SPF 记录为何失败?

SPF 记录为何失败?

好吧,我浏览了各种不同的网站、资源和主题,试图找出我的 SPF 记录出了什么问题,但无论我做什么,它们似乎都没有通过。以下是我所得到的

"v=spf1 +a +mx +ip4:217.78.0.92 +ip4:217.78.0.95 -all"

我尝试了多种不同的工具来检查我的 spf 记录,有些工具可以让我通过,有些则不行。但我无法向某些 Google 应用帐户发送邮件,它们总是被退回,这很烦人。

有人有什么想法吗?

我注意到源 IP 地址不是我定义的 IPV4 地址,但 Cpanel 不允许我将该地址添加到其中。

以下是我从 port25.com 获得的测试结果。顺便说一下,我正在运行 WHM,并且启用了 spf 和 dkim。

Summary of Results
==========================================================
SPF check:          fail
DomainKeys check:   neutral
DKIM check:         pass
Sender-ID check:    fail
SpamAssassin check: ham
==========================================================
Details:
==========================================================
HELO hostname:  server1.viralbamboo.com
Source IP:      2a01:258:f000:6:216:3eff:fe87:9379
mail-from:      ###@viralbamboo.com
----------------------------------------------------------
SPF check details:
----------------------------------------------------------
Result:         fail (not permitted)
ID(s) verified: smtp.mailfrom=###@viralbamboo.com
DNS record(s):
    viralbamboo.com. SPF (no records)
    viralbamboo.com. 13180 IN TXT "v=spf1 +a +mx +ip4:217.78.0.92 +ip4:217.78.0.95 -all"
    viralbamboo.com. AAAA (no records)
    viralbamboo.com. 13180 IN MX 0 viralbamboo.com.
    viralbamboo.com. AAAA (no records)
----------------------------------------------------------
DomainKeys check details:
----------------------------------------------------------
Result:         neutral (message not signed)
ID(s) verified: header.From=###@viralbamboo.com
DNS record(s):
----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result:         pass (matches From: ###@viralbamboo.com).
ID(s) verified: header.d=viralbamboo.com
Canonicalized Headers:
    content-type:multipart/alternative;'20'boundary="_4783D1BE-5685-41CF-B91B-1F15E91DD1E3_"'0D''0A'
    date:Mon,'20'1'20'Jul'20'2013'20'21:30:47'20'+0000'0D''0A'
    subject:=?utf-8?Q?test?='0D''0A'
    to:"[email protected]?="'20'<[email protected]>'0D''0A'
    from:=?utf-8?Q?Rob_Boland_-_Viralbamboo?='20'<###@viralbamboo.com>'0D''0A'
    mime-version:1.0'0D''0A'
    dkim-signature:v=1;'20'a=rsa-sha256;'20'q=dns/txt;'20'c=relaxed/relaxed;'20'd=viralbamboo.com;'20's=default;'20'h=Content-Type:Date:Subject:To:From:MIME-Version;'20'bh=CJMO7HYeyNVGvxttf/JspIMoLUiWNE6nlQUg5WjTGZQ=;'20'b=;

以下是退回邮件的一些更新后的标题信息

 Return-path: <> Envelope-to: ###@viralbamboo.com Delivery-date: Tue,
02 Jul 2013 10:43:56 +0000 Received: from mailnull by
server1.viralbamboo.com with local (Exim 4.80.1)    id 1Uty3w-00066P-N8
    for ###@viralbamboo.com; Tue, 02 Jul 2013 10:43:56 +0000
 X-Failed-Recipients: ###@dovetail-consultancy.com Auto-Submitted:
 auto-replied From: Mail Delivery System
 <[email protected]> To: ###@viralbamboo.com
 Subject: Mail delivery failed: returning message to sender Message-Id:
 <[email protected]> Date: Tue, 02 Jul 2013
 10:43:56 +0000

 This message was created automatically by mail delivery software.

