Dkim

使用 DKIM 和 SPF 鎖定並收到看起來由我們的 DKIM 簽名的電子郵件

  • February 27, 2020

我們收到了這封電子郵件,這絕對是垃圾郵件/欺騙我們的東西(我還沒有設置 DMARC,還沒有完成在另一個為我們發送電子郵件的服務上設置 DKIM)。我不明白他們是如何簽署他們的東西的,所以 gmail 認為它是由 orderlyhealth.com 簽署的

在此處輸入圖像描述

我確實在論壇中粘貼了 DNS TXT 記錄,但 AFAIK,該 DNS 記錄無論如何都可以通過 DNS 查詢公開獲得。我怎樣才能解決這個問題?

我的意思是,我可以生成另一個 DKIM,但這個在 2 天前是全新的。有人知道我們是如何簽名的嗎?

這是更詳細的輸出。我也不確定 s=arc20160816 是什麼?

Delivered-To: dean@orderlyhealth.com
Received: by 2002:a6b:5001:0:0:0:0:0 with SMTP id e1csp1947026iob;
       Fri, 21 Feb 2020 05:04:06 -0800 (PST)
X-Received: by 2002:ac8:7b45:: with SMTP id m5mr32434623qtu.360.1582290246056;
       Fri, 21 Feb 2020 05:04:06 -0800 (PST)
ARC-Seal: i=3; a=rsa-sha256; t=1582290246; cv=pass;
       d=google.com; s=arc-20160816;
       b=bvvshqe0Y8Uniim1d8GKdZU7oqyDn0298i8qhPkP73I+A2vePpiF22VkubNgGlWSUD
        bNtas4I6zYKQU/d7uxhQuHbbyFx2HMUR4n1xf6QyP719+GlCu3PcSi8BkNWZRkEXHFxw
        92DF3KJtwxW6YVcglD+jjVOR5gsXjEpJlfBqrxa0Rl4Q+C0/tmLWpVFCmltz87se+8Za
        m6YrD+/iJp1OjilSD54V3OBK0KQqV9VzxuGxxMkxPBuKkYj73nM112E6pp/QVJ5me/TJ
        BM8lGsGK2ZglS1T6+TtEvKv7yaj3MlhhL6s9ClWQHTFg2XSSqVQULBtCaxPIOwKVPLfN
        CvLQ==
ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
       h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
        :list-id:mailing-list:precedence:reply-to:references:mime-version
        :subject:message-id:to:from:date:dkim-signature;
       bh=o+BHhaX/uRUnoG19hCZjf0gaI+eThuTb2hVLwjdhJ3w=;
       b=UuS0+uU5YLc47u5c5BUaVqUgPFUmHgbBfmdLBm6afmXpiFWlmP8f2q65AdT/N5eG6D
        z/Co8HUH6ofQ76w/LV4fNc4Jy2KUzK+MA++/6I33Gt9MK6JIaKJSejWOnCrMCOhCyhVU
        Rmo6xhvDCkHGY/0tr+etMMssZK+CV3LnitgDSOphKFma5Gdlb4cVoV3F9vfXtFa4Jwun
        XAt/6rZTzDKY16NsEMgs+FHbeyX6W4BM2JVAjH3UOAMBZjW1ImGQJ9dl/f0rWzcVa0Ix
        nIUkedzzZkzwe1qXC2lpqFwquP3MI6sGZ9c7r4DfJ6jpmqoCxPi5YcqKFMhQfkiSCNnU
        l1Cw==
ARC-Authentication-Results: i=3; mx.google.com;
      dkim=pass header.i=@orderlyhealth.com header.s=google header.b="IAZPaAZ/";
      arc=pass (i=2 spf=pass spfdomain=aol.com dkim=pass dkdomain=aol.com dmarc=pass fromdomain=aol.com);
      spf=pass (google.com: domain of feedback+bncbaabbrfkx7zakgqeupi2jgi@orderlyhealth.com designates 209.85.220.69 as permitted sender) smtp.mailfrom=feedback+bncBAABBRFKX7ZAKGQEUPI2JGI@orderlyhealth.com
Return-Path: <feedback+bncBAABBRFKX7ZAKGQEUPI2JGI@orderlyhealth.com>
Received: from mail-sor-f69.google.com (mail-sor-f69.google.com. [209.85.220.69])
       by mx.google.com with SMTPS id r145sor2399960qke.204.2020.02.21.05.04.05
