论让我找到了解决方案。
未加密的电子邮件 /tmp/email_to_be_sent.html 在加密之前应该有一个 header 像这样:
To: recipient@mail.com
From: sender@mail.com
Subject: Test: Encrypted message
MIME-Version: 1.0
Content-Type: text/html; charset=utf-8
<html><body><p> test message </p></body></html>
请注意电子邮件 header 和 html 代码之间需要一个换行符。
S/MIME 要求对原始邮件进行 封装。这意味着原始消息是加密的,这个事实和加密类型被添加到外部消息 headers,因此客户端知道如何处理消息内容。
因此,定义原始消息格式的消息headers需要在S/MIME信封内,以便客户端在解密消息后知道它是哪种内容类型。
正确的方法是从原始消息中提取这些headers,然后将它们添加到原始消息body之前。请注意,这些 headers 必须在第一行开始,并且在这些 headers 之后,在原始消息 body 开始之前需要一个空行。
Headers 应移动到封装的消息数据中的是
- MIME-Version(可选)
- Content-Type
- Content-Transfer-Encoding
- Content-Disposition(如果存在)
"Moved"表示它们应该包含在封装的消息数据中并且从外部消息中移除headers.
剩余的headers应该留在信封邮件中。 openssl cms -encrypt 命令将根据 S/MIME 加密消息的需要添加上述 headers。
例子
原始消息
From: someone@somedomain.net
To: receipient@otherdomain.net
Subject: It's a test
MIME-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Custom-Header: Additional data
This is the message text.
Good night.
在加密前移动 headers(注意额外的空行)
From: someone@somedomain.net
To: receipient@otherdomain.net
Subject: It's a test
X-Custom-Header: Additional data
MIME-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
This is the message text.
Good night.
加密后的消息
From: someone@somedomain.net
To: receipient@otherdomain.net
Subject: It's a test
X-Custom-Header: Additional data
MIME-Version: 1.0
Content-Disposition: attachment; filename="smime.p7m"
Content-Type: application/pkcs7-mime; smime-type=enveloped-data; name="smime.p7m"
Content-Transfer-Encoding: base64
MIJ5lAYJKoZIhvcNAQcDoIJ5hTCCeYECAQAxggHZMIIB1QIBADCBvDCBtjEaMBgG
A1UEAwwRc2F2aWduYW5vIENFUlQtaTIxJTAjBgNVBAoMHHNhdmlnbmFubyBzb2Z0
d2FyZSBzb2x1dGlvbnMxHjAcBgNVBAsMFUNlcnRpZmljYXRpb24gU2VydmljZTEL
(more encrypted data removed)
如何通过命令行发送加密和html格式的电子邮件?
这是我目前的代码:
# Encrypt email with a certificate
openssl cms -encrypt -in "/tmp/email_to_be_sent.html" -out "/tmp/encrypted.txt" -from $SENDER -to $RECEIVER -subject "Test: Encrypted message" -des3 "/tmp/$CERT.pem"
# Send the encrypted email
cat "/tmp/encrypted.txt" | sendmail -f $SENDER $RECEIVER
生成的加密邮件/tmp/encrypted.txt如下
To: recipient@mail.com
From: sender@mail.com
Subject: Test: Encrypted message
MIME-Version: 1.0
Content-Disposition: attachment; filename="smime.p7m"
Content-Type: application/pkcs7-mime; smime-type=enveloped-data;name="smime.p7m"
Content-Transfer-Encoding: base64
MIIDjAYJKoZIhvcNAQcDoIIDfTCCA3kCAQAxggFZMIIBVQIBADA9MDcxHDAaBgNVBAoME0V1cm9wZWFu
AxAlApQsmjzCwQoonT57JetCp7DHJdHWU1bkLIZWPPBRwa2EB0ZdxOXIvtg7rJavnnbxeTghblM45Pur
A+6BDKJbWvXFyxb...
问题是,一旦进入收件人收件箱并解密,邮件就没有 html 格式,并且 html 像 <html><body></body></html> 这样的代码在邮件中仍然可读。
Stefan 的评论让我找到了解决方案。
未加密的电子邮件 /tmp/email_to_be_sent.html 在加密之前应该有一个 header 像这样:
To: recipient@mail.com
From: sender@mail.com
Subject: Test: Encrypted message
MIME-Version: 1.0
Content-Type: text/html; charset=utf-8
<html><body><p> test message </p></body></html>
请注意电子邮件 header 和 html 代码之间需要一个换行符。
S/MIME 要求对原始邮件进行 封装。这意味着原始消息是加密的,这个事实和加密类型被添加到外部消息 headers,因此客户端知道如何处理消息内容。
因此,定义原始消息格式的消息headers需要在S/MIME信封内,以便客户端在解密消息后知道它是哪种内容类型。
正确的方法是从原始消息中提取这些headers,然后将它们添加到原始消息body之前。请注意,这些 headers 必须在第一行开始,并且在这些 headers 之后,在原始消息 body 开始之前需要一个空行。
Headers 应移动到封装的消息数据中的是
- MIME-Version(可选)
- Content-Type
- Content-Transfer-Encoding
- Content-Disposition(如果存在)
"Moved"表示它们应该包含在封装的消息数据中并且从外部消息中移除headers.
剩余的headers应该留在信封邮件中。 openssl cms -encrypt 命令将根据 S/MIME 加密消息的需要添加上述 headers。
例子
原始消息
From: someone@somedomain.net
To: receipient@otherdomain.net
Subject: It's a test
MIME-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Custom-Header: Additional data
This is the message text.
Good night.
在加密前移动 headers(注意额外的空行)
From: someone@somedomain.net
To: receipient@otherdomain.net
Subject: It's a test
X-Custom-Header: Additional data
MIME-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
This is the message text.
Good night.
加密后的消息
From: someone@somedomain.net
To: receipient@otherdomain.net
Subject: It's a test
X-Custom-Header: Additional data
MIME-Version: 1.0
Content-Disposition: attachment; filename="smime.p7m"
Content-Type: application/pkcs7-mime; smime-type=enveloped-data; name="smime.p7m"
Content-Transfer-Encoding: base64
MIJ5lAYJKoZIhvcNAQcDoIJ5hTCCeYECAQAxggHZMIIB1QIBADCBvDCBtjEaMBgG
A1UEAwwRc2F2aWduYW5vIENFUlQtaTIxJTAjBgNVBAoMHHNhdmlnbmFubyBzb2Z0
d2FyZSBzb2x1dGlvbnMxHjAcBgNVBAsMFUNlcnRpZmljYXRpb24gU2VydmljZTEL
(more encrypted data removed)