我收到了一封来自[电子邮件保护]声称我已经获得了助理经理的面试机会(确切的说法是 -您申请助理经理职位的结果已公布。我想邀请您参加面试。)并附带一份 PDF 文件。
我知道这是假的,因为它要求我在面试前交钱。
邮件标题如下。如何从标题中判断邮件的真正来源以及是否是垃圾邮件?
Delivered-To: [email protected]
Received: by 10.107.155.193 with SMTP id d184csp3229700ioe;
Wed, 24 Jun 2015 05:55:56 -0700 (PDT)
X-Received: by 10.70.90.133 with SMTP id bw5mr80267365pdb.85.1435150556549;
Wed, 24 Jun 2015 05:55:56 -0700 (PDT)
Return-Path: <[email protected]>
Received: from sg2plwbeout19-1.prod.sin2.secureserver.net (sg2plwbeout19-1.prod.sin2.secureserver.net. [182.50.144.34])
by mx.google.com with ESMTPS id da5si39769286pbc.20.2015.06.24.05.55.55
for <[email protected]>
(version=TLSv1.2 cipher=RC4-SHA bits=128/128);
Wed, 24 Jun 2015 05:55:56 -0700 (PDT)
Received-SPF: neutral (google.com: 182.50.144.34 is neither permitted nor denied by best guess record for domain of [email protected]) client-ip=182.50.144.34;
Authentication-Results: mx.google.com;
spf=neutral (google.com: 182.50.144.34 is neither permitted nor denied by best guess record for domain of [email protected]) [email protected]
Received: from localhost ([182.50.144.112])
by sg2plwbeout19-1.prod.sin2.secureserver.net with bizsmtp
id kCvv1q0092Rj2se01Cvv9l; Wed, 24 Jun 2015 05:55:55 -0700
X-SID: kCvv1q0092Rj2se01
Received: (qmail 41764 invoked by uid 99); 24 Jun 2015 12:55:55 -0000
Content-Type: multipart/mixed;
boundary="=_b169b0435b8622296c62a715d3e6f635"
X-Originating-IP: 106.219.63.197
User-Agent: Workspace Webmail 5.14.3
Message-Id: <20150624055553.5ceda2619095e240c253dad68c059c9c.541a6e07e4.wbe@email19.asia.secureserver.net>
From: "Larsen & Toubro Ltd \(India\)" <[email protected]>
X-Sender: [email protected]
Reply-To: "Larsen & Toubro Ltd \(India\)" <[email protected]>
To:
Subject: Result
Date: Wed, 24 Jun 2015 05:55:53 -0700
Mime-Version: 1.0
--=_b169b0435b8622296c62a715d3e6f635
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset="utf-8"
我知道这是垃圾邮件,但我想了解邮件头的哪一部分表示这是垃圾邮件。
答案1
如何从电子邮件的标题判断发件人地址是否合法?
许多此类电子邮件标头都可以(并且通常会)被垃圾邮件发送者在发送垃圾邮件时伪造。
- “发件人:”地址
- 一些“已收到:”标头也可以伪造。
SMTP 邮件欺骗显示了使用开放(不安全)中继邮件服务器可以多么轻松地完成此操作。
我如何分析电子邮件标题?
有许多工具可以分析电子邮件头,其中一些可以显示链中的任何 IP 地址是否在垃圾邮件黑名单上。
这些工具还可以判断链中的任何“已接收:”标头是否是伪造的。
MxToolbox 电子邮件标头分析器
其中一个工具是MxToolbox 电子邮件标头分析器
将您的电子邮件标题输入此工具将产生以下输出:
单击黑名单按钮会显示 IP 地址 182.50.144.34(谷歌从该地址收到电子邮件,并且该地址在 3 个电子邮件黑名单中)。
