我认为我发帖到某列表服务器时出现了 DMARC 故障。报告将我的帖子列为“已转发”,但详细信息行大多显示“拒绝”

我认为我发帖到某列表服务器时出现了 DMARC 故障。报告将我的帖子列为“已转发”,但详细信息行大多显示“拒绝”

我最近在我工作的地方实施了 DMARC。

大多数列表服务器都运行良好,要么重写发件人地址,要么不加修改地传递我的帖子,因此它们会传递 DKIM。不过,其中一个似乎有问题。

当我查看 DMARC 报告时,在发布到该列表的第二天早上,流量显示为“转发”,而不是“合规”、“不合规”或“威胁/未知”,当我查看详细信息时,我得到了以下信息:DMARC 报告屏幕截图

我不知道我的流量是否进入了列表(尽管我强烈怀疑后者)。

在第一次测试失败后,在列表所有者忽略了我寻求帮助的电子邮件后,我尝试在我们的 SPF TXT 记录中添加“a:lists.xxxxxxxxxxxx.com”子句;上面的屏幕截图来自我发送的一篇帖子第二天我添加了该条款。

对于下一步该尝试什么,有什么建议吗?

回复“Paul”的评论,关闭强制执行并从我自己的帖子中获取标题可能会有问题,但以下是完整的标题(出于隐私目的进行了编辑),来自别人的最近的帖子,如果这有帮助的话:

