Pehea e hōʻoia ai i kāu leka uila i hoʻonohonoho pono ʻia (DKIM, DMARC, SPF)

DKIM Validator DMARC SPF

Inā ʻoe e hoʻouna ana i ka leka uila ma kēlā me kēia ʻano o ka leo, he ʻoihana ia e manaʻo ʻia ai ʻoe i hewa a pono e hōʻoia i kou hala ʻole. Hana mākou me nā hui he nui e kōkua ana iā lākou me kā lākou leka uila, hoʻomehana IP, a me nā pilikia hoʻopakele. ʻAʻole ʻike ka hapa nui o nā ʻoihana he pilikia ko lākou.

Nā pilikia i ʻike ʻole ʻia o ka hoʻouna ʻana

ʻEkolu pilikia i ʻike ʻole ʻia me ka hoʻopuka leka uila i ʻike ʻole ʻia e nā ʻoihana:

  1. ae - Nā mea lawelawe leka uila (ESP) hoʻokele i nā ʻae komo… akā ʻo ka mea lawelawe pūnaewele (ISP) mālama i ka ʻīpuka no ka helu leka uila e hele ai. He ʻōnaehana weliweli maoli nō. Hiki iā ʻoe ke hana i nā mea āpau ma ke ʻano he ʻoihana no ka loaʻa ʻana o ka ʻae a me nā leka uila, a ʻaʻohe manaʻo o ka ISP a hiki ke ālai iā ʻoe.
  2. Pahu Inbox – Hoʻolaha nā ESP i ka kiʻekiʻe hoʻopakele nā kumukūʻai he mea lapuwale. ʻO kahi leka uila i hoʻouna pololei ʻia i ka waihona ʻōpala a ʻike ʻole ʻia e kāu mea kūʻai leka uila e hāʻawi ʻia. I mea e nānā pono ai i kāu hoʻokomo pahu komo, pono ʻoe e hoʻohana i kahi papa inoa hua a hele e nānā i kēlā me kēia ISP. Aia nā lawelawe e hana i kēia.
  3. Hōʻike - Mālama pū nā ISP a me nā lawelawe ʻaoʻao ʻekolu i nā helu inoa no ka hoʻouna ʻana i ka leka uila IP no kāu leka uila. Aia nā papa inoa ʻeleʻele e hiki ai i nā ISP ke hoʻohana no ka pale ʻana i kāu leka uila āpau, a i ʻole he inoa maikaʻi ʻole ʻoe e hoʻohuli iā ʻoe i ka waihona junk. Nui nā lawelawe hiki iā ʻoe ke hoʻohana no ka nānā ʻana i kou inoa IP… akā, manaʻo paha wau no ka mea ʻaʻole ʻike maoli ka poʻe he nui i kēlā me kēia ISP algorithms.

E leka uila hōʻoia

ʻO nā hana maikaʻi loa no ka hoʻohaʻahaʻa ʻana i nā pilikia hoʻokomo pahu pahu e hōʻoia ʻoe ua hoʻonohonoho ʻoe i kekahi mau moʻolelo DNS i hiki i nā ISP ke hoʻohana e nānā a hōʻoia i nā leka uila āu e hoʻouna nei i hoʻouna ʻia mai e ʻoe a ʻaʻole e ka mea hoʻohālike ʻo kāu hui. . Hana ʻia kēia ma o kekahi mau maʻamau:

  • Kālā Polokalamu Hoʻouna (SPF) – ka maʻamau kahiko loa a puni, eia kahi āu e hoʻopaʻa inoa ai i kahi moʻolelo TXT ma kāu kau inoa domain (pākuʻina kau) e hōʻike ana i nā kikowaena a i ʻole nā ​​helu IP āu e hoʻouna ai i ka leka uila no kāu hui. No ka laʻana, hoʻouna au i leka uila no Martech Zone mai ʻO Google Workspace a mai CircuPress (ʻo kaʻu ESP ponoʻī i kēia manawa i ka beta). Loaʻa iaʻu kahi plugin SMTP ma kaʻu pūnaewele e hoʻouna pū ma Google, inā ʻaʻole e loaʻa iaʻu kahi leka uila IP ma kēia pū kekahi.

v=spf1 include:circupressmail.com include:_spf.google.com ~all

  • Domain-e pili ana i ka hōʻoia ʻana o ka memo, ka hōʻike a me ka hoʻokō (DMARC) - he kī hoʻopunipuni kēia maʻamau hou i hiki ke hōʻoia i kaʻu kikowaena a me ka mea hoʻouna. Hana ʻia kēlā me kēia kī e kaʻu mea hoʻouna, e hōʻoia ana ʻaʻole hiki ke hoʻopunipuni ʻia nā leka uila i hoʻouna ʻia e ka spammer. Inā ʻoe e hoʻohana nei iā Google Workspace, eia pehea e hoʻonohonoho ai i ka DMARC.
  • DomainKeys Identified Mail (DKIM) - Ke hana pū nei me ka DMARC record, hōʻike kēia moʻolelo i nā ISP pehea e mālama ai i kaʻu mau lula DMARC a me SPF a me kahi e hoʻouna ai i nā hōʻike hoʻopakele. Makemake au i nā ISP e hōʻole i nā memo i hala ʻole i ka DKIM a i ʻole SPF, a makemake au iā lākou e hoʻouna i nā hōʻike i kēlā leka uila.

