使用Ews API去刪除郵件內容中包含特定關鍵字的郵件
1 說明
通過EWS API去刪除郵件中包含特定關鍵字方法,比傳統的Search-Mailbox去刪除特定郵件的方法更有效。EWS去查找郵箱項目一次可以返回1000個對象(可以通過策略解除限制),而Search-mailbox一次檢索只能返回250個對象。並且Search-mailbox查詢無法精確匹配,有時候會將篩選條件無關的內容查詢出來。
EWS API可以在非Exchange上的任何服務器上執行,而Search-Mailbox命令只能在安裝了Exchange Powershell工具的加域計算機上執行。如下測試為Exchange 2013環境,如果是Exchange 2016可以下載EWS manged ap1 2.2。
首先通過如下地址下載Exchange EWS managed API。
下載並安裝EWS Managed API:
https://www.microsoft.com/en-us/download/details.aspx?id=35371
3 安裝EWS manged API
安裝EWS managed API過程簡單,在此不多說。
4 權限分配
直接Powershell腳本去調用EWS,需要執行腳本賬號具備ApplicationImpersonation角色權限,所以首先需要為當前執行賬號添加ApplicationImpersonation角色權限。
在Exchange服務器上使用Exchange Powershell執行如下命令創建角色組,並為用戶分配權限。
5 腳本文件內容
腳本分為兩個部分,第一部分為主要執行刪除郵件功能的腳本。腳本內容如下:
可以將如下內容另存為ews_body.ps1。
====================腳本開始===========================
param( $Mailbox, $userName=$cred.UserName, $password=$cred.GetNetworkCredential().password, [string]$body ) # Remember to install the EWS managed API from here: # http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=c3342fb3-fbcc-4127-becf-872c746840e1 # https://www.microsoft.com/en-us/download/details.aspx?id=35371 # Then point the following command to the location of the DLL: #設置Exchange服務器的EWs URL. $uri=[system.URI] "https://mail.contoso.com/ews/exchange.asmx" $dllpath = "C:\Program Files\Microsoft\Exchange\Web Services\2.0\Microsoft.Exchange.WebServices.dll" Import-Module $dllpath # Set Exchange Version and connect to Exchange Server $exchService = new-object Microsoft.Exchange.WebServices.Data.ExchangeService([Microsoft.Exchange.WebServices.Data.ExchangeVersion]::Exchange2013_CU21) $ExchangeVersion = [Microsoft.Exchange.WebServices.Data.ExchangeVersion]::Exchange2013_CU21 $service = New-Object Microsoft.Exchange.WebServices.Data.ExchangeService($ExchangeVersion) $service.Credentials = New-Object Microsoft.Exchange.WebServices.Data.WebCredentials -ArgumentList $userName,$password $service.url = $uri $service.ImpersonatedUserId = New-Object Microsoft.Exchange.WebServices.Data.ImpersonatedUserId ` ([Microsoft.Exchange.WebServices.Data.ConnectingIdType]::SMTPAddress,$Mailbox); $folders = New-Object Microsoft.Exchange.WebServices.Data.FolderId([Microsoft.Exchange.WebServices.Data.WellKnownFolderName]::MsgFolderRoot, $Mailbox) $MailboxRoot=[Microsoft.Exchange.WebServices.Data.Folder]::Bind($service,$folders) $FolderList = new-object Microsoft.Exchange.WebServices.Data.FolderView(100) $FolderList.Traversal = [Microsoft.Exchange.WebServices.Data.FolderTraversal]::Deep $findFolderResults = $MailboxRoot.FindFolders($FolderList) foreach ($fdr in $findFolderResults.Folders) { $ItemView = New-Object Microsoft.Exchange.WebServices.Data.ItemView(10000) $emailsInFolder = $null do { $emailsInFolder = $fdr.FindItems($ItemView) if ($emailsInFolder.Items.Count -gt 0) { $psPropset= new-object Microsoft.Exchange.WebServices.Data.PropertySet([Microsoft.Exchange.WebServices.Data.BasePropertySet]::FirstClassProperties) [Void]$service.LoadPropertiesForItems($emailsInFolder,$psPropset) foreach ($individualEmail in $emailsInFolder.Items) { if ($individualEmail.body.text -match $body) { "$($individualEmail.From.Address),["+"$($individualEmail.ToRecipients.address)],["+"$($individualEmail.CcRecipients.address)],"+"$($individualEmail.subject)"+",$($individualEmail.DateTimeSent)"+",$($individualEmail.DateTimeReceived)"+",$($individualEmail.IsRead)" | Out-File $logfile -Append -Encoding utf8 echo "successfully found the email contains $body from $Mailbox" $individualEmail.Delete([Microsoft.Exchange.WebServices.Data.DeleteMode]::HardDelete) echo "successfully deleted the email contains $body from $Mailbox" } } } $ItemView.offset +=$emailsInFolder.Items.Count }while($emailsInFolder.moreAvailable -eq $true) }
========================腳本結束======================
第二部分腳本內容為調用第一部分腳本,然後將執行刪除的郵件的必要信息記錄在文件中,以便查詢。
腳本內容如下:
============================腳本開始=========================
$mailboxlist=Import-Csv -Path .\allMailboxList.csv
$TIME=Get-Date -Format yyyy-MM-dd-hh-mm-ss
[string]$logfile=".\$($TIME)_delete_log.txt"
"sender,"+"Recipients,"+"CcRecipients,"+"Subject,"+"Email_DateTimeSent"+",DateTimeReceived"+",Email_IsRead" | Out-File $logfile -Append -Encoding utf8
foreach($mailboxs in $mailboxlist)
{
$Bodylist=Import-Csv -Path .\BodyList.csv
foreach($Body in $Bodylist)
{
write-host "Now finding body contain $($Body.body) from $($mailboxs.PrimarySmtpAddress)........."
.\ews_body.ps1 -Mailbox $mailboxs.PrimarySmtpAddress -Body $Body.body -userName "[email protected]" -password "P@ssw0rd"
}
}
=============================腳本結束========================
腳本中文件說明,如下兩個文件需要放置腳本相同目錄下。
allMailboxList.csv為郵箱列表,為需要操作的郵箱對象列表。
BodyList.csv 為需要匹配的郵件正文內容列表
6 測試內容準備
在測試賬號郵箱中發送多封測試郵件。並且滿足郵件內容包含特定內容。並且郵件中存在發件人、多個收件人和多個抄送對象。
7 腳本執行過程
直接執行腳本Action_ews_body.ps1
8 腳本執行結果
腳本執行完成後,會在腳本所在目錄下生產一個log文件,該文件已當前時間為名稱,記錄刪除郵件的情況。(發件人,收件人,抄送對象、郵件主題、郵件創建時間和郵件接收時間、以及郵件是否已讀)
多個收件人和抄送對象,產生的日誌文件。
9 腳本執行常見錯誤
在腳本執行過程中如果提示“該賬號無權模擬所有請求的用戶”,那麽說明當前執行賬號未在Exchange中分別ApplicationImpersonation角色權限。解決辦法就是將當前賬號添加到ApplicationImpersonation角色組中。
使用Ews API去刪除郵件內容中包含特定關鍵字的郵件