User alias function is a simple and practical mail account camouflage technology, can be used to set up multiple virtual mailbox accounts to accept sent mail, so as to ensure that their e-mail address is not disclosed, but also can be used to receive their own mail in multiple mailboxes. Just now we have successfully sent an e-mail to the root account, and then send an e-mail to the bin account, as shown in Figure 15-14.

Figure 15-14 Sends mail to the bin account on the server

Sign in to the server after the message is sent, and then try to sign in as a bin account. S ince the bin account is a system account in the Linux system and the default Shell terminal is /sbin/nologin, the current account is not available when you log in with the bin account. However, after using the mail command on the email server, I saw that the message that was meant to be sent to the bin account had been stored in the letterbox of the root account.

[root@linuxprobe ~]# su - bin This account is currently not available. [ root@linuxprobe ~]# mail Heirloom Mail version 12.5 7/5/10. T ype ? f or help. " /var/mail/root": 4 messages 4 new U 1 [email protected] Fri Jul 10 09:58 1630/123103 ""abrt" full crash r" U 2 Anacron Wed Aug 19 17:47 17/619 "Anac" Ron job 'cron.dai' U 3 boss Sat Aug 15 19:02 118/3604 "Hello- U 4 boss Wed Aug 19 18:49 116/3231 "Hello, user Bin."

4 Message 4: From [email protected] Wed Aug 19 18:49:05 2017 Return-Path: [email protected] Original-To: [email protected] Delivered-To: [email protected] From: "boss" and [email protected] [email protected] D ate: Wed, 19 Aug 2017 18:49:05 +0800 Content-Type: multipart/alternative; b oundary="----=_NextPart_000_0006_01D0DAAF. B 9104E90" X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AdDabKrQzUHVBTgRQMaCtUs VtqfL1Q== Content-Language: zh-cn Status: R Content-Type: text/plain; c harset="gb2312" .................. O mit some of the output information... T his is a file sent to the user Bin. Q uit Held 4 messages in /var/mail/root is so weird! H ow did ming ming's email to the bin account get received by the root account? I n fact, this is achieved using user alias technology. A s you can see in the profile of the aliases mail alias service, there are a large number of user aliases defined, most of which are system accounts that are local to the Linux system, while root accounts after the colon (:) interval) are the people used to receive messages for those accounts. The user alias can be a local user within a Linux system or a completely fictitious user name.

The following command will show a lot of content, and given the space limitations, some cuts have been made here, and the actual output list will be more than twice that.

[root@linuxprobe ~]# cat /etc/aliases #

Aliases in this file will NOT be expanded in the header from

# Mail, but WILL be visible over networks or from /bin/mail.
#
# >>>>>>>>>> The program "newaliases" must be run after
# >> NOTE >> this file is updated for any changes to
# >>>>>>>>>> show through to sendmail.
#
# Basic system aliases -- these MUST be present.
mailer-daemon: postmaster
postmaster: root
# General redirections for pseudo accounts.
bin: root
daemon: root
adm: root
lp: root
sync: root
shutdown: root
halt: root
mail: root
news: root
uucp: root
operator: root
games: root
gopher: root
ftp: root
nobody: root
radiusd: root
nut: root
dbus: root
vcsa: root
canna: root
wnn: root
rpm: root
nscd: root
pcap: root
apache: root
webalizer: root
dovecot: root
fax: root
quagga: root
radvd: root
pvm: root
amandabackup: root
privoxy: root
ident: root
named: root
xfs: root
gdm: root
mailnull: root
postgres: root
sshd: root
smmsp: root
postfix: root
netdump: root
ldap: root
squid: root
ntp: root
mysql: root
desktop: root
rpcuser: root
rpc: root
nfsnobody: root
ingres: root
system: root
toor: root
manager: root
dumper: root
abuse: root
newsadm: news
newsadmin: news
usenet: news
ftpadm: ftp
ftpadmin: ftp
ftp-adm: ftp
ftp-admin: ftp
www: webmaster
webmaster: root
noc: root
security: root
hostmaster: root
info: postmaster
marketing: postmaster
sales: postmaster
support: postmaster
# trap decode to catch security attacks
decode: root
# Person who should get root's mail
#root: marc

Now you can guess what's going on. T he profile of the original aliases mail alias service is specifically designed to define the mapping of user aliases to message recipients. I n addition to using the name of the system account in the local system, we can also define some alias to receive mail. For example, create an account called xxoo, and it should be the root account that actually receives the account's mail.

[root@linuxprobe ~]# cat /etc/aliases #

Aliases in this file will NOT be expanded in the header from

# Mail, but WILL be visible over networks or from /bin/mail.
#
# >>>>>>>>>> The program "newaliases" must be run after
# >> NOTE >> this file is updated for any changes to
# >>>>>>>>>> show through to sendmail.
#
# Basic system aliases -- these MUST be present.
mailer-daemon: postmaster
postmaster: root
# General redirections for pseudo accounts.
xxoo: root
bin: root
daemon: root
adm: root
lp: root
………………省略部分输出信息………………

After you save and exit the profile of the aliases mail alias service, you need to perform the new waliases command again, which is intended to make the new user alias profile effective immediately. T hen try sending the message again, as shown in Figure 15-15:

Figure 15-15 Sends mail to the xxoo account on the server

At this point, after using the root account to execute the mail command on the server, you can see the message that was meant to be sent to the xxoo account. F inally, Mr. Liu said, user alias technology is not only widely used, but also very simple configuration. So we should remind you that in the future, do not see some websites provide a lot of customer service mailbox easily believe others, may be sent to these customer service mailbox mail will be received by the same person.

[root@linuxprobe ~]# mail Heirloom Mail version 12.5 7/5/10. T ype ? f or help. "/var/mail/root": 5 messages 1 new 4 unread U 1 [email protected] Fri Jul 10 09:58 1631/123113 ""abrt" full crash report" U 2 Anacron Wed Aug 19 17:47 18/629 "Anacron job 'cron.daily' on mail.linuxprobe.com" U 3 boss Wed Aug 19 18:44 114/2975 "hello" 4 boss Wed Aug 19 18:49 117/3242 "Hello, user Bin."

N 5 boss Wed Aug 19 19:18 115/3254 "This is a message sent to xxoo users."