我今天早上收到了一封钓鱼邮件,似乎来自我的一个地址.
看着标题,我发现了一些有趣的东西.
DomainKey-Status: no signature
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
mydomain.com
X-Spam-Level:
X-Spam-Status: No,score=-1.0 required=5.0 tests=BAYES_00,HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,MISSING_MID,SPF_PASS autolearn=no
version=3.2.5
Received: (qmail 10412 invoked by uid 110); 6 Aug 2012 09:59:17 -0400
Delivered-To: 18-bdstrainers@anotherOfMyDomains.net
DomainKey-Status: no signature
Received: (qmail 10390 invoked by uid 110); 6 Aug 2012 09:59:17 -0400
Delivered-To: 34-info@yetAnotherOfMyDomains.com
DomainKey-Status: no signature
Received: (qmail 10373 invoked from network); 6 Aug 2012 09:59:15 -0400
Received-SPF: pass (mydomain.com: domain of surewest.com designates 212.61.84.249 as permitted sender) client-ip=212.61.84.249; envelope-from=visualsx@surewest.com; helo=d84249.iae.nl;
Received: from d84249.iae.nl (212.61.84.249)
by yetAnotherOfMyDomains.com with SMTP; 6 Aug 2012 09:59:14 -0400
Date: Mon,6 Aug 2012 14:27:38 +0100
From: <info@yetAnotherOfMyDomains.com>
To: <info@yetAnotherOfMyDomains.com>
Subject: Your Federal Tax Payment ID: 8716780 is failed
X-Mailer: foljo
MIME-Version: 1.0
Content-Type: text/html;
charset=Windows-1252
Content-Transfer-Encoding: 7bit
好的,首先,212.61.84.249是Nederlands的IP,如果您是visit the IP,则会获得LaCie登录页面.
域名surewest.com是美国中部的数字电视/互联网服务提供商.
但是我得到的是这条线:
Received-SPF: pass (mydomain.com: domain of surewest.com designates 212.61.84.249 as permitted sender) client-ip=212.61.84.249; envelope-from=visualsx@surewest.com; helo=d84249.iae.nl
我的SPF记录在我的服务器上正确设置,所以;
他们在世界上如何在surewest.com上为我的域名欺骗有效的SPF,这不是肯定的?
我该怎么做才能防止这种情况再次发生?
解决方法
您的SPF记录将世界上的每个人指定为允许的发件人:
"v=spf1 mx:... +all"
一切都是重要的部分,意味着“允许”,所有这些都意味着“整个互联网”.他们不需要欺骗任何东西,他们的邮件根据您的SPF记录有效.试试-all而不是.
