DMARC,DKIM,DomainKeys和SPF

支 持 本 站: 捐贈伺服器等運維費用,需要您的支持!

10多年前的知識忘得差不多了,寫個小小備忘錄。

查DomainKeys需要看收到的郵件中的這個header,把s和d組合起來,比如是

DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=bulk201106; d=mail.yahoo.co.jp; b=bNvC38JEkWNLJCBxxGQ/KGLaheEG7eU41ghICmB0ngeHf/N/aR3yO9SqAXlYjrvvmG3GrhhlLADUCU2c7VLRXZNfh/RYsCJ5MpMfCytwD4RPqDZwjU45us+FfX0W6nQGl0ojxuViakigrt/Ac2kHBW3BHRazFlolvcvucbyttp8=;

的話,那麼執行
dig txt bulk201106._domainkey.mail.yahoo.co.jp
或者
nslookup -type=txt bulk201106._domainkey.mail.yahoo.co.jp
於是得到
bulk201106._domainkey.mail.yahoo.co.jp. 900 IN TXT "v=DKIM1\; g=*\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGY5yeT3LUrd1662jmLZE1StxUbNVewEtDBGprWSKoyTdVFxp/OUVmZPom2v7/DCNt6sbisit7SwwpwT9U/gTGFlYHEyh2RShWe05ppMoc3gRBkAlC8SLaZ/SDtVgkUa4eIYkzWt1JXEANOXvXmZ0hxFxhLq0yLio1S7S/kg8KrwIDAQAB"

或者
bulk201106._domainkey.mail.yahoo.co.jp text = "v=DKIM1\; g=*\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGY5yeT3LUrd1662jmLZE1StxUbNVewEtDBGprWSKoyTdVFxp/OUVmZPom2v7/DCNt6sbisit7SwwpwT9U/gTGFlYHEyh2RShWe05ppMoc3gRBkAlC8SLaZ/SDtVgkUa4eIYkzWt1JXEANOXvXmZ0hxFxhLq0yLio1S7S/kg8KrwIDAQAB"



支 持 本 站: 捐贈伺服器等運維費用,需要您的支持!

其他相關的header如下

X-RocketSenderAuth: yahooip=true; suspicious=false; domainkeys-result=pass(ok); dkim-result=pass(ok); spf-result=pass; reversed-hostname=n12.bulk.ogk.yahoo.co.jp; dkauth-stat=ok;

Received-SPF: pass (n12.bulk.ogk.yahoo.co.jp: domain of wallet-error@serr.yahoo.co.jp designates 124.83.146.238 as permitted sender) receiver=n12.bulk.ogk.yahoo.co.jp; client-ip=124.83.146.238; envelope-from=wallet-error@serr.yahoo.co.jp;

Authentication-Results: mta730.mail.djm.yahoo.co.jp from=mail.yahoo.co.jp; domainkeys=pass (ok); dkim=pass (ok); header.i=@mail.yahoo.co.jp

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mail.yahoo.co.jp; s=bulk201106; t=1491886054; bh=TrqRI7SU1fNOI4lxReXbuqOICULT8Gj6JsGe0bX1x3k=; h=Received:Received:Date:Message-Id:Received:X-yahoo-newman-expires:X-yahoo-newman-property:X-yahoo-newman-id:From:Subject:Errors-To:To:X-yahoo-newman-property:MIME-Version:Content-Type; b=GKXegxqCpmuz7/vRy8Gk4l4P6HaCbUyCd84AwZmweVHYMkB2W5apZtyiYiJwue6VFZS5zgXZquEliyClFHgACmMrdvJh2sqmsulz2cw+i9iUrR7cgyVymFDhIgeWQPkTlknEJVjHRrNnTMIenQmLsXugH9pgGGnfJlTPhVwnGwU=

Comments: DKIM? See http://antispam.yahoo.co.jp/efforts_dk.html

DKIM-Signature的s和d同DomainKeys一樣,應該訪問的是DNS同一record的,但為啥算法不同?

spf比較簡單,

nslookup -type=txt _adsp._domainkey.mail.yahoo.co.jp
mail.yahoo.co.jp text = "v=spf1 include:bulk-spf.yahoo.co.jp include:gisa-spf.yahoo.co.jp include:relay-spf.yahoo.co.jp include:sf-spf.yahoo.co.jp include:rncx-spf.yahoo.co.jp ~all"

DMARC

nslookup -type=txt _dmarc.ymobile.ne.jp
_dmarc.ymobile.ne.jp text = "v=DMARC1\; p=none"

nslookup -type=txt _dmarc.yahoo.ne.jp
_dmarc.yahoo.ne.jp text = "v=DMARC1\; p=quarantine\; rf=afrf\; rua=mailto:ymail_dmarc_report@yahoo.ne.jp\; ruf=mailto:ymail_dmarc_report@yahoo.ne.jp"

支 持 本 站: 捐贈伺服器等運維費用,需要您的支持!

發布時間: