DMARC,DKIM,DomainKeys和SPF
10多年前的知識忘得差不多了,寫個小小備忘錄。
查DomainKeys需要看收到的郵件中的這個header,把s和d組合起來,比如是
| DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=bulk201106; d=mail.yahoo.co.jp; b=bNvC38JEkWNLJCBxxGQ/KGLaheEG7eU41ghICmB0ngeHf/N/aR3yO9SqAXlYjrvvmG3GrhhlLADUCU2c7VLRXZNfh/RYsCJ5MpMfCytwD4RPqDZwjU45us+FfX0W6nQGl0ojxuViakigrt/Ac2kHBW3BHRazFlolvcvucbyttp8=; |
的話,那麼執行
dig txt bulk201106._domainkey.mail.yahoo.co.jp
或者
nslookup -type=txt bulk201106._domainkey.mail.yahoo.co.jp
於是得到
| bulk201106._domainkey.mail.yahoo.co.jp. 900 IN TXT "v=DKIM1\; g=*\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGY5yeT3LUrd1662jmLZE1StxUbNVewEtDBGprWSKoyTdVFxp/OUVmZPom2v7/DCNt6sbisit7SwwpwT9U/gTGFlYHEyh2RShWe05ppMoc3gRBkAlC8SLaZ/SDtVgkUa4eIYkzWt1JXEANOXvXmZ0hxFxhLq0yLio1S7S/kg8KrwIDAQAB" |
或者
| bulk201106._domainkey.mail.yahoo.co.jp text = "v=DKIM1\; g=*\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGY5yeT3LUrd1662jmLZE1StxUbNVewEtDBGprWSKoyTdVFxp/OUVmZPom2v7/DCNt6sbisit7SwwpwT9U/gTGFlYHEyh2RShWe05ppMoc3gRBkAlC8SLaZ/SDtVgkUa4eIYkzWt1JXEANOXvXmZ0hxFxhLq0yLio1S7S/kg8KrwIDAQAB" |
支 持 本 站: 捐贈伺服器等運維費用,需要您的支持!
其他相關的header如下
| X-RocketSenderAuth: yahooip=true; suspicious=false; domainkeys-result=pass(ok); dkim-result=pass(ok); spf-result=pass; reversed-hostname=n12.bulk.ogk.yahoo.co.jp; dkauth-stat=ok;
Received-SPF: pass (n12.bulk.ogk.yahoo.co.jp: domain of wallet-error@serr.yahoo.co.jp designates 124.83.146.238 as permitted sender) receiver=n12.bulk.ogk.yahoo.co.jp; client-ip=124.83.146.238; envelope-from=wallet-error@serr.yahoo.co.jp; Authentication-Results: mta730.mail.djm.yahoo.co.jp from=mail.yahoo.co.jp; domainkeys=pass (ok); dkim=pass (ok); header.i=@mail.yahoo.co.jp DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mail.yahoo.co.jp; s=bulk201106; t=1491886054; bh=TrqRI7SU1fNOI4lxReXbuqOICULT8Gj6JsGe0bX1x3k=; h=Received:Received:Date:Message-Id:Received:X-yahoo-newman-expires:X-yahoo-newman-property:X-yahoo-newman-id:From:Subject:Errors-To:To:X-yahoo-newman-property:MIME-Version:Content-Type; b=GKXegxqCpmuz7/vRy8Gk4l4P6HaCbUyCd84AwZmweVHYMkB2W5apZtyiYiJwue6VFZS5zgXZquEliyClFHgACmMrdvJh2sqmsulz2cw+i9iUrR7cgyVymFDhIgeWQPkTlknEJVjHRrNnTMIenQmLsXugH9pgGGnfJlTPhVwnGwU= Comments: DKIM? See http://antispam.yahoo.co.jp/efforts_dk.html |
DKIM-Signature的s和d同DomainKeys一樣,應該訪問的是DNS同一record的,但為啥算法不同?
spf比較簡單,
nslookup -type=txt _adsp._domainkey.mail.yahoo.co.jp
mail.yahoo.co.jp text = "v=spf1 include:bulk-spf.yahoo.co.jp include:gisa-spf.yahoo.co.jp include:relay-spf.yahoo.co.jp include:sf-spf.yahoo.co.jp include:rncx-spf.yahoo.co.jp ~all"
DMARC
nslookup -type=txt _dmarc.ymobile.ne.jp支 持 本 站: 捐贈伺服器等運維費用,需要您的支持!
_dmarc.ymobile.ne.jp text = "v=DMARC1\; p=none"nslookup -type=txt _dmarc.yahoo.ne.jp
_dmarc.yahoo.ne.jp text = "v=DMARC1\; p=quarantine\; rf=afrf\; rua=mailto:ymail_dmarc_report@yahoo.ne.jp\; ruf=mailto:ymail_dmarc_report@yahoo.ne.jp"
留言簿