使用 DKIM 和 SPF 鎖定並收到看起來由我們的 DKIM 簽名的電子郵件
我們收到了這封電子郵件,這絕對是垃圾郵件/欺騙我們的東西(我還沒有設置 DMARC,還沒有完成在另一個為我們發送電子郵件的服務上設置 DKIM)。我不明白他們是如何簽署他們的東西的,所以 gmail 認為它是由 orderlyhealth.com 簽署的
我確實在論壇中粘貼了 DNS TXT 記錄,但 AFAIK,該 DNS 記錄無論如何都可以通過 DNS 查詢公開獲得。我怎樣才能解決這個問題?
我的意思是,我可以生成另一個 DKIM,但這個在 2 天前是全新的。有人知道我們是如何簽名的嗎?
這是更詳細的輸出。我也不確定 s=arc20160816 是什麼?
Delivered-To: dean@orderlyhealth.com Received: by 2002:a6b:5001:0:0:0:0:0 with SMTP id e1csp1947026iob; Fri, 21 Feb 2020 05:04:06 -0800 (PST) X-Received: by 2002:ac8:7b45:: with SMTP id m5mr32434623qtu.360.1582290246056; Fri, 21 Feb 2020 05:04:06 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1582290246; cv=pass; d=google.com; s=arc-20160816; b=bvvshqe0Y8Uniim1d8GKdZU7oqyDn0298i8qhPkP73I+A2vePpiF22VkubNgGlWSUD bNtas4I6zYKQU/d7uxhQuHbbyFx2HMUR4n1xf6QyP719+GlCu3PcSi8BkNWZRkEXHFxw 92DF3KJtwxW6YVcglD+jjVOR5gsXjEpJlfBqrxa0Rl4Q+C0/tmLWpVFCmltz87se+8Za m6YrD+/iJp1OjilSD54V3OBK0KQqV9VzxuGxxMkxPBuKkYj73nM112E6pp/QVJ5me/TJ BM8lGsGK2ZglS1T6+TtEvKv7yaj3MlhhL6s9ClWQHTFg2XSSqVQULBtCaxPIOwKVPLfN CvLQ== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:references:mime-version :subject:message-id:to:from:date:dkim-signature; bh=o+BHhaX/uRUnoG19hCZjf0gaI+eThuTb2hVLwjdhJ3w=; b=UuS0+uU5YLc47u5c5BUaVqUgPFUmHgbBfmdLBm6afmXpiFWlmP8f2q65AdT/N5eG6D z/Co8HUH6ofQ76w/LV4fNc4Jy2KUzK+MA++/6I33Gt9MK6JIaKJSejWOnCrMCOhCyhVU Rmo6xhvDCkHGY/0tr+etMMssZK+CV3LnitgDSOphKFma5Gdlb4cVoV3F9vfXtFa4Jwun XAt/6rZTzDKY16NsEMgs+FHbeyX6W4BM2JVAjH3UOAMBZjW1ImGQJ9dl/f0rWzcVa0Ix nIUkedzzZkzwe1qXC2lpqFwquP3MI6sGZ9c7r4DfJ6jpmqoCxPi5YcqKFMhQfkiSCNnU l1Cw== ARC-Authentication-Results: i=3; mx.google.com; dkim=pass header.i=@orderlyhealth.com header.s=google header.b="IAZPaAZ/"; arc=pass (i=2 spf=pass spfdomain=aol.com dkim=pass dkdomain=aol.com dmarc=pass fromdomain=aol.com); spf=pass (google.com: domain of feedback+bncbaabbrfkx7zakgqeupi2jgi@orderlyhealth.com designates 209.85.220.69 as permitted sender) smtp.mailfrom=feedback+bncBAABBRFKX7ZAKGQEUPI2JGI@orderlyhealth.com Return-Path: <feedback+bncBAABBRFKX7ZAKGQEUPI2JGI@orderlyhealth.com> Received: from mail-sor-f69.google.com (mail-sor-f69.google.com. [209.85.220.69]) by mx.google.com with SMTPS id r145sor2399960qke.204.2020.02.21.05.04.05 for <dean@orderlyhealth.com> (Google Transport Security); Fri, 21 Feb 2020 05:04:06 -0800 (PST) Received-SPF: pass (google.com: domain of feedback+bncbaabbrfkx7zakgqeupi2jgi@orderlyhealth.com designates 209.85.220.69 as permitted sender) client-ip=209.85.220.69; Authentication-Results: mx.google.com; dkim=pass header.i=@orderlyhealth.com header.s=google header.b="IAZPaAZ/"; arc=pass (i=2 spf=pass spfdomain=aol.com dkim=pass dkdomain=aol.com dmarc=pass fromdomain=aol.com); spf=pass (google.com: domain of feedback+bncbaabbrfkx7zakgqeupi2jgi@orderlyhealth.com designates 209.85.220.69 as permitted sender) smtp.mailfrom=feedback+bncBAABBRFKX7ZAKGQEUPI2JGI@orderlyhealth.com ARC-Seal: i=2; a=rsa-sha256; t=1582290245; cv=pass; d=google.com; s=arc-20160816; b=HrjnGBJO93TjEeQKQ+eEi4EMWoiirXDmkGZyZtUkzvXMwLdui9ZZn2Yz+niGOI4znU FIFjlVnXnq64V8kzcnkn//O8yEDXVEO2nA9efPd/RZWBN1MJjYRHBlSCGh8wndAQ8J4+ 7m6oFf4P99PJ91oUNk49b1tSURYYoUEFPe51QPYKtFDmO0x+d3ddI21GOhVtYrLaaW1E S8HCDhIRJAEhT3lGT6jIEZJMtpCNkGchlbIrDevGvv8RUVvn3fwk8m9CaOcL0jvSzoa7 IeQ8PQ6M1+9OGfxPLY4jgZOCaVxnZfKoxGzO4U0+jbBDcj0Kj5ao2JZ4e6Ua9Y8tR4tO 9AGA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:references:mime-version :subject:message-id:to:from:date:dkim-signature; bh=o+BHhaX/uRUnoG19hCZjf0gaI+eThuTb2hVLwjdhJ3w=; b=uSuHz78h1ffeLXb463HK8vEkVgfSGktSAcWE1iE2F+pShTj6vdLek43chmlK2hW51z bSEZ9oyNWmjvBcY32sdJ55vAo3jkS0DsJGekZ1SfNNzVdOj6h0rCN1WuRaYmwu1tSI/u WhYepwYixaUThWE/RA4ZIvgdVMoGWTWklI4QVqnB+Q0tbGJ1OlzYKIQJoaY/GtKYYzDT 4CMJPd0I+94eKVm2S5UAbkBEebv3asHYdsocn0txA/EpyGrho1bHD3gG4dBGsN9q3Mdr vH4xLK4JXh2EHg770rn19QaGQ4Tg496jTPOKiH49HplAGFmvurHEwXmmTetoWFmztCLC bYDw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@aol.com header.s=a2048 header.b=emKsZo83; spf=pass (google.com: domain of martin.bettygrop@aol.com designates 74.6.135.41 as permitted sender) smtp.mailfrom=martin.bettygrop@aol.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=aol.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orderlyhealth.com; s=google; h=date:from:to:message-id:subject:mime-version:references :x-original-sender:x-original-authentication-results:reply-to :precedence:mailing-list:list-id:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=o+BHhaX/uRUnoG19hCZjf0gaI+eThuTb2hVLwjdhJ3w=; b=IAZPaAZ/WUaejaVM9hWRc8Mmnd0HyoxMZmajftg74JtWUQG+UGsrN5u86M2ygl2FSc 0xoZgJ3Y4lXPft9XY4K8Am7FwRbBnQEu6C0/e7b3iJM27pUwkNs/EMZkiZQa8ANgC14b /0U8BFsdnD9urqKPpPqUZKzu8TNzuUx5I1iuijTURbw/9eI/ucfFj+UzPxvN0HhADpXM XXi/h2Vooo1OI2MuHhMZOCER1gf2StsTE6tqku41W02lgBZUyLvyql24/HYsyml9SahK HGuDCV+H32e8y3SOf08xh3OZcDPyxSs+79Tk0HWv23K/q7Om8NdAilPgEBX9rdbM2t05 