Email

儘管 SPF 失敗,但 mx.google.com 仍發送垃圾郵件

  • May 3, 2015

一些垃圾郵件發送者使用我們的電子郵件地址作為偽造電子郵件的發件人。現在,我們從不再存在的電子郵件中收到了數以千計的退回郵件。

我們設置了 SPF 和 DKIM 記錄,但它並沒有停止。

procrastination.com TXT v=DMARC1;p=reject;sp=reject;pct=100;aspf=r;fo=0;ri=86400;rua=mailto:info@procrastination.com    IN  3600

procrastination.com TXT v=spf1 ip4:77.240.191.234 ip4:83.167.254.20 ip4:83.167.254.21 ip4:83.167.254.22 ip4:81.95.97.117 ip4:81.95.97.100 a -all

表單郵件頭看起來像垃圾郵件發送者在他的電子郵件中使用Google SMTP mx.google.com 被傳遞,儘管 SPF 結果是失敗的。

範例標題如下:

   Delivery to the following recipient failed permanently:

    r.fiores@webmail.flcgil.it

Technical details of permanent failure: 
Google tried to deliver your message, but it was rejected by the server for the recipient domain webmail.flcgil.it by webmail.flcgil.it. [109.168.127.232].

The error that the other server returned was:
550 5.1.1 <r.fiores@webmail.flcgil.it>: Recipient address rejected: User unknown in virtual mailbox table


----- Original message -----

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
       d=1e100.net; s=20130820;
       h=x-original-authentication-results:x-gm-message-state:message-id
        :reply-to:from:subject:date:mime-version:content-type
        :content-transfer-encoding:delivered-to;
       bh=DWSqotpOUM1r96KR6EV4WUBt9g/4xHl2j4TzsRWmYtM=;
       b=Z/uEm+/nMjD5ynw2bKuAtnqTFvpJ6QbUnJbXtPyYU1xONdOI+630z8WGZPfCkEjrR8
        +iIrp9EH7y+3xOpEL2N5JoKtkMpcbgUuyC8N6dH5Mx1aZZXAylg1mXc6uMne2NhQAZVW
        XGVmikat0wxCsgSYt+T8nHXULU/OY5LlAbGiKD0EQ96nvRB0fyquVyHFvQfKLi7gORlD
        939MMe1QiEw/4aH4oEigEOgMoAZe+1SxoiyJfj/M80iHtsh97bhHCukB4Yni9aX9LJEc
        edS2ZS9c5IBnTmTmLbQwlZXx65u9Z3FIUSU82GQSWOF6Upp2ZzHwt7Az3hbfn+Or5Sy/
        lGvg==
X-Original-Authentication-Results: mx.google.com;       spf=fail (google.com: domain of info@procrastination.com does not designate 66.84.38.179 as permitted sender) smtp.mail=info@procrastination.com
X-Received: by 10.42.50.81 with SMTP id z17mr14637142icf.57.1430488267890;
       Fri, 01 May 2015 06:51:07 -0700 (PDT)
X-Gm-Message-State: ALoCoQkCSb7aXwRPbIiUnV3a6JAZsPok55aOGUIsgkMbXM4B9QOW7RY14KvVmumEXab7Rh5k2YlELm1N9oWNNCvASrmS2cavQKBK4Kp7sNFkm6YKqjisbzTMuq6cso3vvh4X/KsH8bgCx7+Yg5E7IVbLsSgjr+rRlicTI1tXLVq88gyQdAE/3bE=
X-Received: by 10.42.50.81 with SMTP id z17mr14637132icf.57.1430488267815;
       Fri, 01 May 2015 06:51:07 -0700 (PDT)
Return-Path: <info@procrastination.com>
Received: from procrastination.net (s179.n38.n84.n66.static.myhostcenter.com. [66.84.38.179])
       by mx.google.com with ESMTPS id z2si3656962icq.16.2015.05.01.06.51.07
       for <r.fiores@flcgil.it>
       (version=TLSv1 cipher=RC4-SHA bits=128/128);
       Fri, 01 May 2015 06:51:07 -0700 (PDT)
Received-SPF: fail (google.com: domain of info@procrastination.com does not designate 66.84.38.179 as permitted sender) client-ip=66.84.38.179;
Authentication-Results: mx.google.com;
      spf=fail (google.com: domain of info@procrastination.com does not designate 66.84.38.179 as permitted sender) smtp.mail=info@procrastination.com
Received: from User ([154.118.4.5])
   (authenticated bits=0)
   by procrastination.net (8.13.1/8.13.1) with ESMTP id t41DosSm007397;
   Fri, 1 May 2015 09:50:59 -0400
Message-Id: <201505011350.t41DosSm007397@procrastination.net>
X-Orig: [154.118.4.5]
X-Authentication-Warning: procrastination.net: procrast owned process doing -bs
Reply-To: <wwwxxx5@konin.lm.pl>
From: "INTERNATIONAL MONETARY FUND"<info@procrastination.com>
Subject: Attn: Your Long Over due payment claim/change of account?
Date: Fri, 1 May 2015 14:51:05 +0100
MIME-Version: 1.0
Content-Type: text/plain;
   charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Antivirus: avast! (VPS 150501-0, 05/01/2015), Outbound message
X-Antivirus-Status: Clean
Delivered-To: r.fiores@flcgil.it

知道我們是如何做到這一點的嗎?為什麼SPF沒有幫助?

您不能強迫其他人根據 SPF 和 DKIM 或任何其他標準過濾他們的傳入郵件。如果Google選擇忽略 SPF,那就這樣吧;你已經盡了自己的一份力,你現在所能做的就是坐下來,忽略那些不過濾 SPF 的人的任何抱怨。

也就是說,擁有有效的 SPF 記錄確實會減少反向散射,因為理性的垃圾郵件發送者會更喜歡偽造來自沒有有效 SPF 記錄以 結尾的域的電子郵件-all,就像您的那樣。您可能會發現,在目前的反向散射浪潮過去之後,情況確實有所改善。

引用自:https://serverfault.com/questions/687157