一些垃圾郵件發送者使用我們的電子郵件地址作為偽造電子郵件的寄件者。現在,我們收到了數千封來自不再存在的電子郵件的退回郵件。
我們設定了 SPF 和 DKIM 記錄,但它並沒有停止。
procrastination.com TXT v=DMARC1;p=reject;sp=reject;pct=100;aspf=r;fo=0;ri=86400;rua=mailto:[email protected] IN 3600
procrastination.com TXT v=spf1 ip4:77.240.191.234 ip4:83.167.254.20 ip4:83.167.254.21 ip4:83.167.254.22 ip4:81.95.97.117 ip4:81.95.97.100 a -all
形成郵件標頭,看起來垃圾郵件發送者在其電子郵件中使用 Google SMTP mx.google.com,儘管 SPF 結果為失敗。
範例標頭如下:
Delivery to the following recipient failed permanently:
[email protected]
Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the server for the recipient domain webmail.flcgil.it by webmail.flcgil.it. [109.168.127.232].
The error that the other server returned was:
550 5.1.1 <[email protected]>: Recipient address rejected: User unknown in virtual mailbox table
----- Original message -----
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-original-authentication-results:x-gm-message-state:message-id
:reply-to:from:subject:date:mime-version:content-type
:content-transfer-encoding:delivered-to;
bh=DWSqotpOUM1r96KR6EV4WUBt9g/4xHl2j4TzsRWmYtM=;
b=Z/uEm+/nMjD5ynw2bKuAtnqTFvpJ6QbUnJbXtPyYU1xONdOI+630z8WGZPfCkEjrR8
+iIrp9EH7y+3xOpEL2N5JoKtkMpcbgUuyC8N6dH5Mx1aZZXAylg1mXc6uMne2NhQAZVW
XGVmikat0wxCsgSYt+T8nHXULU/OY5LlAbGiKD0EQ96nvRB0fyquVyHFvQfKLi7gORlD
939MMe1QiEw/4aH4oEigEOgMoAZe+1SxoiyJfj/M80iHtsh97bhHCukB4Yni9aX9LJEc
edS2ZS9c5IBnTmTmLbQwlZXx65u9Z3FIUSU82GQSWOF6Upp2ZzHwt7Az3hbfn+Or5Sy/
lGvg==
X-Original-Authentication-Results: mx.google.com; spf=fail (google.com: domain of [email protected] does not designate 66.84.38.179 as permitted sender) [email protected]
X-Received: by 10.42.50.81 with SMTP id z17mr14637142icf.57.1430488267890;
Fri, 01 May 2015 06:51:07 -0700 (PDT)
X-Gm-Message-State: ALoCoQkCSb7aXwRPbIiUnV3a6JAZsPok55aOGUIsgkMbXM4B9QOW7RY14KvVmumEXab7Rh5k2YlELm1N9oWNNCvASrmS2cavQKBK4Kp7sNFkm6YKqjisbzTMuq6cso3vvh4X/KsH8bgCx7+Yg5E7IVbLsSgjr+rRlicTI1tXLVq88gyQdAE/3bE=
X-Received: by 10.42.50.81 with SMTP id z17mr14637132icf.57.1430488267815;
Fri, 01 May 2015 06:51:07 -0700 (PDT)
Return-Path: <[email protected]>
Received: from procrastination.net (s179.n38.n84.n66.static.myhostcenter.com. [66.84.38.179])
by mx.google.com with ESMTPS id z2si3656962icq.16.2015.05.01.06.51.07
for <[email protected]>
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Fri, 01 May 2015 06:51:07 -0700 (PDT)
Received-SPF: fail (google.com: domain of [email protected] does not designate 66.84.38.179 as permitted sender) client-ip=66.84.38.179;
Authentication-Results: mx.google.com;
spf=fail (google.com: domain of [email protected] does not designate 66.84.38.179 as permitted sender) [email protected]
Received: from User ([154.118.4.5])
(authenticated bits=0)
by procrastination.net (8.13.1/8.13.1) with ESMTP id t41DosSm007397;
Fri, 1 May 2015 09:50:59 -0400
Message-Id: <[email protected]>
X-Orig: [154.118.4.5]
X-Authentication-Warning: procrastination.net: procrast owned process doing -bs
Reply-To: <[email protected]>
From: "INTERNATIONAL MONETARY FUND"<[email protected]>
Subject: Attn: Your Long Over due payment claim/change of account?
Date: Fri, 1 May 2015 14:51:05 +0100
MIME-Version: 1.0
Content-Type: text/plain;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Antivirus: avast! (VPS 150501-0, 05/01/2015), Outbound message
X-Antivirus-Status: Clean
Delivered-To: [email protected]
知道我們如何讓這一切停下來嗎?為什麼 SPF 沒有幫助?
答案1
您不能強迫其他人根據 SPF 和 DKIM 或任何其他標準來過濾他們收到的郵件。如果Google選擇忽略 SPF,那就這樣吧;你已經盡力了,你現在能做的就是坐著不動,忽略那些不使用 SPF 過濾的人的任何抱怨。
也就是說,擁有有效的 SPF 記錄確實會減少反向散射,因為理性的垃圾郵件發送者更喜歡從沒有以 結尾的有效 SPF 記錄的網域中偽造電子郵件-all,就像您的網域一樣。您可能會發現,在當前的反向散射浪潮過去之後,情況確實有所改善。
答案2
您的DMARC記錄應該在_dmarc.procrastination.com.這是一個新規範,並未獲得廣泛支持。如果您想要報告,您還需要包含v=DMARC1at*._report._dmarc.procrastination.com或 的TXT 記錄procrastination.com._report_dmarc.procrastination.com。當您開始收到報告時,您就會知道這是有效的。 Google 和雅虎都可能會向您發送報告。
SPF 確實能夠有效減少使用您的網域發送的欺騙性電子郵件(垃圾郵件)的數量。但是,許多網站不使用 SPF 來封鎖電子郵件,因為許多網站的記錄配置不正確。我發現我需要將某些網域列入白名單,以確保我不會退回合法郵件。
您可能需要BATV對外寄電子郵件實施(退回地址標籤驗證),以便您可以拒絕反向散射垃圾郵件通知。但是,您應該在設定後等待一兩週時間,BATV然後再阻止傳入的退回郵件。
實施DKIM(網域金鑰識別郵件)並將其新增至您的DMARC策略可能有助於減少欺騙郵件的傳遞。
有些新聞網站允許向錯誤地使用該人的電子郵件地址作為信封和寄件者地址的朋友發送電子郵件通知。這些可能會被 的嚴格解釋所阻止SPF。