使用ChatGPT分析与分类可疑邮件内容
高级
这是一个AI, SecOps领域的自动化工作流,包含 25 个节点。主要使用 If, Set, Code, Jira, HttpRequest 等节点,结合人工智能技术实现智能自动化。 使用ChatGPT分析与分类可疑邮件内容
前置要求
- •可能需要目标 API 的认证凭证
- •Google 账号和 Gmail API 凭证
- •OpenAI API Key
工作流预览
可视化展示节点连接关系,支持缩放和平移
导出工作流
复制以下 JSON 配置到 n8n 导入,即可使用此工作流
{
"meta": {
"instanceId": "03e9d14e9196363fe7191ce21dc0bb17387a6e755dcc9acc4f5904752919dca8"
},
"nodes": [
{
"id": "94dd7f48-0013-4fb5-89c4-826ecd7f2d66",
"name": "Gmail 触发器",
"type": "n8n-nodes-base.gmailTrigger",
"position": [
1460,
120
],
"parameters": {
"simple": false,
"filters": {},
"options": {},
"pollTimes": {
"item": [
{
"mode": "everyMinute"
}
]
}
},
"credentials": {
"gmailOAuth2": {
"id": "kkhNhqKpZt6IUZd0",
"name": "Gmail"
}
},
"typeVersion": 1.2
},
{
"id": "ca2023fa-ceca-4923-80e4-a3843803536c",
"name": "Microsoft Outlook 触发器",
"type": "n8n-nodes-base.microsoftOutlookTrigger",
"disabled": true,
"position": [
1480,
680
],
"parameters": {
"fields": [
"body",
"toRecipients",
"subject",
"bodyPreview"
],
"output": "fields",
"filters": {},
"options": {},
"pollTimes": {
"item": [
{
"mode": "everyMinute"
}
]
}
},
"credentials": {
"microsoftOutlookOAuth2Api": {
"id": "vTCK0oVQ0WjFrI5H",
"name": " Outlook Credential"
}
},
"typeVersion": 1
},
{
"id": "1f011214-91a0-4cfa-9d9e-29864937c0a3",
"name": "HTML 截图",
"type": "n8n-nodes-base.httpRequest",
"position": [
2620,
420
],
"parameters": {
"url": "https://hcti.io/v1/image",
"method": "POST",
"options": {},
"sendBody": true,
"sendQuery": true,
"authentication": "genericCredentialType",
"bodyParameters": {
"parameters": [
{
"name": "html",
"value": "={{ $('Set Email Variables').item.json.htmlBody }}"
}
]
},
"genericAuthType": "httpBasicAuth",
"queryParameters": {
"parameters": [
{}
]
}
},
"credentials": {
"httpBasicAuth": {
"id": "8tm8mUWmPvtmPFPk",
"name": "hcti.io"
}
},
"typeVersion": 4.2
},
{
"id": "64f4789f-9de8-414f-af62-ddc339f0d0ac",
"name": "检索截图",
"type": "n8n-nodes-base.httpRequest",
"position": [
2800,
420
],
"parameters": {
"url": "={{ $json.url }}",
"options": {},
"authentication": "genericCredentialType",
"genericAuthType": "httpBasicAuth"
},
"credentials": {
"httpBasicAuth": {
"id": "8tm8mUWmPvtmPFPk",
"name": "hcti.io"
}
},
"typeVersion": 4.2
},
{
"id": "db707bd9-6abc-4ab7-8ffa-ad25c5e8adc4",
"name": "设置 Outlook 变量",
"type": "n8n-nodes-base.set",
"position": [
2040,
680
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "38bd3db2-1a8d-4c40-a2dd-336e0cc84224",
"name": "htmlBody",
"type": "string",
"value": "={{ $('Microsoft Outlook Trigger').item.json.body.content }}"
},
{
"id": "13bdd95b-ef02-486e-b38b-d14bd05a4a8a",
"name": "headers",
"type": "string",
"value": "={{ $json}}"
},
{
"id": "20566ad4-7eb7-42b1-8a0d-f8b759610f10",
"name": "subject",
"type": "string",
"value": "={{ $('Microsoft Outlook Trigger').item.json.subject }}"
},
{
"id": "7171998f-a5a2-4e23-946a-9c1ad75710e7",
"name": "recipient",
"type": "string",
"value": "={{ $('Microsoft Outlook Trigger').item.json.toRecipients[0].emailAddress.address }}"
},
{
"id": "cc262634-2470-4524-8319-abe2518a6335",
"name": "textBody",
"type": "string",
