邮件服务器-邮件系统-邮件技术论坛(BBS)
标题:
MDaemon-20070824-SPF--发件人-ID
[打印本页]
作者:
suning.wang
时间:
2007-8-26 14:37
标题:
MDaemon-20070824-SPF--发件人-ID
关于MDaemon-20070824-SPF--发件人-ID的日志分析。我有些不理解。
例如 :
Fri 2007-08-24 00:12:27: Performing SPF lookup (sohu.com / 219.236.3.221)
Fri 2007-08-24 00:12:27: * Policy: v=spf1 ip4:61.135.130.0/23 ip4:61.135.132.0/23 ip4:61.135.134.0/23 ip4:61.135.145.0/23 ip4:61.135.150.0/23 ip4:220.181.26.0/24 ip4:222.28.152.128/25 ip4:218.206.87.0/25 ip4:221.236.12.128 ip4:203.184.141.0/24 ip4:61.152.234.0/24 ~all
Fri 2007-08-24 00:12:27: * Evaluating ip4:61.135.130.0/23: no match
Fri 2007-08-24 00:12:27: * Evaluating ip4:61.135.132.0/23: no match
Fri 2007-08-24 00:12:27: * Evaluating ip4:61.135.134.0/23: no match
Fri 2007-08-24 00:12:27: * Evaluating ip4:61.135.145.0/23: no match
Fri 2007-08-24 00:12:27: * Evaluating ip4:61.135.150.0/23: no match
Fri 2007-08-24 00:12:27: * Evaluating ip4:220.181.26.0/24: no match
Fri 2007-08-24 00:12:27: * Evaluating ip4:222.28.152.128/25: no match
Fri 2007-08-24 00:12:27: * Evaluating ip4:218.206.87.0/25: no match
Fri 2007-08-24 00:12:27: * Evaluating ip4:221.236.12.128: no match
Fri 2007-08-24 00:12:27: * Evaluating ip4:203.184.141.0/24: no match
Fri 2007-08-24 00:12:27: * Evaluating ip4:61.152.234.0/24: no match
Fri 2007-08-24 00:12:27: * Evaluating ~all: match
Fri 2007-08-24 00:12:27: * Result: softfail
Fri 2007-08-24 00:12:27: ----------
Fri 2007-08-24 00:38:02: Performing SPF lookup (163.com / 123.115.12.29)
Fri 2007-08-24 00:38:02: * Policy: v=spf1 ip4:220.181.12.0/22 ip4:202.108.5.0/24 -all
Fri 2007-08-24 00:38:02: * Evaluating ip4:220.181.12.0/22: no match
Fri 2007-08-24 00:38:02: * Evaluating ip4:202.108.5.0/24: no match
Fri 2007-08-24 00:38:02: * Evaluating -all: match
Fri 2007-08-24 00:38:02: * Result: fail
这两条记录。那位高手能随意给分析一下。我只是想理解每条到底在说明什么问题
作者:
dennishan
时间:
2007-8-26 20:42
Fri 2007-08-24 00:12:27: Performing SPF lookup (sohu.com / 219.236.3.221)-查找sohu的SPF记录
Fri 2007-08-24 00:12:27: * Policy: v=spf1 ip4:61.135.130.0/23 ip4:61.135.132.0/23 ip4:61.135.134.0/23 ip4:61.135.145.0/23 ip4:61.135.150.0/23 ip4:220.181.26.0/24 ip4:222.28.152.128/25 ip4:218.206.87.0/25 ip4:221.236.12.128 ip4:203.184.141.0/24 ip4:61.152.234.0/24 ~all-在搜狐DNS中找到相关SPF记录(就是SOHU设置的外发服务器列表)
Fri 2007-08-24 00:12:27: * Result: softfail-判断对方是冒名的SOHU,不在SPF中的IP.
注意~all和-all的不同,一个返回softfail,一个返回fail.
作者:
dennishan
时间:
2007-8-26 20:43
SPF作用:如果对方域名设置了SPF记录(Txt),则可判别来自对方域名的邮件是否被假冒。
一般sohu/126/163都设置了spf.
欢迎光临 邮件服务器-邮件系统-邮件技术论坛(BBS) (http://5dmail.net/bbs/)
Powered by Discuz! X3.2