 A message that you sent could not be delivered to one or more of its
 recipients. This is a permanent error. The following address(es)
 failed:

   ###@dovetail-consultancy.com
     No Such User Here


 ------ This is a copy of the message, including all the headers. ------
 Return-path: <###@viralbamboo.com>
 Received: from [95.83.252.138] (port=42365 helo=[10.53.48.3])
  by server1.viralbamboo.com with esmtpsa (TLSv1:RC4-MD5:128)
  (Exim 4.80.1)
  (envelope-from <###@viralbamboo.com>)
  id 1UtwFB-0006in-Pr
  for [email protected]; Tue, 02 Jul 2013 08:47:26 +0000
 To: "=?utf-8?B?ZGlsbG9uQGRvdmV0YWlsLWNvbnN1bHRhbmN5LmNvbQ==?=" <###@dovetail-consultancy.com>
 From: "=?utf-8?B?Um9iIEJvbGFuZA==?=" <###@viralbamboo.com>
 Subject: =?utf-8?B?VGVzdGluZw==?=
 Date:  Tue, 02 Jul 2013 09:47:23 +0100
 MIME-Version: 1.0
 Content-Type: multipart/alternative;
  boundary="----=_Part_0_1372754843827"
 ------=_Part_0_1372754843827
 Content-Type: text/plain;
  charset=utf-8
 Content-Transfer-Encoding: base64
 Content-Disposition: inline
 VGhpcyBpcyBhIHRlc3QgbWFpbAoK

 ------=_Part_0_1372754843827
 Content-Type: text/html;
  charset=utf-8
 Content-Transfer-Encoding: base64
 Content-Disposition: inline
 PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQuMDEvL0VOIiAiaHR0cDov
 L3d3dy53My5vcmcvVFIvaHRtbDQvc3RyaWN0LmR0ZCI+CjxodG1sPjxoZWFkPjwvaGVhZD48Ym9k
 eT48ZGl2IHN0eWxlPSJmb250LXNpemU6IDEycHQ7IGZvbnQtZmFtaWx5OiBDYWxpYnJpLHNhbnMt
 c2VyaWY7Ij5UaGlzIGlzIGEgdGVzdCBtYWlsJm5ic3A7PC9kaXY+PC9ib2R5PjwvaHRtbD48YnI+

 ------=_Part_0_1372754843827--

更新 2 以下是来自 openspf.net 的一些更新结果。HELO Result = 'None' 不是表示 'Pass' 吗?

[email protected]
    SMTP error from remote mail server after RCPT TO:<[email protected]>:
    host mailout02.controlledmail.com [72.81.252.18]:
    550 5.7.1 <[email protected]>: Recipient address rejected:
    SPF Tests: Mail-From Result="pass": Mail From="[email protected]" HELO name="server1.viralbamboo.com" HELO Result="none" Remote IP="217.78.0.92"

答案1

根据您上面发布的 port25.com 测试结果,您是从 ipv6 地址发送的,但您的 SPF 记录中没有 v6 地址。尝试添加+ip6:2a01:258:f000:6:216:3eff:fe87:9379

或者,假设您拥有整个发送方子网,尝试添加+ip6:2a01:258:f000:6::/64(或任何适合您控制的网络的内容)。

编辑

我不确定 port25.com 在抱怨什么。我刚刚尝试了viralbamboo.comSPF 有效性检查器http://www.kitterman.com/spf/validate.html,直接链接自http://www.openspf.org/Tools,并表示它是有效的,包括新的+ip6:记录元素。我只能假设 port25.com 尚未适应 ipv6;他们绝不是第一批没有完全测试其 v6 代码的人。

至于openspf.net电子邮件测试,这是正确的。您的发件人地址通过了,因为您遵守了您自己的 SPF 政策viralbamboo.com;但是您的 中没有公布的主机名的 SPF 记录HELOserver1.viralbamboo.com因此无法公布该记录的正确性结果。

编辑2:您已经明确表示您知道您发送邮件的地址确实存在,因此这是一个非常令人讨厌的邮件服务器,无论出于什么原因,它都认为您发送的是垃圾邮件,并通过否认远程用户的存在来做出回应。我不知道为什么谷歌会认为这封邮件是垃圾邮件,但我认为我们已经确定这与您的 SPF 设置无关。

祝 dovetail-consultancy.com 好运,让谷歌告诉他们拒绝这些邮件的原因。我认为他们即将发现将商务电子邮件外包给免费提供商,或者实际上根本不外包,不是一个好主意。

答案2

我遇到了同样的问题,但禁用了 ipv6 地址。现在 SPF 记录在 verifier.port25.com 服务器上通过 check-auth 检查无误。

相关内容