"value": "={{ $('Retrieve Headers of Email').item.json.body.content }}"
}
]
}
},
"typeVersion": 3.4
},
{
"id": "7a3622c0-6949-4ea3-ae13-46a1ee26de7b",
"name": "设置 Gmail 变量",
"type": "n8n-nodes-base.set",
"position": [
2020,
120
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "38bd3db2-1a8d-4c40-a2dd-336e0cc84224",
"name": "htmlBody",
"type": "string",
"value": "={{ $json.html }}"
},
{
"id": "18fbcf78-6d3c-4036-b3a2-fb5adf22176a",
"name": "headers",
"type": "string",
"value": "={{ $json.headers }}"
},
{
"id": "1d690098-be2a-4604-baf8-62f314930929",
"name": "subject",
"type": "string",
"value": "={{ $json.subject }}"
},
{
"id": "8009f00a-547f-4eb1-b52d-2e7305248885",
"name": "recipient",
"type": "string",
"value": "={{ $json.to.text }}"
},
{
"id": "1932e97d-b03b-4964-b8bc-8262aaaa1f7a",
"name": "textBody",
"type": "string",
"value": "={{ $json.text }}"
}
]
}
},
"typeVersion": 3.4
},
{
"id": "4b4c6b34-f74c-4402-91a1-4d002e02a3bd",
"name": "检索邮件标头",
"type": "n8n-nodes-base.httpRequest",
"position": [
1700,
680
],
"parameters": {
"url": "=https://graph.microsoft.com/v1.0/me/messages/{{ $json.id }}?$select=internetMessageHeaders,body",
"options": {},
"sendHeaders": true,
"authentication": "predefinedCredentialType",
"headerParameters": {
"parameters": [
{
"name": "Accept",
"value": "application/json"
},
{
"name": "Prefer",
"value": "outlook.body-content-type=\"text\""
}
]
},
"nodeCredentialType": "microsoftOutlookOAuth2Api"
},
"credentials": {
"microsoftOutlookOAuth2Api": {
"id": "vTCK0oVQ0WjFrI5H",
"name": " Outlook Credential"
}
},
"typeVersion": 4.2
},
{
"id": "0c9883b5-3eb7-45db-9803-d1b30166a3b5",
"name": "格式化标头",
"type": "n8n-nodes-base.code",
"position": [
1880,
680
],
"parameters": {
"jsCode": "const input = $('Retrieve Headers of Email').item.json.internetMessageHeaders;\n\nconst result = input.reduce((acc, { name, value }) => {\n if (!acc[name]) acc[name] = [];\n acc[name].push(value);\n return acc;\n}, {});\n\nreturn result;"
},
"typeVersion": 2
},
{
"id": "c21a976c-00e5-4823-bd94-4c95a7d60438",
"name": "使用 ChatGPT 分析邮件",
"type": "@n8n/n8n-nodes-langchain.openAi",
"position": [
3000,
420
],
"parameters": {
"modelId": {
"__rl": true,
"mode": "list",
"value": "gpt-4o",
"cachedResultName": "GPT-4O"
},
"options": {},
"messages": {
"values": [
{
"content": "=Describe the following email using the HTML body and headers. Determine if the email could be a phishing email. \n\nHere is the HTML body:\n{{ $('Set Email Variables').item.json.htmlBody }}\n\nThe message headers are as follows:\n{{ $('Set Email Variables').item.json.headers }}\n\n"
},
{
"role": "system",
"content": "Please make sure to output all responses using the following structured JSON output:\n{\n \"malicious\": false,\n \"summary\": \"The email appears to be a legitimate communication from a known sender. It contains no suspicious links, attachments, or language that indicates phishing or malicious intent.\"\n}\n\nFormat the response for Jira who uses a wiki-style renderer. Do not include ``` around your response. Make the summary as verbose as possible including a full breakdown of why the email is benign or malicious."
