关于使用Python邮件包读取消息的笔记
You're probably reading this page because you've attempted to access some part of my blog (Wandering Thoughts) (https://utcc.utoronto.ca/~cks/space/blog/) or CSpace (https://utcc.utoronto.ca/~cks/space/), the wiki thing it's part of. Unfortunately you're using a browser (or client library) that my anti-crawler precautions consider suspicious because it's sending inconsistent values for Sec-CH-UA-* HTTP request headers (known as User agent client hints (https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Client_hints#user_agent_client_hints)) such as Sec-CH-UA-Platform (https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Sec-CH-UA-Platform) and Sec-CH-UA (https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Sec-CH-UA), despite claiming to be a browser that should send them correctly, such as Chrome.
Due to the ongoing problems with abusive high volume crawlers using forged User-Agent values (apparently in part to gather data for LLM training), this combination of browser User-Agent and bad Sec-CH-UA-* headers is not accepted.
If this is in error and you're using a current version of your browser of choice, you can contact me at my current place at the university (https://www.cs.toronto.edu/~cks/) (you should be able to work out the email address from that). If possible, please let me know what browser you're using and so on, ideally with its exact User-Agent string. Please note that I'm unlikely to make an exemption for software that is actively impersonating Chrome in its User-Agent, especially if its User-Agent is essentially indistinguishable from a legitimate browser User-Agent string. Crawling software that isn't prepared to admit it is being anti-social, and I am no longer willing to help anti-social software.
Potential suspicious issues with Sec-CH-UA headers include but aren't limited to:
• Missing Sec-CH-UA headers in a version of Chrome that should offer them when it's told they're required. If you're using privacy extensions that disable them, I'm sorry, but Chrome itself is too suspicious these days as so many LLM crawlers are claiming to be it.
• A Sec-CH-UA-Platform value that doesn't match the platform in your browser's User-Agent.
• A Sec-CH-UA header with a 'brand' version number that doesn't match the version information in your browser's User-Agent. If your browser is based on Chrome, I generally expect your Chromium brand version to match the 'Chrome/' version in your User-Agent.
• A Sec-CH-UA header that says this is headless Chrome. Headless Chrome is used by too many crawlers.
If necessary, you can use Chrome's web developer tools to verify what Sec-CH-UA headers your browser is sending. Chris Siebenmann, 2025-12-20