Lavoro per una piccola azienda. Abbiamo molti IP neri elencati a causa dello spamming. Abbiamo deciso di installare dmarc per il nostro server di posta. Questo è stato configurato e funziona correttamente. Il problema ora è che nella relazione, pochi record passano la politica di dmarc e qualcosa non è facile Capire perché non passano. Ecco un esempio di rapporto.
1 <?xml version="1.0" encoding="UTF-8" ?>
2 <feedback>
3 <report_metadata>
4 <org_name>google.com</org_name>
5 <email>[email protected]</email>
6 <extra_contact_info>https://support.google.com/x/xxxxxx/xxxxxxx</extra_contact_info>
7 <report_id>00000000000000000000</report_id>
8 <date_range>
9 <begin>xxxxxxxxxx</begin>
10 <end>xxxxxxxxxx</end>
11 </date_range>
12 </report_metadata>
13 <policy_published>
14 <domain>mydomain.com</domain>
15 <adkim>r</adkim>
16 <aspf>r</aspf>
17 <p>none</p>
18 <sp>none</sp>
19 <pct>100</pct>
20 </policy_published>
21 <record>
22 <row>
23 <source_ip>xx.x.xxx.xx</source_ip>
24 <count>1</count>
25 <policy_evaluated>
26 <disposition>none</disposition>
27 <dkim>fail</dkim>
28 <spf>fail</spf>
29 </policy_evaluated>
30 </row>
31 <identifiers>
32 <header_from>rrrrr.mydomain.com</header_from>
33 </identifiers>
34 <auth_results>
35 <spf>
36 <domain>xxxx-xxxxxxxx-1.dep.sk</domain>
37 <result>none</result>
38 </spf>
39 </auth_results>
40 </record>
41 <record>
42 <row>
43 <source_ip>xx.xxx.xx.176</source_ip>
44 <count>1</count>
45 <policy_evaluated>
46 <disposition>none</disposition>
47 <dkim>fail</dkim>
48 <spf>fail</spf>
49 </policy_evaluated>
50 </row>
51 <identifiers>
52 <header_from>xxxxx.xxxxxxxxxx.com</header_from>
53 </identifiers>
54 <auth_results>
55 <spf>
56 <domain>xxxxxxxxx.web-bbbbbbb.com</domain>
57 <result>none</result>
58 </spf>
59 </auth_results>
60 </record>
61 <record>
62 <row>
63 <source_ip>xxx.xx.xxx.124</source_ip>
64 <count>2</count>
65 <policy_evaluated>
66 <disposition>none</disposition>
67 <dkim>fail</dkim>
68 <spf>fail</spf>
69 </policy_evaluated>
70 </row>
71 <identifiers>
72 <header_from>xxxxxxxxxxxx.xxxxxxxxxx.com</header_from>
73 </identifiers>
74 <auth_results>
75 <spf>
76 <domain>xxxxxxxxxxxx.xxxxxxxxxxxx.xxxxxxxxxx.com</domain>
77 <result>none</result>
78 </spf>
79 </auth_results>
80 </record>
81 <record>
82 <row>
83 <source_ip>193.100.124.106</source_ip>
84 <count>2</count>
85 <policy_evaluated>
86 <disposition>none</disposition>
87 <dkim>fail</dkim>
88 <spf>fail</spf>
89 </policy_evaluated>
90 </row>
91 <identifiers>
92 <header_from>mydomain.com</header_from>
93 </identifiers>
94 <auth_results>
95 <spf>
96 <domain>relay1.mydomain.com</domain>
97 <result>none</result>
98 </spf>
99 </auth_results>
100 </record>
101 <record>
102 <row>
103 <source_ip>193.100.126.107</source_ip>
104 <count>17</count>
105 <policy_evaluated>
106 <disposition>none</disposition>
107 <dkim>fail</dkim>
108 <spf>pass</spf>
109 </policy_evaluated>
110 </row>
111 <identifiers>
112 <header_from>mydomain.com</header_from>
113 </identifiers>
114 <auth_results>
115 <spf>
116 <domain>mydomain.com</domain>
117 <result>pass</result>
118 </spf>
119 </auth_results>
120 </record>
121 <record>
122 <row>
123 <source_ip>xxx.xx.xxx.69</source_ip>
124 <count>1</count>
125 <policy_evaluated>
126 <disposition>none</disposition>
127 <dkim>fail</dkim>
128 <spf>fail</spf>
129 </policy_evaluated>
130 </row>
131 <identifiers>
132 <header_from>xxxxx.mydomain.com</header_from>
133 </identifiers>
134 <auth_results>
135 <spf>
136 <domain>xxxxxxxxxxxx.google.com</domain>
137 <result>none</result>
138 </spf>
139 </auth_results>
140 </record>
141 <record>
142 <row>
143 <source_ip>193.100.124.53</source_ip>
144 <count>7</count>
145 <policy_evaluated>
146 <disposition>none</disposition>
147 <dkim>fail</dkim>
148 <spf>fail</spf>
149 </policy_evaluated>
150 </row>
151 <identifiers>
152 <header_from>xxxxxxxxxxxxxxx.dmz.mydomain.com</header_from>
153 </identifiers>
154 <auth_results>
155 <spf>
156 <domain>xxxxxxxxxxxxxxx.dmz.mydomain.com</domain>
157 <result>none</result>
158 </spf>
159 </auth_results>
160 </record>
161 <record>
162 <row>
163 <source_ip>193.100.126.32</source_ip>
164 <count>8</count>