}
]
},
"jsonOutput": true
},
"credentials": {
"openAiApi": {
"id": "76",
"name": "OpenAi account"
}
},
"typeVersion": 1.6
},
{
"id": "a91f4095-9245-4276-b21f-f415de22df62",
"name": "创建潜在恶意工单",
"type": "n8n-nodes-base.jira",
"position": [
3640,
400
],
"parameters": {
"project": {
"__rl": true,
"mode": "list",
"value": "10001",
"cachedResultName": "Support"
},
"summary": "=Potentially Malicious - Phishing Email Reported: \"{{ $('Set Email Variables').item.json.subject }}\"",
"issueType": {
"__rl": true,
"mode": "list",
"value": "10008",
"cachedResultName": "Task"
},
"additionalFields": {
"description": "=A phishing email was reported by {{ $('Set Email Variables').item.json.recipient }} with the subject line \"{{ $('Set Email Variables').item.json.subject }}\"\n\\\\\nh2. Here is ChatGPT's analysis of the email:\n{{ $json.message.content.summary }}"
}
},
"credentials": {
"jiraSoftwareCloudApi": {
"id": "BZmmGUrNIsgM9fDj",
"name": "New Jira Cloud"
}
},
"typeVersion": 1
},
{
"id": "a5a66a0e-9d8a-45a9-b1ae-aec78ddfec27",
"name": "创建潜在良性工单",
"type": "n8n-nodes-base.jira",
"position": [
3640,
580
],
"parameters": {
"project": {
"__rl": true,
"mode": "list",
"value": "10001",
"cachedResultName": "Support"
},
"summary": "=Potentially Benign - Phishing Email Reported: \"{{ $('Set Email Variables').item.json.subject }}\"",
"issueType": {
"__rl": true,
"mode": "list",
"value": "10008",
"cachedResultName": "Task"
},
"additionalFields": {
"description": "=A phishing email was reported by {{ $('Set Email Variables').item.json.recipient }} with the subject line \"{{ $('Set Email Variables').item.json.subject }}\"\n\\\\\nh2. Here is ChatGPT's analysis of the email:\n{{ $json.message.content.summary }}"
}
},
"credentials": {
"jiraSoftwareCloudApi": {
"id": "BZmmGUrNIsgM9fDj",
"name": "New Jira Cloud"
}
},
"typeVersion": 1
},
{
"id": "5af0d60b-d021-4dd9-98f7-b2842800764a",
"name": "重命名截图",
"type": "n8n-nodes-base.code",
"position": [
4020,
480
],
"parameters": {
"mode": "runOnceForEachItem",
"jsCode": "$('Retrieve Screenshot').item.binary.data.fileName = 'emailScreenshot.png'\n\nreturn $('Retrieve Screenshot').item;"
},
"typeVersion": 2
},
{
"id": "441c4cbb-bd93-4213-bd34-e18f2a49389f",
"name": "设置 Jira ID",
"type": "n8n-nodes-base.set",
"position": [
3860,
480
],
"parameters": {
"options": {},
"includeOtherFields": true
},
"typeVersion": 3.4
},
{
"id": "4c71188c-011d-4f8e-a36c-87900bfab59a",
"name": "将邮件截图上传到 Jira",
"type": "n8n-nodes-base.jira",
"position": [
4220,
480
],
"parameters": {
"issueKey": "={{ $('Set Jira ID').item.json.key }}",
"resource": "issueAttachment"
},
"credentials": {
"jiraSoftwareCloudApi": {
"id": "BZmmGUrNIsgM9fDj",
"name": "New Jira Cloud"
}
},
"typeVersion": 1
},
{
"id": "3c031c34-8306-44e1-8e0e-a584c5323112",
"name": "将邮件正文上传到 Jira",
"type": "n8n-nodes-base.jira",
"position": [
4620,
480
],
"parameters": {
"issueKey": "={{ $('Set Jira ID').item.json.key }}",
"resource": "issueAttachment"
},
"credentials": {
"jiraSoftwareCloudApi": {
"id": "BZmmGUrNIsgM9fDj",
"name": "New Jira Cloud"
}
},
"typeVersion": 1
},
{
"id": "d033dcbd-7ccb-451f-ab81-cc6d32d2e01f",
"name": "将邮件正文转换为文件",