CNPg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:message-id:subject:mime-version :references:x-original-sender:x-original-authentication-results :reply-to:precedence:mailing-list:list-id:x-spam-checked-in-group :list-post:list-help:list-archive:list-subscribe:list-unsubscribe; bh=o+BHhaX/uRUnoG19hCZjf0gaI+eThuTb2hVLwjdhJ3w=; b=V2XV9PuGtu7Nx7qBVwYw0v343y02ghIEau3AfDMDu5p0gS2SCXadBEhkdM5lBS/x60 ULndSssSsmACnnQLoCmOfcYv3ztTl9DQTRrOS1FNh36jcZnNtDA7zuAV9H6uHsb2xVzi sEE4UDtc9M2Qnc8K6yClZuVpjj9Be+4E0/2OGPVPc0ZRcEfOcluD5SCsgMorxEboRpmh W9LPyQtu8UHEDl40hDI6gvGU4lGrfYqX5ABLbYEV6rkTeZw8DA4pedP3JlIvukxuVaeG ZR5SyWIUEocQfm3o6mKwj0j7koO0TQLW2eQMk3FjUGsrCLf1vLaoBc0BvPgaIaz6+Hei swog== X-Gm-Message-State: APjAAAVXv7rfrJWWeH4DALmtuGKw10JItkCWTmhOJA/DttBJCUjg3iJa O4UZUAEMH+n0JurZYSj2BETwSyI= X-Google-Smtp-Source: APXvYqxzIg8yD5Fbvg2l4ZtzJYzsgrZ13izO+9hff5n6r3rWYRsqj9qx5XKSRQ9IA099ey/w1c5BOQ== X-Received: by 2002:a37:4ce:: with SMTP id 197mr33148857qke.269.1582290245238; Fri, 21 Feb 2020 05:04:05 -0800 (PST) X-BeenThere: orderlyhealth.com Received: by 2002:ad4:42c4:: with SMTP id f4ls450657qvr.10.gmail; Fri, 21 Feb 2020 05:04:05 -0800 (PST) X-Received: by 2002:a05:6214:b82:: with SMTP id fe2mr25983273qvb.35.1582290244028; Fri, 21 Feb 2020 05:04:04 -0800 (PST) X-BeenThere: feedback@orderlyhealth.com Received: by 2002:a37:6550:: with SMTP id z77ls1078681qkb.10.gmail; Fri, 21 Feb 2020 05:04:03 -0800 (PST) X-Received: by 2002:a37:4fc3:: with SMTP id d186mr34983318qkb.100.1582290240711; Fri, 21 Feb 2020 05:04:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582290240; cv=none; d=google.com; s=arc-20160816; b=LpdcX4j2wKD56mtNgthN2w5TVpRsKTCN9hNVQDnecTeFW7xZvaPXhchXz4Dn6UIwUL NJYL991vfhnXxr3vFRgaowFwZugsqI4c7zPy1EMfURNKZSn+8j8eL6R6rMo1odoV4pPE 8DxC6xEMGiIPSFkTuW1Oo65nUOyO/vzotDK1Mhkupniu5Qy8wLNenY7qpcE7B5Na9BXn EGWmenzmiSHr2B864PoT0Skzs0j74jMduVGZTof8DtVC+MxF1jaU58GWcQHCcUl2JJHl v+NdxWUSlRbxcHXmBmdFqe9qZwj6zUr39+OfJq4wv1rPRjLtGLyihL0AdJMzwLCJK9Wb FZPA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:mime-version:subject:message-id:to:from:date :dkim-signature; bh=o+BHhaX/uRUnoG19hCZjf0gaI+eThuTb2hVLwjdhJ3w=; b=Ef09qd/Uc9Bcw8+GaDeseFJ9wR7IIAzyUAfqFTb/0xfwWRPRm8700nHw7IcJbWEZh7 w5qvyjwQGGidQMYQT7C3UH8kXiU7P0VG1/lHsaJ9gigRw22G9SLtwTIi/C8FYMbrOpMB xvx9v178RbdHgi6Vuq/JvBtAKzw+DYUl/3C3v/IbEG+ebj2Eppdxc7OvkEh+KAhRY3QF 2LzaDwhMtblMGcwkEd2aMGdKcmaPYinA/B64o0gE+LGYn1pQbMDS+Q3x00c7gQx32G1z Vh36st5JyqS4+2vDSwRTS/Gk49WibbqHVecQIy4HSCsjH3Y3nCs0wxev83vMMLWjBRqV uV9g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@aol.com header.s=a2048 header.b=emKsZo83; spf=pass (google.com: domain of martin.bettygrop@aol.com designates 74.6.135.41 as permitted sender) smtp.mailfrom=martin.bettygrop@aol.