       for <dean@orderlyhealth.com>
       (Google Transport Security);
       Fri, 21 Feb 2020 05:04:06 -0800 (PST)
Received-SPF: pass (google.com: domain of feedback+bncbaabbrfkx7zakgqeupi2jgi@orderlyhealth.com designates 209.85.220.69 as permitted sender) client-ip=209.85.220.69;
Authentication-Results: mx.google.com;
      dkim=pass header.i=@orderlyhealth.com header.s=google header.b="IAZPaAZ/";
      arc=pass (i=2 spf=pass spfdomain=aol.com dkim=pass dkdomain=aol.com dmarc=pass fromdomain=aol.com);
      spf=pass (google.com: domain of feedback+bncbaabbrfkx7zakgqeupi2jgi@orderlyhealth.com designates 209.85.220.69 as permitted sender) smtp.mailfrom=feedback+bncBAABBRFKX7ZAKGQEUPI2JGI@orderlyhealth.com
ARC-Seal: i=2; a=rsa-sha256; t=1582290245; cv=pass;
       d=google.com; s=arc-20160816;
       b=HrjnGBJO93TjEeQKQ+eEi4EMWoiirXDmkGZyZtUkzvXMwLdui9ZZn2Yz+niGOI4znU
        FIFjlVnXnq64V8kzcnkn//O8yEDXVEO2nA9efPd/RZWBN1MJjYRHBlSCGh8wndAQ8J4+
        7m6oFf4P99PJ91oUNk49b1tSURYYoUEFPe51QPYKtFDmO0x+d3ddI21GOhVtYrLaaW1E
        S8HCDhIRJAEhT3lGT6jIEZJMtpCNkGchlbIrDevGvv8RUVvn3fwk8m9CaOcL0jvSzoa7
        IeQ8PQ6M1+9OGfxPLY4jgZOCaVxnZfKoxGzO4U0+jbBDcj0Kj5ao2JZ4e6Ua9Y8tR4tO
        9AGA==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
       h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
        :list-id:mailing-list:precedence:reply-to:references:mime-version
        :subject:message-id:to:from:date:dkim-signature;
       bh=o+BHhaX/uRUnoG19hCZjf0gaI+eThuTb2hVLwjdhJ3w=;
       b=uSuHz78h1ffeLXb463HK8vEkVgfSGktSAcWE1iE2F+pShTj6vdLek43chmlK2hW51z
        bSEZ9oyNWmjvBcY32sdJ55vAo3jkS0DsJGekZ1SfNNzVdOj6h0rCN1WuRaYmwu1tSI/u
        WhYepwYixaUThWE/RA4ZIvgdVMoGWTWklI4QVqnB+Q0tbGJ1OlzYKIQJoaY/GtKYYzDT
        4CMJPd0I+94eKVm2S5UAbkBEebv3asHYdsocn0txA/EpyGrho1bHD3gG4dBGsN9q3Mdr
        vH4xLK4JXh2EHg770rn19QaGQ4Tg496jTPOKiH49HplAGFmvurHEwXmmTetoWFmztCLC
        bYDw==
ARC-Authentication-Results: i=2; mx.google.com;
      dkim=pass header.i=@aol.com header.s=a2048 header.b=emKsZo83;
      spf=pass (google.com: domain of martin.bettygrop@aol.com designates 74.6.135.41 as permitted sender) smtp.mailfrom=martin.bettygrop@aol.com;
      dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=aol.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
       d=orderlyhealth.com; s=google;
       h=date:from:to:message-id:subject:mime-version:references
        :x-original-sender:x-original-authentication-results:reply-to
        :precedence:mailing-list:list-id:list-post:list-help:list-archive
