从Python可执行文件安全地发送电子邮件
[英]Securely Send Email from Python Executable
问题描述
I'm working on a Python tool for wide distribution (as .exe/.app) that will email reports to the user. 
我正在使用Python工具进行广泛分发(如.exe / .app),该工具会将报告通过电子邮件发送给用户。 Currently (in testing), I'm using smtplib to build the message and send it via GMail, which requires a login() call. 目前(在测试中),我正在使用smtplib来构建消息并通过GMail发送,这需要调用login()。 However, I'm concerned as to the security of this - I know that Python binaries aren't terribly secure, and I'd rather not have the password stored as plaintext in the executable. 但是,我对此的安全性感到担心-我知道Python二进制文件并不是十分安全,我宁愿不要将密码以明文形式存储在可执行文件中。
I'm not terribly familiar with email systems, so I don't know if there's something that could securely be used by the .exe. 我对电子邮件系统不是很熟悉,所以我不知道.exe是否可以安全使用某些内容。 I suppose I could set up a mail server without authentication, but I'm concerned that it'll end up as a spam node. 我想我可以设置一个不经过身份验证的邮件服务器,但是我担心它最终将成为垃圾邮件节点。 Is there a setup that will allow me to send mail from a distributed Python .exe/.app without opening it to potential attacks? 有没有可以让我从分布式Python .exe / .app发送邮件而又不使其受到潜在攻击的设置?
1 个解决方案
解决方案1
0 2013-08-19 15:27:19
One possible solution is to create a web backend mantained by you which accepts a POST call and sends the passed message only to authorized addresses. 一种可能的解决方案是创建一个由您管理的Web后端,该后端接受POST调用并将传递的消息仅发送到授权地址。 This way you can also mantain the list of email addresses on your server. 这样,您还可以保留服务器上电子邮件地址的列表。
Look at it like an online error alerter. 像在线错误警报器一样看它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.