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=aol.com Received: from sonic302-2.consmr.mail.bf2.yahoo.com (sonic302-2.consmr.mail.bf2.yahoo.com. [74.6.135.41]) by mx.google.com with ESMTPS id g5si1394012qto.185.2020.02.21.05.04.00 for <feedback@orderlyhealth.com> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Feb 2020 05:04:00 -0800 (PST) Received-SPF: pass (google.com: domain of martin.bettygrop@aol.com designates 74.6.135.41 as permitted sender) client-ip=74.6.135.41; X-YMail-OSG: eIMotm8VM1lJRGZ6HkOePTinhGTSwUpqW3g0AaIVpUBzAkbnX_YdaTiqth4rij2 QEhqgw83g6cToWHo0_kHoMl5yMWPX.YASm8NYFzeCbbNGOGrFJYljIUVZbXIiGp.KE0aqZVARXlO ooTOCkOBgQVLWKDqNZUx2ZI9w0_pHkc41NNJSSlJmF_bWE4C33xlYkMk0O8kiFR_Ry_veSvX5g7k owgwN2L8PYia5s.vN_7jptvAWsb4FvnnoktaFpU9K5qwxUQZ8VFuw0LRAT3._s9H4zVjwEO6IsRe KKUB0FDI1CBEcmgHWGj6cLnW.FRRcE5hyOTHiiBC5uETyIWjrRzS5nXhv0.Jme5mKKcZTduLbkM2 fbf3jG_0Mq_Sh2rZKQqgLj0.ajBYxtdEtDYBkkTsjLq6z9X.YGQTWnsg10PIW4O88MeJMRrUpE3D 1r88rDRP4vsGtR4U2WWxPKoBQ5fFR7.F9WkxOUnFPOZTOY3s8oE8K6ZeXKcj5uq1g9.INIx8TxQ8 TZ4.i8sEfxkf0EmDxBjoQu0PCSEenLqMzP.Xhsq1Q9QzZ8znIFp2VOxok21pxh2XRnxdw.zNrcbg a9.5ga1l42x4rSeGh7Ev42twsIU6M2FHgydnG.SzB._kXRFIBTwJNQmEqiQ1LQE_vEV0oKBRTlxt AIZGFCyTD2FqsVnjRSdwQf0JQHmZd_DDCFhwrIx91cg8cOpCnYxUesUx8.cTqEcaVvWLu9Bgs834 m0kJc7yFVPtq_TJ11HlmnvCx0TVkEaTTOU5mkMV510XiQzUu5dEDhORyQco4XHuWTUeJmmN_ABYt MtnTSO.xbJybFao8niPdtsX70HnUaJASmyWFZnmiYxspcYVc94kGW45QG1i7C.mdl2AKqH_x7PJY OTg82GixgroOsHdRQW5ar.TF0DVdKWenptUQigXz7tNUJxSpLCbWdJGvwf_YV7C_gB6BFZT3aAfi ZVZBsdyDJ1nLMmZLvQuZjpa41kxjD7XdUGPR3O7PIF2lwrvYOZ33fyBvJRMKTRO67Rcy2OVZgeBX jHYBQCQf2zaSacLwiL1aTyX1KXkcS0sTqhOM.EkIyWpcjlI0zvpCU4xfv2zJaGRrWqtSec.SySzy YRFHk.k4JM.i.hXpb8HgzspqvfzyeNbddAvBJaOeEZwrrkwuCWQYpqoRczzy4qeNzXoOHHADaN3J JIJl75MnWUx78hs23ev7TYuhTg1J.k4y56WBeq1uW42kk5ov.tGNM0vPTQypqxiqvkr9fMKY0RTR C2FFpYa2BK85McjhbQeJMjN2olmQD5IisSGAAJ42YBWXqvQ-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic302.consmr.mail.bf2.yahoo.com with HTTP; Fri, 21 Feb 2020 13:04:00 +0000 Date: Fri, 21 Feb 2020 13:03:57 +0000 (UTC) From: "'Candy Villegas' via Feedback" <feedback@orderlyhealth.com> To: info@jodimann.com Message-ID: <364582543.4526783.1582290237759@mail.yahoo.com> Subject: [feedback] February Overdue Invoice, from Amazon Enterprises MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_Part_4526782_1221472274.1582290237759" References: <364582543.4526783.1582290237759.ref@mail.yahoo.com> X-Mailer: WebService/1.1.15199 aolwebmail Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 251525 X-Original-Sender: martin.bettygrop@aol.com X-Original-Authentication-Results: mx.google.com; dkim=pass header.i=@aol.com header.s=a2048 header.b=emKsZo83; spf=pass (google.com: domain of martin.bettygrop@aol.com designates 74.6.135.41 as permitted sender) smtp.mailfrom=martin.bettygrop@aol.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=aol.com X-Original-From: Candy Villegas <martin.bettygrop@aol.com> Reply-To: Candy Villegas <martin.bettygrop@aol.com> Precedence: list Mailing-list: list feedback@orderlyhealth.com; contact feedback+owners@orderlyhealth.com List-ID: <feedback.orderlyhealth.com> X-Spam-Checked-In-Group: feedback@orderlyhealth.com X-Google-Group-Id: 25325095221 List-Post: <https://groups.google.com/a/orderlyhealth.com/group/feedback/post>, <mailto:feedback@orderlyhealth.com> List-Help: <https://support.google.com/a/orderlyhealth.com/bin/topic.py?topic=25838>, <mailto:feedback+help@orderlyhealth.com> List-Archive: <https://groups.google.com/a/orderlyhealth.com/group/feedback/> List-Subscribe: <https://groups.google.com/a/orderlyhealth.com/group/feedback/subscribe>, <mailto:feedback+subscribe@orderlyhealth.com> List-Unsubscribe: <mailto:googlegroups-manage+25325095221+unsubscribe@googlegroups.com>, <https://groups.google.com/a/orderlyhealth.com/group/feedback/subscribe>
只是為了添加更多關於 @Dean 和 @Reinto 發現的關於 Google 為什麼在發件人姓名上實施“通過”資訊的詳細資訊:
根據 DMARC rfc7489,低於 10.5。 互操作性問題
“因為 DMARC 依賴於
$$ SPF $$和/或$$ DKIM $$要實現“通過”,它們的局限性也同樣適用。 當消息由某些中介(例如郵件列表)處理時,會出現額外的 DMARC 約束。傳輸中介通常會導致身份驗證失敗或標識符對齊失去。這些轉換可能符合標準,但仍會阻止 DMARC “通過”。
話雖如此,讓我們回顧一下整個場景:
一條消息從具有拒絕或隔離的 DMARC 策略的域發送到Public Google Group。Google 群組將收到來自原始發件人的郵件,並採用 DMARC 政策(拒絕或隔離)。現在組需要將消息擴展給它的成員(在收到它並檢查哪些成員應該得到它之後)。
郵件將從群組地址擴展到成員,但“發件人”將保持為原始發件人,但“SMTP FROM”(在 Google 方面稱為“返迴路徑”地址)將更改為群組地址.
什麼時候這可能是一個問題?
同樣,如果原始發件人具有 DMARC 以防止垃圾郵件發送者欺騙他們的域。因為當一個群組收到一條消息時,它會更改發件人欄位中的地址,從真正的發件人到群組地址,這在過去導致了很多 DMARC 拒絕。
Google做了什麼來解決這個問題?
為了緩解這種情況,Google 實施了一種變通方法來重寫“發件人”地址以使用本地域,因此 DKIM 現在正在通過 DMARC。
這對群組成員來說是什麼樣的?
“組成員通過以下方式接收來自外部發件人的消息作為’發件人的姓名’:”
即使最終的收件人可能會感到困惑。這是一項必要的功能,以保證從在其域中具有 DMARC 保護的發件人發送到組的消息的傳遞。
最後,正如您所注意到的,這在此處記錄