        :list-subscribe:list-unsubscribe;
       bh=o+BHhaX/uRUnoG19hCZjf0gaI+eThuTb2hVLwjdhJ3w=;
       b=IAZPaAZ/WUaejaVM9hWRc8Mmnd0HyoxMZmajftg74JtWUQG+UGsrN5u86M2ygl2FSc
        0xoZgJ3Y4lXPft9XY4K8Am7FwRbBnQEu6C0/e7b3iJM27pUwkNs/EMZkiZQa8ANgC14b
        /0U8BFsdnD9urqKPpPqUZKzu8TNzuUx5I1iuijTURbw/9eI/ucfFj+UzPxvN0HhADpXM
        XXi/h2Vooo1OI2MuHhMZOCER1gf2StsTE6tqku41W02lgBZUyLvyql24/HYsyml9SahK
        HGuDCV+H32e8y3SOf08xh3OZcDPyxSs+79Tk0HWv23K/q7Om8NdAilPgEBX9rdbM2t05
        CNPg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
       d=1e100.net; s=20161025;
       h=x-gm-message-state:date:from:to:message-id:subject:mime-version
        :references:x-original-sender:x-original-authentication-results
        :reply-to:precedence:mailing-list:list-id:x-spam-checked-in-group
        :list-post:list-help:list-archive:list-subscribe:list-unsubscribe;
       bh=o+BHhaX/uRUnoG19hCZjf0gaI+eThuTb2hVLwjdhJ3w=;
       b=V2XV9PuGtu7Nx7qBVwYw0v343y02ghIEau3AfDMDu5p0gS2SCXadBEhkdM5lBS/x60
        ULndSssSsmACnnQLoCmOfcYv3ztTl9DQTRrOS1FNh36jcZnNtDA7zuAV9H6uHsb2xVzi
        sEE4UDtc9M2Qnc8K6yClZuVpjj9Be+4E0/2OGPVPc0ZRcEfOcluD5SCsgMorxEboRpmh
        W9LPyQtu8UHEDl40hDI6gvGU4lGrfYqX5ABLbYEV6rkTeZw8DA4pedP3JlIvukxuVaeG
        ZR5SyWIUEocQfm3o6mKwj0j7koO0TQLW2eQMk3FjUGsrCLf1vLaoBc0BvPgaIaz6+Hei
        swog==
X-Gm-Message-State: APjAAAVXv7rfrJWWeH4DALmtuGKw10JItkCWTmhOJA/DttBJCUjg3iJa O4UZUAEMH+n0JurZYSj2BETwSyI=
X-Google-Smtp-Source: APXvYqxzIg8yD5Fbvg2l4ZtzJYzsgrZ13izO+9hff5n6r3rWYRsqj9qx5XKSRQ9IA099ey/w1c5BOQ==
X-Received: by 2002:a37:4ce:: with SMTP id 197mr33148857qke.269.1582290245238;
       Fri, 21 Feb 2020 05:04:05 -0800 (PST)
X-BeenThere: orderlyhealth.com
Received: by 2002:ad4:42c4:: with SMTP id f4ls450657qvr.10.gmail; Fri, 21 Feb 2020 05:04:05 -0800 (PST)
X-Received: by 2002:a05:6214:b82:: with SMTP id fe2mr25983273qvb.35.1582290244028;
       Fri, 21 Feb 2020 05:04:04 -0800 (PST)
X-BeenThere: feedback@orderlyhealth.com
Received: by 2002:a37:6550:: with SMTP id z77ls1078681qkb.10.gmail; Fri, 21 Feb 2020 05:04:03 -0800 (PST)
X-Received: by 2002:a37:4fc3:: with SMTP id d186mr34983318qkb.100.1582290240711;
       Fri, 21 Feb 2020 05:04:00 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1582290240; cv=none;
       d=google.com; s=arc-20160816;
       b=LpdcX4j2wKD56mtNgthN2w5TVpRsKTCN9hNVQDnecTeFW7xZvaPXhchXz4Dn6UIwUL
        NJYL991vfhnXxr3vFRgaowFwZugsqI4c7zPy1EMfURNKZSn+8j8eL6R6rMo1odoV4pPE
