Email-Server
是否可以確定我收到的電子郵件是否通過 TLS 發送?
我正在審查我正在處理的應用程序使用的郵件發送服務的設置(該服務是一個名為Mandrill的 mailchimp 收購)。
我想確定,當我從該服務向自己(在 gmail.com)發送測試電子郵件時,郵件伺服器之間的流量是否使用 TLS。我可以訪問發送給我的電子郵件(我在下麵包含了標題)。
我打算詢問供應商是否支持此功能,但我也想知道我是否可以驗證他們親自告訴我的內容。
Delivered-To: recipient-local@gmail.com Received: by 10.79.123.142 with SMTP id k136xxxxxxxxxxxx; Tue, 5 Jul 2016 07:29:11 -0700 (PDT) X-Received: by 10.37.97.11 with SMTP id v11mxxxxxxxxxxxx.36.14nnnnnnnnnnn; Tue, 05 Jul 2016 07:29:11 -0700 (PDT) Return-Path: <bounce-xxxxxxx@mandrillapp.com> Received: from mail180-123.mandrillapp.com (mail180-123.mandrillapp.com. [a.b.c.d]) by mx.google.com with ESMTPS id mmmmmmmmmmm.nnn.2016.07.05.07.29.11 for <recipient-local@gmail.com> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 05 Jul 2016 07:29:11 -0700 (PDT) Received-SPF: pass (google.com: domain of bounce-xxxxxxx@mandrillapp.com designates a.b.c.d as permitted sender) client-ip=a.b.c.d; Authentication-Results: mx.google.com; dkim=pass header.i=@mail180-123.mandrillapp.com; dkim=pass header.i=@mandrillapp.com; spf=pass (google.com: domain of bounce-xxxxxxx@mandrillapp.com designates a.b.c.d as permitted sender) smtp.mailfrom=bounce-xxxxxxx@mandrillapp.com; dmarc=fail (p=NONE dis=NONE) header.from=gmail.com DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=mandrill; d=mail180-123.mandrillapp.com; h=From:Sender:Subject:Reply-To:To:Message-Id:Date:MIME-Version:Content-Type; i=sender@mail180-123.mandrillapp.com; bh=xxxxxxxxxxxxxxxxxxxxxxx+8fQ=; b=n+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxx+Z+tSJV/zEtr xxxxxxxxx+xxxxxx+xxxxxxxxxxxxxxxxxxxxxx/xxx/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxx= Received: from pmta03.mandrill.prod.suw01.rsglab.com (127.0.0.1) by mail180-123.mandrillapp.com id xxxxxxxxxxxx for <recipient-local@gmail.com>; Tue, 5 Jul 2016 14:29:11 +0000 (envelope-from <bounce-xxxxxxx@mandrillapp.com>) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mandrillapp.com; i=@mandrillapp.com; q=dns/txt; s=mandrill; t=1467728951; h=From : Sender : Subject : Reply-To : To : Message-Id : Date : MIME-Version : Content-Type : From : Subject : Date : X-Mandrill-User : List-Unsubscribe; bh=xxxxxxxxxxxxxxxxxxxxxxxx+xxxxxxxxxxxxxxxxxx=; b=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxx= From: recipient <recipient@gmail.com> Sender: recipient <sender@mail180-123.mandrillapp.com> Subject: =?utf-8?Q?Subject Return-Path: <bounce-xxxxxxx@mandrillapp.com> Received: from [208.nnn.nnn.nnn] by mandrillapp.com id xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; Tue, 05 Jul 2016 14:29:11 +0000 Reply-To: <recipient@gmail.com> To: ClientSeq ClientMcD <recipient-local@gmail.com> Message-Id: <nnnnnnnn.nnnnnnnn142911.nnnnnnnn1aadf2.nnnnnnnn@mail180-123.mandrillapp.com> Date: Tue, 05 Jul 2016 14:29:11 +0000 MIME-Version: 1.0
該行中提到 TLS
Received: from [...] (mail180-123.mandrillapp.com. [...]) by mx.google.com with ESMTPS [...] (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
很明顯,從 Mandrill 到 GMail 的連接確實受 TLS 保護。
對於 ESMTPS(安全 ESMTP)被列為傳輸的事實也是如此,請參閱RFC 3848。