Security
垃圾郵件發送者如何使用我的Google應用域(它甚至有 DKIM!)
我最近得到了很多反彈。
我以為我的Google應用程序帳戶已被盜用,但我的應用程序帳戶上沒有任何活動,而且肯定沒有我可以看到的惡意使用者。
由於電子郵件總是從某個隨機使用者名(例如 onSecNtV1@mydomain.com)發送,我試圖找到一種方法來禁止未註冊使用者發送電子郵件。我什麼也找不到。
讓我擔心的是該消息具有 X-Google-DKIM-Signature,並顯示“Google 試圖傳遞您的消息”。這是否意味著電子郵件來自我信任的客戶?(我只用gmail)
AFAIK 垃圾郵件發送者可以隨意欺騙電子郵件的每個欄位,但 DKIM 應該讓(現代)伺服器丟棄這些無法驗證的電子郵件。
知道洩漏在哪裡嗎?
這是一個反彈的例子:
Delivery to the following recipient failed permanently: spoonbillzi7@etisbew.com Technical details of permanent failure: Google tried to deliver your message, but it was rejected by the server for the recipient domain 174.133.125.2 [174.133.125.2]. The error that the other server returned was: 553 sorry, that domain isn't in my list of allowed rcpthosts; no valid cert for gatewaying (#5.7.1) ----- Original message ----- X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:x-received:received-spf:mime-version:date:message-id :from:to:subject:content-type:content-transfer-encoding :list-unsubscribe:x-gm-message-state; bh=l2RiLiEDvrHgBMSAjtLmNgIpmW4D1EFAIr3O42oBysM=; b=UBSW90YcP4Fu1vDLnvGCp06XEE5+FOAUR62qSnQrnaPcsKWJSdFT7x7XSU2+vHrpTI RaN4pHJWlaMHqtAUoMFE0T9hgBj0blZnNMDtMRFkcU4QD0E/QNw6VIQlAjWGOWvXghMc G+SX+YLugnQEWS6tG6guf1hF31XoB4a2HxvxQO4J+lWNLg60LaS7K4DiUr4yG25mvXBU uy+tXqjLKyZgA9jmvyVvBKeRYVwMIWvscJ26yw17K7LRfGZkAXzuvTVyGMuLUzthj5c5 MSNZOG6u5faxtzdBkGRiNQVarq3IsXBuXcxk1vRiUktbM8OIhm2D4IrvhmTPrDF4yyTz EHhw== X-Received: by 10.50.37.239 with SMTP id b15mr4892361igk.69.1360854627245; Thu, 14 Feb 2013 07:10:27 -0800 (PST) X-Received: by 10.50.37.239 with SMTP id b15mr4892357igk.69.1360854627177; Thu, 14 Feb 2013 07:10:27 -0800 (PST) Return-Path: <onSecNtV1@mydomain.com> Received: from [117.201.44.87] ([117.201.34.157]) by mx.google.com with ESMTP id vx6si33676538igb.26.2013.02.14.07.10.25; Thu, 14 Feb 2013 07:10:26 -0800 (PST) Received-SPF: neutral (google.com: 117.201.34.157 is neither permitted nor denied by best guess record for domain of onSecNtV1@mydomain.com) client-ip=117.201.34.157; Authentication-Results: mx.google.com; spf=neutral (google.com: 117.201.34.157 is neither permitted nor denied by best guess record for domain of onSecNtV1@mydomain.com) smtp.mail=onSecNtV1@mydomain.com MIME-Version: 1.0 Date: Thu, 14 Feb 2013 20:40:29 +0530 Message-ID: <B23FC935D84FBB6D39DD9BDCC44CD2.176.3699432888759@D> From: "Valetine's Day" <onSecNtV1@mydomain.com> To: spoonbillzi7@etisbew.com Subject: I will be excited if you are my Valetine Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: 8bit List-Unsubscribe: <mailto:E7E740C2663A5B2B9D18@missinyou.com> X-Gm-Message-State: ALoCoQkVcAw4pG/8g2x1C02KHf4lLkBdJ4iLe9r1ZeGlGE1AwtZEQm5VsHh9tNmG04yH2ahWqXnIiKu7DrTf7j6bLHEaF0l0AMhrC6ZvnyJTUr4n+9TKMieQPycP0Pw8sCJ8DELiMNlLI/CGbgQ1ObMLghXauZTeqg== ----- End of message -----
確保您沒有為您的應用程序帳戶啟用全部地址,否則您將獲得大量隨機內容。 http://support.google.com/a/bin/answer.py?hl=en&answer=33962
不用擔心 X-Google-DKIM-Signature(或任何其他以 X- 開頭的標頭),這是特定於 Gmail 的,它不是您域的真正DKIM 簽名。如果您想設置一個,請查看以下文章: http: //support.google.com/a/bin/answer.py ?hl=en&answer=174124
拒絕與 DKIM 無關,而是與收件人有關。但是,為什麼 Google 郵件伺服器會嘗試向錯誤的 MX 發送郵件呢?對我來說沒有意義。當然,收件人系統可能配置不正確。失敗的收件人地址是否具有相同的 MX?
其他:您是否驗證了 DKIM 簽名?也許這只是一些技術性的文字……