        8DxC6xEMGiIPSFkTuW1Oo65nUOyO/vzotDK1Mhkupniu5Qy8wLNenY7qpcE7B5Na9BXn
        EGWmenzmiSHr2B864PoT0Skzs0j74jMduVGZTof8DtVC+MxF1jaU58GWcQHCcUl2JJHl
        v+NdxWUSlRbxcHXmBmdFqe9qZwj6zUr39+OfJq4wv1rPRjLtGLyihL0AdJMzwLCJK9Wb
        FZPA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
       h=references:mime-version:subject:message-id:to:from:date
        :dkim-signature;
       bh=o+BHhaX/uRUnoG19hCZjf0gaI+eThuTb2hVLwjdhJ3w=;
       b=Ef09qd/Uc9Bcw8+GaDeseFJ9wR7IIAzyUAfqFTb/0xfwWRPRm8700nHw7IcJbWEZh7
        w5qvyjwQGGidQMYQT7C3UH8kXiU7P0VG1/lHsaJ9gigRw22G9SLtwTIi/C8FYMbrOpMB
        xvx9v178RbdHgi6Vuq/JvBtAKzw+DYUl/3C3v/IbEG+ebj2Eppdxc7OvkEh+KAhRY3QF
        2LzaDwhMtblMGcwkEd2aMGdKcmaPYinA/B64o0gE+LGYn1pQbMDS+Q3x00c7gQx32G1z
        Vh36st5JyqS4+2vDSwRTS/Gk49WibbqHVecQIy4HSCsjH3Y3nCs0wxev83vMMLWjBRqV
        uV9g==
ARC-Authentication-Results: i=1; mx.google.com;
      dkim=pass header.i=@aol.com header.s=a2048 header.b=emKsZo83;
      spf=pass (google.com: domain of martin.bettygrop@aol.com designates 74.6.135.41 as permitted sender) smtp.mailfrom=martin.bettygrop@aol.com;
      dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=aol.com
Received: from sonic302-2.consmr.mail.bf2.yahoo.com (sonic302-2.consmr.mail.bf2.yahoo.com. [74.6.135.41])
       by mx.google.com with ESMTPS id g5si1394012qto.185.2020.02.21.05.04.00
       for <feedback@orderlyhealth.com>
       (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
       Fri, 21 Feb 2020 05:04:00 -0800 (PST)
Received-SPF: pass (google.com: domain of martin.bettygrop@aol.com designates 74.6.135.41 as permitted sender) client-ip=74.6.135.41;
X-YMail-OSG: eIMotm8VM1lJRGZ6HkOePTinhGTSwUpqW3g0AaIVpUBzAkbnX_YdaTiqth4rij2 QEhqgw83g6cToWHo0_kHoMl5yMWPX.YASm8NYFzeCbbNGOGrFJYljIUVZbXIiGp.KE0aqZVARXlO ooTOCkOBgQVLWKDqNZUx2ZI9w0_pHkc41NNJSSlJmF_bWE4C33xlYkMk0O8kiFR_Ry_veSvX5g7k owgwN2L8PYia5s.vN_7jptvAWsb4FvnnoktaFpU9K5qwxUQZ8VFuw0LRAT3._s9H4zVjwEO6IsRe KKUB0FDI1CBEcmgHWGj6cLnW.FRRcE5hyOTHiiBC5uETyIWjrRzS5nXhv0.Jme5mKKcZTduLbkM2 fbf3jG_0Mq_Sh2rZKQqgLj0.ajBYxtdEtDYBkkTsjLq6z9X.YGQTWnsg10PIW4O88MeJMRrUpE3D 1r88rDRP4vsGtR4U2WWxPKoBQ5fFR7.F9WkxOUnFPOZTOY3s8oE8K6ZeXKcj5uq1g9.INIx8TxQ8 TZ4.i8sEfxkf0EmDxBjoQu0PCSEenLqMzP.Xhsq1Q9QzZ8znIFp2VOxok21pxh2XRnxdw.zNrcbg a9.5ga1l42x4rSeGh7Ev42twsIU6M2FHgydnG.SzB._kXRFIBTwJNQmEqiQ1LQE_vEV0oKBRTlxt AIZGFCyTD2FqsVnjRSdwQf0JQHmZd_DDCFhwrIx91cg8cOpCnYxUesUx8.cTqEcaVvWLu9Bgs834 m0kJc7yFVPtq_TJ11HlmnvCx0TVkEaTTOU5mkMV510XiQzUu5dEDhORyQco4XHuWTUeJmmN_ABYt MtnTSO.xbJybFao8niPdtsX70HnUaJASmyWFZnmiYxspcYVc94kGW45QG1i7C.mdl2AKqH_x7PJY OTg82GixgroOsHdRQW5ar.TF0DVdKWenptUQigXz7tNUJxSpLCbWdJGvwf_YV7C_gB6BFZT3aAfi ZVZBsdyDJ1nLMmZLvQuZjpa41kxjD7XdUGPR3O7PIF2lwrvYOZ33fyBvJRMKTRO67Rcy2OVZgeBX jHYBQCQf2zaSacLwiL1aTyX1KXkcS0sTqhOM.EkIyWpcjlI0zvpCU4xfv2zJaGRrWqtSec.SySzy YRFHk.k4JM.i.hXpb8HgzspqvfzyeNbddAvBJaOeEZwrrkwuCWQYpqoRczzy4qeNzXoOHHADaN3J JIJl75MnWUx78hs23ev7TYuhTg1J.k4y56WBeq1uW42kk5ov.tGNM0vPTQypqxiqvkr9fMKY0RTR C2FFpYa2BK85McjhbQeJMjN2olmQD5IisSGAAJ42YBWXqvQ--
Received: from sonic.gate.mail.ne1.yahoo.com by sonic302.consmr.mail.bf2.yahoo.com with HTTP; Fri, 21 Feb 2020 13:04:00 +0000
Date: Fri, 21 Feb 2020 13:03:57 +0000 (UTC)
From: "'Candy
 Villegas' via Feedback" <feedback@orderlyhealth.com>
To: info@jodimann.com
Message-ID: <364582543.4526783.1582290237759@mail.yahoo.com>
Subject: [feedback] February Overdue Invoice, from Amazon Enterprises
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----=_Part_4526782_1221472274.1582290237759"
References: <364582543.4526783.1582290237759.ref@mail.yahoo.com>
X-Mailer: WebService/1.1.15199 aolwebmail Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Length: 251525
X-Original-Sender: martin.bettygrop@aol.com
X-Original-Authentication-Results: mx.google.com;
      dkim=pass header.i=@aol.com header.s=a2048 header.b=emKsZo83;
      spf=pass (google.com: domain of martin.bettygrop@aol.com designates 74.6.135.41 as permitted sender) smtp.mailfrom=martin.bettygrop@aol.com;
      dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=aol.com
X-Original-From: Candy
 Villegas
 <martin.bettygrop@aol.com>
Reply-To: Candy
 Villegas <martin.bettygrop@aol.com>
Precedence: list
Mailing-list: list feedback@orderlyhealth.com; contact feedback+owners@orderlyhealth.com
List-ID: <feedback.orderlyhealth.com>
X-Spam-Checked-In-Group: feedback@orderlyhealth.com
X-Google-Group-Id: 25325095221
List-Post: <https://groups.google.com/a/orderlyhealth.com/group/feedback/post>, &lt;mailto:feedback@orderlyhealth.com&gt;
List-Help: <https://support.google.com/a/orderlyhealth.com/bin/topic.py?topic=25838>, &lt;mailto:feedback+help@orderlyhealth.com&gt;
List-Archive: <https://groups.google.com/a/orderlyhealth.com/group/feedback/>
List-Subscribe: <https://groups.google.com/a/orderlyhealth.com/group/feedback/subscribe>, &lt;mailto:feedback+subscribe@orderlyhealth.com&gt;
List-Unsubscribe: &lt;mailto:googlegroups-manage+25325095221+unsubscribe@googlegroups.com&gt;, <https://groups.google.com/a/orderlyhealth.com/group/feedback/subscribe>

