DMARC,DKIM,DomainKeys和SPF
10多年前的知识忘得差不多了,写个小小备忘录。
查DomainKeys需要看收到的邮件中的这个header,把s和d组合起来,比如是
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=bulk201106; d=mail.yahoo.co.jp; b=bNvC38JEkWNLJCBxxGQ/KGLaheEG7eU41ghICmB0ngeHf/N/aR3yO9SqAXlYjrvvmG3GrhhlLADUCU2c7VLRXZNfh/RYsCJ5MpMfCytwD4RPqDZwjU45us+FfX0W6nQGl0ojxuViakigrt/Ac2kHBW3BHRazFlolvcvucbyttp8=; |
的话,那么执行
dig txt bulk201106._domainkey.mail.yahoo.co.jp
或者
nslookup -type=txt bulk201106._domainkey.mail.yahoo.co.jp
于是得到
bulk201106._domainkey.mail.yahoo.co.jp. 900 IN TXT "v=DKIM1\; g=*\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGY5yeT3LUrd1662jmLZE1StxUbNVewEtDBGprWSKoyTdVFxp/OUVmZPom2v7/DCNt6sbisit7SwwpwT9U/gTGFlYHEyh2RShWe05ppMoc3gRBkAlC8SLaZ/SDtVgkUa4eIYkzWt1JXEANOXvXmZ0hxFxhLq0yLio1S7S/kg8KrwIDAQAB" |
或者
bulk201106._domainkey.mail.yahoo.co.jp text = "v=DKIM1\; g=*\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGY5yeT3LUrd1662jmLZE1StxUbNVewEtDBGprWSKoyTdVFxp/OUVmZPom2v7/DCNt6sbisit7SwwpwT9U/gTGFlYHEyh2RShWe05ppMoc3gRBkAlC8SLaZ/SDtVgkUa4eIYkzWt1JXEANOXvXmZ0hxFxhLq0yLio1S7S/kg8KrwIDAQAB" |
支 持 本 站: 捐赠服务器等运维费用,需要您的支持!
其他相关的header如下
X-RocketSenderAuth: yahooip=true; suspicious=false; domainkeys-result=pass(ok); dkim-result=pass(ok); spf-result=pass; reversed-hostname=n12.bulk.ogk.yahoo.co.jp; dkauth-stat=ok;
Received-SPF: pass (n12.bulk.ogk.yahoo.co.jp: domain of [email protected] designates 124.83.146.238 as permitted sender) receiver=n12.bulk.ogk.yahoo.co.jp; client-ip=124.83.146.238; [email protected]; Authentication-Results: mta730.mail.djm.yahoo.co.jp from=mail.yahoo.co.jp; domainkeys=pass (ok); dkim=pass (ok); [email protected] DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mail.yahoo.co.jp; s=bulk201106; t=1491886054; bh=TrqRI7SU1fNOI4lxReXbuqOICULT8Gj6JsGe0bX1x3k=; h=Received:Received:Date:Message-Id:Received:X-yahoo-newman-expires:X-yahoo-newman-property:X-yahoo-newman-id:From:Subject:Errors-To:To:X-yahoo-newman-property:MIME-Version:Content-Type; b=GKXegxqCpmuz7/vRy8Gk4l4P6HaCbUyCd84AwZmweVHYMkB2W5apZtyiYiJwue6VFZS5zgXZquEliyClFHgACmMrdvJh2sqmsulz2cw+i9iUrR7cgyVymFDhIgeWQPkTlknEJVjHRrNnTMIenQmLsXugH9pgGGnfJlTPhVwnGwU= Comments: DKIM? See http://antispam.yahoo.co.jp/efforts_dk.html |
DKIM-Signature的s和d同DomainKeys一样,应该访问的是DNS同一record的,但为啥算法不同?
spf比较简单,
nslookup -type=txt _adsp._domainkey.mail.yahoo.co.jp
mail.yahoo.co.jp text = "v=spf1 include:bulk-spf.yahoo.co.jp include:gisa-spf.yahoo.co.jp include:relay-spf.yahoo.co.jp include:sf-spf.yahoo.co.jp include:rncx-spf.yahoo.co.jp ~all"
DMARC
nslookup -type=txt _dmarc.ymobile.ne.jp支 持 本 站: 捐赠服务器等运维费用,需要您的支持!
_dmarc.ymobile.ne.jp text = "v=DMARC1\; p=none"nslookup -type=txt _dmarc.yahoo.ne.jp
_dmarc.yahoo.ne.jp text = "v=DMARC1\; p=quarantine\; rf=afrf\; rua=mailto:[email protected]\; ruf=mailto:[email protected]"
留言簿