"type": "n8n-nodes-base.convertToFile",
"position": [
2420,
420
],
"parameters": {
"options": {
"fileName": "emailBody.txt"
},
"operation": "toText",
"sourceProperty": "textBody"
},
"typeVersion": 1.1
},
{
"id": "bda5e2fe-d8c0-456b-975a-35e82ff02816",
"name": "设置邮件变量",
"type": "n8n-nodes-base.set",
"position": [
2240,
420
],
"parameters": {
"options": {},
"includeOtherFields": true
},
"typeVersion": 3.4
},
{
"id": "54ecd8ab-ac4a-4b6b-bd1b-bf8c70082a33",
"name": "重命名邮件正文截图",
"type": "n8n-nodes-base.code",
"position": [
4420,
480
],
"parameters": {
"mode": "runOnceForEachItem",
"jsCode": "$('Convert Email Body to File').item.binary.data.fileName = 'emailBody.txt'\n\nreturn $('Convert Email Body to File').item;"
},
"typeVersion": 2
},
{
"id": "fe5b82cc-b4bb-4c97-9477-075d5a280e9f",
"name": "便签2",
"type": "n8n-nodes-base.stickyNote",
"position": [
2574.536755825029,
0
],
"parameters": {
"color": 7,
"width": 376.8280004374956,
"height": 595.590013880477,
"content": ""
},
"typeVersion": 1
},
{
"id": "86b21049-f65e-4c6a-a854-c4376f870da9",
"name": "便签",
"type": "n8n-nodes-base.stickyNote",
"position": [
1380,
-149.99110983560342
],
"parameters": {
"color": 7,
"width": 814.4556539379754,
"height": 444.5525554815556,
"content": ""
},
"typeVersion": 1
},
{
"id": "b1a786cf-7a8d-49e1-90ed-31f3d0e65b13",
"name": "便签1",
"type": "n8n-nodes-base.stickyNote",
"position": [
1380,
308
],
"parameters": {
"color": 7,
"width": 809.7918597571277,
"height": 602.9002284617277,
"content": ""
},
"typeVersion": 1
},
{
"id": "e7ace035-b5f5-4ef3-a117-22c7c938868d",
"name": "便签3",
"type": "n8n-nodes-base.stickyNote",
"position": [
2958.4325220284563,
24.744924120002338
],
"parameters": {
"color": 7,
"width": 593.0990401534098,
"height": 573.1750519720028,
"content": ""
},
"typeVersion": 1
},
{
"id": "02c1ad8e-f952-42d2-ae9f-cf3a77e49e52",
"name": "便签说明4",
"type": "n8n-nodes-base.stickyNote",
"position": [
3562.4948140707697,
-125.79607719303533
],
"parameters": {
"color": 7,
"width": 1251.7025543502837,
"height": 891.579206098173,
"content": ""
},
"typeVersion": 1
},
{
"id": "597ef23e-c61c-4e27-8c14-74ec20079c96",
"name": "检查是否为恶意",
"type": "n8n-nodes-base.if",
"position": [
3400,
420
],
"parameters": {
"options": {},
"conditions": {
"options": {
"version": 2,
"leftValue": "",
"caseSensitive": true,
"typeValidation": "strict"
},
"combinator": "and",
"conditions": [
{
"id": "493f412c-5f11-4173-8940-90f5bc7f5fab",
"operator": {
"type": "boolean",
"operation": "true",
"singleValue": true
},
"leftValue": "={{ $json.message.content.malicious }}",
"rightValue": ""
}
]
}
},
"typeVersion": 2.2
},
{
"id": "af512af9-924b-4019-bdf9-62aac9cd0dac",
"name": "便签说明5",
"type": "n8n-nodes-base.stickyNote",
"position": [
2200,
39.041733604283195
],
"parameters": {
"color": 7,
"width": 365.6458805720866,
"height": 559.8072303111675,
"content": ""
},
"typeVersion": 1
}
],
"pinData": {},
"connections": {
"Set Jira ID": {
"main": [
[
{
"node": "Rename Screenshot",
"type": "main",
"index": 0
}
]
]
},
"Gmail Trigger": {
"main": [
[
{
"node": "Set Gmail Variables",
"type": "main",
"index": 0
}
]
]
},
"Format Headers": {
"main": [
[
{