只是為了添加更多關於 @Dean 和 @Reinto 發現的關於 Google 為什麼在發件人姓名上實施“通過”資訊的詳細資訊:

根據 DMARC rfc7489,低於 10.5。 互操作性問題

“因為 DMARC 依賴於

$$ SPF $$和/或$$ DKIM $$要實現“通過”,它們的局限性也同樣適用。 當消息由某些中介(例如郵件列表)處理時,會出現額外的 DMARC 約束。傳輸中介通常會導致身份驗證失敗或標識符對齊失去。這些轉換可能符合標準,但仍會阻止 DMARC “通過”。

話雖如此,讓我們回顧一下整個場景:

一條消息從具有拒絕或隔離的 DMARC 策略的域發送到Public Google Group。Google 群組將收到來自原始發件人的郵件,並採用 DMARC 政策(拒絕或隔離)。現在組需要將消息擴展給它的成員(在收到它並檢查哪些成員應該得到它之後)。

郵件將從群組地址擴展到成員,但“發件人”將保持為原始發件人,但“SMTP FROM”(在 Google 方面稱為“返迴路徑”地址)將更改為群組地址.

什麼時候這可能是一個問題?

同樣,如果原始發件人具有 DMARC 以防止垃圾郵件發送者欺騙他們的域。因為當一個群組收到一條消息時,它會更改發件人欄位中的地址,從真正的發件人到群組地址,這在過去導致了很多 DMARC 拒絕。

Google做了什麼來解決這個問題?

為了緩解這種情況,Google 實施了一種變通方法來重寫“發件人”地址以使用本地域,因此 DKIM 現在正在通過 DMARC。

這對群組成員來說是什麼樣的?

“組成員通過以下方式接收來自外部發件人的消息作為’發件人的姓名’:”

即使最終的收件人可能會感到困惑。這是一項必要的功能,以保證從在其域中具有 DMARC 保護的發件人發送到組的消息的傳遞。

最後,正如您所注意到的,這在此處記錄

引用自:https://serverfault.com/questions/1004096

相關問答

Dkim

使用另一個域的 DKIM 密鑰簽名的電子郵件是否應該被視為垃圾郵件?

  • November 11, 2022
檢視問答
Domain-Name-System

網路解決方案 DNS 並不總是返回 DKIM 和 SPF 記錄

  • June 4, 2022
檢視問答
Email

(為什麼)電子郵件伺服器會因為 DKIM 而停止發送 DMARC 報告嗎?

  • April 25, 2022
檢視問答
Amazon-Web-Services

對於 AWS SES 中的電子郵件身份,如何將“via amazonses.com”替換為我的應用程序品牌“via example.com”?

  • April 15, 2022
檢視問答
Email

Google Apps 電子郵件 DKIM 不會進行身份驗證

  • April 14, 2022
檢視問答
Security

DKIM:我可以使用大於 2048 位(即 4096)的 RSA 密鑰嗎?

  • April 13, 2022
檢視問答