165 <policy_evaluated>
166 <disposition>none</disposition>
167 <dkim>fail</dkim>
168 <spf>pass</spf>
169 </policy_evaluated>
170 </row>
171 <identifiers>
172 <header_from>mydomain.com</header_from>
173 </identifiers>
174 <auth_results>
175 <spf>
176 <domain>mydomain.com</domain>
177 <result>pass</result>
178 </spf>
179 </auth_results>
180 </record>
181 <record>
182 <row>
183 <source_ip>193.100.126.32</source_ip>
184 <count>2</count>
185 <policy_evaluated>
186 <disposition>none</disposition>
187 <dkim>fail</dkim>
188 <spf>fail</spf>
189 </policy_evaluated>
190 </row>
191 <identifiers>
192 <header_from>mydomain.com</header_from>
193 </identifiers>
194 <auth_results>
195 <spf>
196 <domain>mail.mydomain1.com</domain>
197 <result>none</result>
198 </spf>
199 </auth_results>
200 </record>
201 <record>
202 <row>
203 <source_ip>xxx.xx.xx.5</source_ip>
204 <count>2</count>
205 <policy_evaluated>
206 <disposition>none</disposition>
207 <dkim>fail</dkim>
208 <spf>fail</spf>
209 </policy_evaluated>
210 </row>
211 <identifiers>
212 <header_from>mydomain.com</header_from>
213 </identifiers>
214 <auth_results>
215 <spf>
216 <domain>xxxxx-red-xxxxxxxxxxxxxxxxxxxxx.jp</domain>
217 <result>none</result>
218 </spf>
219 </auth_results>
220 </record>
221 <record>
222 <row>
223 <source_ip>193.100.126.124</source_ip>
224 <count>1</count>
225 <policy_evaluated>
226 <disposition>none</disposition>
227 <dkim>fail</dkim>
228 <spf>fail</spf>
229 </policy_evaluated>
230 </row>
231 <identifiers>
232 <header_from>mydomain.com</header_from>
233 </identifiers>
234 <auth_results>
235 <spf>
236 <domain>xxxx.com</domain>
237 <result>pass</result>
238 </spf>
239 </auth_results>
240 </record>
241 <record>
242 <row>
243 <source_ip>193.100.126.23</source_ip>
244 <count>6</count>
245 <policy_evaluated>
246 <disposition>none</disposition>
247 <dkim>fail</dkim>
248 <spf>fail</spf>
249 </policy_evaluated>
250 </row>
251 <identifiers>
252 <header_from>xxxxx.mydomain.com</header_from>
253 </identifiers>
254 <auth_results>
255 <spf>
256 <domain>xxxxxxxxxx.xxxxx.mydomain.com</domain>
257 <result>none</result>
258 </spf>
259 </auth_results>
260 </record>
261 <record>
262 <row>
263 <source_ip>xx.xx.xx.108</source_ip>
264 <count>2</count>
265 <policy_evaluated>
266 <disposition>none</disposition>
267 <dkim>fail</dkim>
268 <spf>fail</spf>
269 </policy_evaluated>
270 </row>
271 <identifiers>
272 <header_from>mydomain.com</header_from>
273 </identifiers>
274 <auth_results>
275 <spf>
276 <domain>xxxxxxxxxx.com</domain>
277 <result>softfail</result>
278 </spf>
279 </auth_results>
280 </record>
281 <record>
282 <row>
283 <source_ip>193.100.124.1</source_ip>
284 <count>24</count>
285 <policy_evaluated>
286 <disposition>none</disposition>
287 <dkim>fail</dkim>
288 <spf>fail</spf>
289 </policy_evaluated>
290 </row>
291 <identifiers>
292 <header_from>mydomain.com</header_from>
293 </identifiers>
294 <auth_results>
295 <spf>
296 <domain>xxxxxxxxxx.com</domain>
297 <result>softfail</result>
298 </spf>
299 </auth_results>
300 </record>
301 <record>
302 <row>
303 <source_ip>193.100.126.107</source_ip>
304 <count>3</count>
305 <policy_evaluated>
306 <disposition>none</disposition>
307 <dkim>fail</dkim>
308 <spf>fail</spf>
309 </policy_evaluated>
310 </row>
311 <identifiers>
312 <header_from>mydomain.com</header_from>
313 </identifiers>
314 <auth_results>
315 <spf>
316 <domain>mydomain.com</domain>
317 <result>permerror</result>
318 </spf>
319 </auth_results>
320 </record>
321 </feedback>
- Poiché DMARC passa quando SPF o / e dkim passano. Posso presumere che quando ho almeno un passaggio in auth_results, vuol dire che in prod (dmarc quarantine o reject), questo messaggio sarebbe passato? se no, come posso vedere da questo rapporto che sarebbe passato?
- perché sto ancora fallendo (esempio linea 282, 290) su spf anche quando 193.100.124.1 è nella mia politica dmarc
-
Qual è il significato del dominio all'interno del risultato SPF o dkim (esempio: riga 36)?
-
Perché alcuni
auth_results
contengono SPF e dkim e altri solo SPF? -
Perché alcuni SPF hanno due risultati nell'array?
puoi aiutarmi a capire meglio