"node": "Set Outlook Variables",
"type": "main",
"index": 0
}
]
]
},
"Screenshot HTML": {
"main": [
[
{
"node": "Retrieve Screenshot",
"type": "main",
"index": 0
}
]
]
},
"Rename Screenshot": {
"main": [
[
{
"node": "Upload Screenshot of Email to Jira",
"type": "main",
"index": 0
}
]
]
},
"Check if Malicious": {
"main": [
[
{
"node": "Create Potentially Malicious Ticket",
"type": "main",
"index": 0
}
],
[
{
"node": "Create Potentially Benign Ticket",
"type": "main",
"index": 0
}
]
]
},
"Retrieve Screenshot": {
"main": [
[
{
"node": "Analyze Email with ChatGPT",
"type": "main",
"index": 0
}
]
]
},
"Set Email Variables": {
"main": [
[
{
"node": "Convert Email Body to File",
"type": "main",
"index": 0
}
]
]
},
"Set Gmail Variables": {
"main": [
[
{
"node": "Set Email Variables",
"type": "main",
"index": 0
}
]
]
},
"Set Outlook Variables": {
"main": [
[
{
"node": "Set Email Variables",
"type": "main",
"index": 0
}
]
]
},
"Microsoft Outlook Trigger": {
"main": [
[
{
"node": "Retrieve Headers of Email",
"type": "main",
"index": 0
}
]
]
},
"Retrieve Headers of Email": {
"main": [
[
{
"node": "Format Headers",
"type": "main",
"index": 0
}
]
]
},
"Analyze Email with ChatGPT": {
"main": [
[
{
"node": "Check if Malicious",
"type": "main",
"index": 0
}
]
]
},
"Convert Email Body to File": {
"main": [
[
{
"node": "Screenshot HTML",
"type": "main",
"index": 0
}
]
]
},
"Rename Email Body Screenshot": {
"main": [
[
{
"node": "Upload Email Body to Jira",
"type": "main",
"index": 0
}
]
]
},
"Create Potentially Benign Ticket": {
"main": [
[
{
"node": "Set Jira ID",
"type": "main",
"index": 0
}
]
]
},
"Upload Screenshot of Email to Jira": {
"main": [
[
{
"node": "Rename Email Body Screenshot",
"type": "main",
"index": 0
}
]
]
},
"Create Potentially Malicious Ticket": {
"main": [
[
{
"node": "Set Jira ID",
"type": "main",
"index": 0
}
]
]
}
}
}常见问题
如何使用这个工作流?
复制上方的 JSON 配置代码,在您的 n8n 实例中创建新工作流并选择「从 JSON 导入」,粘贴配置后根据需要修改凭证设置即可。
这个工作流适合什么场景?
高级 - 人工智能, 安全运维
需要付费吗?
本工作流完全免费,您可以直接导入使用。但请注意,工作流中使用的第三方服务(如 OpenAI API)可能需要您自行付费。
相关工作流推荐
使用ChatGPT Vision分析可疑邮件内容
使用ChatGPT Vision分析可疑邮件内容
Set
Code
Jira
+5
18 节点Angel Menendez
人工智能
Venafi Cloud Slack 证书机器人
Venafi Cloud Slack 证书机器人
If
Set
Merge
+10
38 节点Angel Menendez
人工智能
分析Gmail邮件头以检测IP信誉和欺骗
分析Gmail邮件头以检测IP信誉和欺骗
If
Set
Code
+9
40 节点Angel Menendez
安全运维
分析Outlook邮件头以检测IP信誉和欺骗
分析Outlook邮件头以检测IP信誉和欺骗
If
Set
Code
+9
41 节点Angel Menendez
安全运维
基于AI的MIS代理
基于AI的管理信息系统代理
If
Set
Code
+29
129 节点Kumar Shivam
客户支持
HRMate 修复
使用LlamaIndex和GPT-4o-mini自动化候选人筛选,生成个性化邮件回复
If
Set
Code
+8
30 节点Khairul Muhtadin
人力资源
工作流信息
难度等级
高级
节点数量25
分类2
节点类型10
作者
Angel Menendez
@djangelicAngel Menendez is a Staff Developer Advocate at n8n.io, specializing in low-code tools for cybersecurity workflows. From Puerto Rico, Angel's tech journey began by helping his father translate technical books. He later started a web development business and transitioned from a career as a flight attendant to cybersecurity engineering. His workflows have saved companies significant time. Outside work, Angel enjoys time with his two sons, riding electric bikes, reading, and exploring new places.
外部链接
在 n8n.io 查看 →
分享此工作流