电子邮件转发像Craigslist - Rails [英] Email Forwarding like Craigslist - Rails
问题描述
我正在尝试使用craigslist的匿名电子邮件,但是使用Rails也是便宜的。对我来说,重要的是可以在电子邮件中添加标题,这就是为什么基本的电子邮件转发不起作用。
I'm trying to do what craigslist's anonymous email does, but with Rails, also on the cheap. It is important for me to be able to add a header to the email, which is why basic email forwarding doesn't work.
我想到的一种方式是SMTP服务器,每当我通过POP / IMAP阅读电子邮件时,我都会发送一封电子邮件给电子邮件的真实收件人,并附上适当的FROM地址并添加到标题中。这是有效的,但是SMTP服务器的成本相对较高。
One way I thought of was a SMTP server, whenever I read email via POP/IMAP, I then send an email to the true recipient of the email, with a proper FROM address and add in the header. This works, but a SMTP server is relatively costly.
另一种方法是转发/重定向电子邮件,但是在其中添加标题。我不能找到任何服务或宝石来做到这一点。
The other way is to forward/redirect the email, but add in the header in between. I can't find any services or gems to do this though.
请不要只说电子邮件管道,因为所有这些都意味着将电子邮件发送给您Rails程序,你有电子邮件后做什么?
Please don't just say "Email Piping" because all that really means is feeding the email to your Rails program, what do you do after you have the email? How do you actually forward it.
任何想法?
推荐答案
您将需要使用带有MX服务器的域的电子邮件地址,您的sysadmin具有控制权。这可能是您的主域名的子域。那么你做什么,你配置的MTA软件(Exim,Postfix ...希望不是qMail!)把这个电子邮件传递给Rails:
You'll need an email address using a domain with a MX server your sysadmin has control of. This could be a subdomain of your primary domain. Then what you do, is you configure the MTA software (Exim, Postfix... hopefully not qMail!) to pipe that email to Rails:
http://guides.rubyonrails.org/action_mailer_basics.html#receiving-emails
如果MTA未安装在与rails应用程序本身相同的服务器上,则必须将电子邮件管道传送到一个特殊的转发器脚本,该脚本会将邮件发送到您的应用程序,然后手动将其传递给您的邮件程序。
If the MTA is not installed on the same server as the rails application itself, you'll have to pipe the email to a little ad-hoc forwarder script that does something along the line of POSTing the email to your app, where you then manually pass that to your mailer.
在邮件程序中,您可以访问所有标题,正文和附件等。该主题或回复地址,您可以决定哪个邮件程序实例化将邮件转发到其预期的收件人。
In your mailer, you have access to all the headers, body, attachments etc. Provided you put some unique identifiers in the subject, or the Reply-To address, you can make the decision about which Mailer to instantiate to forward the mail onto its intended recipient.
我们还没有这样做但是,由于同样的原因,我们将要做到这一点。如果您不熟悉配置MTA,可能会有点头疼。你有一个系统管理员你可以登陆这个任务吗?
We haven't done this yet, but we're going to be doing it for the same reasons. It may be a little over your head if you're not familiar with configuring an MTA however. Do you have a sysadmin you can land this task on?
在代码级别,我会这样做:
At the code level, I'd be doing this:
- 用户A(id = 1234)发送电子邮件给用户B(id = 5678)
-
发送电子邮件从任何你想要的地址,但你设置
Reply-To:到像回复到:< mail-1234-5678-abcdefabcd1234567890abcdefabcdef @ usermessages.your-domain.com>
这是这个工作的绝对关键。它包括发件人的ID,收件人的ID以及防止伪造的校验和。校验和可以从每个用户唯一的盐生成,只需简单地:
This is absolutely key to this working. It includes the ID of the sender, the ID of the recipient, and a checksum to prevent forgery. The checksum can be generated from a salt unique to each user, and is simply:
checksum = Digest :: MD5.hexdigest(#{ sender.id} - #{recipient.id} - #{sender.mailer_salt})
通过您为usermessages.your-domain.com域配置的MX进行回复,您首先要通过解析 To来识别发件人和收件人:领域。您可以通过 split 来清除发件人和收件人的身份。然后,您可以生成校验和并确保它匹配,以确保有人不会恶意地发送邮件,就像从另一个用户那样发送邮件。
Now when you receive a reply via the MX you have configured for your "usermessages.your-domain.com" domain, the first thing you do is identify the sender and the recipient by parsing the To: field. You can easily identify who the sender and recipient are by split'ing out the parts. You can then generate a checksum and make sure it matches, to ensure somebody isn't trying to maliciously send mail as if it's from another user.
一旦你已经弄明白了所涉及的用户,继续发送另一封电子邮件,其中一个特殊的回复:标题(ID相反,使用一个不同的盐,显然)。
Once you have figured out the users involved, go ahead and send another e-mail, with one of these special Reply-To: headers (with the ID's reversed and the digest done using a different salt, obviously).
这是一个非常简单但功能完整的例子。你可以把这个摘要放在任何你想要的地方,只要它在回复回来时会被保留(这使得 Reply-To:标题很适合,有些服务使用主题行代替。
This is a very rudimentary, but perfectly functional example. You can put this digest anywhere you want, provided it will be preserved when the reply comes back (which makes the Reply-To: header a good fit. Some services use the subject line instead.
我会避免使盐被用户控制,例如用户的密码哈希,因为如果用户更改了该信息(更改其密码),则校验和将不再验证。
I would avoid making the salt something user-controlled, such as the user's password hash, since if the user changes that information (changes their password), the checksum will no longer validate.
这篇关于电子邮件转发像Craigslist - Rails的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