Delivered-To: [email protected]
Received: by 2002:a2e:3503:0:0:0:0:0 with SMTP id z3csp1496776ljz;
        Fri, 25 Jun 2021 10:44:13 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJy18k71C++zpNe55rLDEJltbevs69VyzzesCMGd/8tPX/qbI0Lac5wkA5469ycwf0wg5iAc
X-Received: by 2002:a9d:80a:: with SMTP id 10mr8226253oty.192.1624643053207;
        Fri, 25 Jun 2021 10:44:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1624643053; cv=none;
        d=google.com; s=arc-20160816;
        b=uOIgfjalLyaRogOrYH1cvr6kKRXXuTcKTCRtaVZHajEKElKrec+yTJRto4GKcFkfwb
         dcAK2/ySO5Q7jwRUOhl82XUfwRkhDEgIrKGwzeLVOMU9ofPaNF3tQcDsSAtphsAqg00C
         QRhU/d0jmLe8bUzeL5I2tP9T1QD3LOxeFTJsbrOEv8EGVCyMs/D92Fb4JSh86f934F2Y
         3Nw5GU19kNAwAQLS5CZ+fS9PyyQia7Xoh/KH7b6kuSKTKjhSlYzOMbxQd9GUqW92CFdk
         LsQ6MYl3vPNEagtKRGr7mOFxFAoDvvi4+She60YTu6m5QKV0Diy96UR7gigtCC7xNu7u
         kY/g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=sender:errors-to:list-subscribe:list-help:list-post
         :list-unsubscribe:list-id:reply-to:precedence:subject
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:to;
        bh=5+f0Tt+6o1VY9gqg/hi3WOfyNITDoc6GvFVfwLx6Rf4=;
        b=srIV+BeEvZsdZQbD3Qt9+PC5b0mbHO4IE3858BpLyDtZXULtVSt7mg3PXy6pVSQswV
         8TjwWmUbzuXNuK0985BvvPM0k/87iWZ3e+WYcvvieOHol1sXMct3U/nK7wHDgY7kN1X2
         GkP/JXBcYx8oP4YANlq2v20J7fTPdMoS3qUJZXO5eDpn2AhFHEFqoekwSdPmZ+yNru92
         vl3N18ixf1H+3T4UR/DA9x+6ZrfEFenSlcRxoMOH+MahnNuz6XeYJmIxQZg3g4k7Ud3b
         We6EiHf0juIPlmIXVJEOY4uM2LlbbHFkRabpFl6Cg9z8rdzZOT7fP0dP/PuD1K1DvYLX
         lLQA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of [email protected] designates aaa.bbb.ccc.ddd as permitted sender) [email protected]
Return-Path: <[email protected]>
Received: from mail2.xxxxxxxxxxxx.com (mail2.xxxxxxxxxxxx.com. [aaa.bbb.ccc.ddd])
        by mx.google.com with ESMTPS id y13si7142121oih.66.2021.06.25.10.44.12
        for <[email protected]>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 25 Jun 2021 10:44:13 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of [email protected] designates aaa.bbb.ccc.ddd as permitted sender) client-ip=aaa.bbb.ccc.ddd;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of [email protected] designates aaa.bbb.ccc.ddd as permitted sender) [email protected]
Received: from xxxxxxxxxxxx.com (xxxxxxxxxxxx.com [www.xxx.yyy.zzz])
    by mail2.xxxxxxxxxxxx.com (8.15.2/8.15.2) with ESMTP id 15PHaLsP072664;
    Fri, 25 Jun 2021 13:36:22 -0400 (EDT)
    (envelope-from [email protected])
Received: from xxxxxxxxxxxx.com (xxxxxxxxxxxx.com [www.xxx.yyy.zzz])
    by xxxxxxxxxxxx.com (8.14.4/8.14.7) with ESMTP id 15PHbRHQ032311;
    Fri, 25 Jun 2021 12:37:28 -0500 (CDT)
    (envelope-from [email protected])
X-Mailman-Handler: $Id: mm-handler 5100 2002-04-05 19:41:09Z bwarsaw $
Received: from xxxxxxxxxxxx.com (xxxxxxxxxxxx.com [www.xxx.yyy.zzz])
    by xxxxxxxxxxxx.com (8.14.4/8.14.7) with ESMTP id 15PHbPBf032295
    for <[email protected]>;
    Fri, 25 Jun 2021 12:37:25 -0500 (CDT)
    (envelope-from [email protected])
Received: from grungy.xxxxxxxxxxxx.com (grungymail@localhost)
    by xxxxxxxxxxxx.com (8.14.4/8.14.7/Submit) with ESMTP id 15PHbN4m032272
    for <[email protected]>;
    Fri, 25 Jun 2021 12:37:23 -0500 (CDT)
    (envelope-from [email protected])
X-Authentication-Warning: xxxxxxxxxxxx.com: grungymail owned process doing -bs
Received: from [127.0.0.1] (localhost [127.0.0.1])
    by grungy.xxxxxxxxxxxx.com (8.15.2/8.15.2) with ESMTP id 15PHbIUc008701
    for <[email protected]>;
    Fri, 25 Jun 2021 12:37:18 -0500 (CDT)
    (envelope-from [email protected])
To: [email protected]
References: <OF1F227294.95B6DA5A-ONC12586FE.002643EF-C12586FE.00272521@zzzzzzzzzzzzzz.it>
    <[email protected]>
    <OF16B0EB8D.A01226D6-ONC12586FF.0058F2FC-C12586FF.005B0A15@zzzzzzzzzzzzzz.it>
From: Sxxxx Kxxxxxx <[email protected]>
Message-ID: <[email protected]>
Date: Fri, 25 Jun 2021 12:37:19 -0500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
    Thunderbird/78.11.0
MIME-Version: 1.0
In-Reply-To: <OF16B0EB8D.A01226D6-ONC12586FF.0058F2FC-C12586FF.005B0A15@zzzzzzzzzzzzzz.it>
Content-Language: en-US
X-Spam-Status: No, score=-1.0 required=8.0 tests=ALL_TRUSTED,HTML_MESSAGE
    autolearn=unavailable autolearn_force=no version=3.4.1
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
    grungy.xxxxxxxxxxxx.com
Subject: Re: [Ftpapi] Rif: Re: Rif: Re: In: Re: In: HTTPAPI - Example 7 -
 Upload a file from IFS - No file attached!
X-BeenThere: [email protected]
X-Mailman-Version: 2.1.14
Precedence: list
Reply-To: FTPAPI/HTTPAPI mailing list <[email protected]>
List-Id: FTPAPI/HTTPAPI mailing list <ftpapi.lists.xxxxxxxxxxxx.com>
List-Unsubscribe: <http://xxxxxxxxxxxx.com/mailman/options/ftpapi>,
    <mailto:[email protected]?subject=unsubscribe>
List-Post: <mailto:[email protected]>
List-Help: <mailto:[email protected]?subject=help>
List-Subscribe: <http://xxxxxxxxxxxx.com/mailman/listinfo/ftpapi>,
    <mailto:[email protected]?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1888169630713480664=="
Errors-To: [email protected]
Sender: [email protected]

答案1

看起来他们有 Mailman 2.1.14,并且根据Mailman 维基,2.1.16 是第一个支持 DMARC 缓解的版本。

您可以使用p=quarantine,这样至少用户可以从垃圾邮件文件夹中检索或设置本地规则。列表中的每个人都可能已经意识到了这个问题。

如果列表有 SPF 记录,您可以redirect在 SPF 记录中使用修饰符(例如redirect=lists.example.com)。

如果他们没有 SPF 记录,您可以尝试将ip4SPF 记录中的机制(例如ip4:203.0.113.58)与您认为他们使用的 IP 地址一起使用。

请记住,最后两个意味着其他人的服务器可以绕过您的 DMARC 记录保护,而且这些记录毕竟是公开的。

关于 DKIM,我不确定,因为可能存在 DKIM 对齐问题,但您没有包含带有 DKIM 签名的电子邮件,并且域名被混淆了。

相关内容