摘要
基于简单邮件传输协议(SMTP)通信双方的数据流分析是目前的SMTP电子邮件还原的普遍做法,在某些条件下,得不到下行数据,传统的做法就受到限制。基于SMTP上行数据分析的SMTP电子邮件还原系统利用Libpcap开发包对某一目的网络中的所有SMTP客户端发往SMTP服务器的数据包进行捕获,并对捕获的SMTP数据包进行分析,然后还原出由SMTP客户端发往SMTP服务器的所有的多用途网际邮件扩充协议(MIME)原码文件,最后调用Python的email模块对这些邮件原码进行解码,并将解码后的邮件正文和附件以及内嵌资源等进行归档管理,以便于邮件的内容审计。
Nowadays,the method for reverting SMTP E-mail based on analysis of SMTP data form both communication sides is widely applied.The thesis focuses on the implementation of a SMTP E-mail reverting system based on analysis of SMTP up-link data.Firstly,it captures all the packets sent from SMTP clients to SMTP servers in the target network with Libpcap,then by analysing the packets,restores and stores the MIME files sent from the SMTP clients to the SMTP servers,finally,by calling the Python's E-mail module,decodes the MIME(Multipurpose Internet Mail Extensions) files and archives the decoded E-mail contents,attachments and embedded resources,and this is convenient to E-mail content audit.
出处
《通信技术》
2011年第5期71-73,共3页
Communications Technology