v=DMARC1; p=reject; rua=mailto:dmarc@martech.zone; adkim=r; aspf=s;

  • Nā hōʻailona hōʻailona no ka ʻike leka (BIMI) - ka mea hou loa, hāʻawi ʻo BIMI i kahi ala no nā ISP a me kā lākou mau leka uila e hōʻike i ka logo o ka brand i loko o ka mea kūʻai leka uila. Aia kekahi maʻamau ākea a me kahi maʻamau i hoʻopili ʻia no Gmail kahi āu e pono ai i kahi palapala hoʻopunipuni. Piʻi nui nā palapala hōʻoia no laila ʻaʻole wau e hana i kēlā i kēia manawa.

v=BIMI1; l=https://martech.zone/logo.svg;a=self;

MANAʻO: Inā makemake ʻoe i ke kōkua ma ka hoʻonohonoho ʻana i kāu hōʻoia leka uila, mai hoʻokaʻulua e kelepona i kaʻu ʻoihana. Highbridge. He hui kā mākou ka leka uila a me nā loea hoʻopakele hiki ke kōkua.

Pehea e hōʻoia ai i kāu hōʻoia leka uila

Loaʻa nā ʻike kumu āpau, ka ʻike relay, a me ka ʻike hōʻoia e pili ana i kēlā me kēia leka uila i loko o nā poʻomanaʻo memo. Inā he loea hoʻopakele ʻoe, maʻalahi ka unuhi ʻana i kēia… akā inā he mea hou ʻoe, paʻakikī loa lākou. Eia ke ʻano o ke poʻomanaʻo memo no kā mākou leka hoʻomaopopo, ua ʻeleʻele au i kekahi o nā leka uila pane auto a me ka ʻike hoʻolaha:

Poʻomanaʻo memo - DKIM a me SPF

Inā heluhelu ʻoe, hiki iā ʻoe ke ʻike i ke ʻano o kaʻu mau lula DKIM, inā ua hala ʻo DMARC (ʻaʻole ia) a ua hala ka SPF… akā nui ka hana. Aia kekahi hana ʻoi aku ka maikaʻi, akā, ʻo ia ka hoʻohana DKIMValidator. Hāʻawi ʻo DKIMValidator iā ʻoe i kahi leka uila e hiki ai iā ʻoe ke hoʻohui i kāu papa inoa nūhou a i ʻole e hoʻouna ma o kāu leka uila keʻena… a unuhi lākou i ka ʻike poʻo i kahi hōʻike maikaʻi:

ʻO ka mea mua, hōʻoia ia i kaʻu DMARC encryption a me DKIM pūlima e ʻike inā ua hala a ʻaʻole paha (ʻaʻole).

DKIM Information:
DKIM Signature

Message contains this DKIM Signature:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=circupressmail.com;
	s=cpmail; t=1643110423;
	bh=PTOH6xOB3+wFZnnY1pLaJgtpK9n/IkEAtaO/Xc4ruZs=;
	h=Date:To:From:Reply-to:Subject:List-Unsubscribe;
	b=HKytLVgsIfXxSHVIVurLQ9taKgs6hAf/s4+H3AjqE/SJpo+tamzS9AQVv3YOq1Nt/
	 o1mMOkAJN4HTt8JXDxobe6rJCia9bU1o7ygGEBY+dIIzAyURLBLo5RzyM+hI/X1BGc
	 jeA93dVXA+clBjIuHAM9t9LGxSri7B5ka/vNG3n8=


Signature Information:
v= Version:         1
a= Algorithm:       rsa-sha256
c= Method:          relaxed/relaxed
d= Domain:          circupressmail.com
s= Selector:        cpmail
q= Protocol:        
bh=                 PTOH6xOB3+wFZnnY1pLaJgtpK9n/IkEAtaO/Xc4ruZs=
h= Signed Headers:  Date:To:From:Reply-to:Subject:List-Unsubscribe
b= Data:            HKytLVgsIfXxSHVIVurLQ9taKgs6hAf/s4+H3AjqE/SJpo+tamzS9AQVv3YOq1Nt/
	 o1mMOkAJN4HTt8JXDxobe6rJCia9bU1o7ygGEBY+dIIzAyURLBLo5RzyM+hI/X1BGc
	 jeA93dVXA+clBjIuHAM9t9LGxSri7B5ka/vNG3n8=
Public Key DNS Lookup

Building DNS Query for cpmail._domainkey.circupressmail.com
Retrieved this publickey from DNS: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+D53OskK3EM/9R9TrX0l67Us4wBiErHungTAEu7DEQCz7YlWSDA+zrMGumErsBac70ObfdsCaMspmSco82MZmoXEf9kPmlNiqw99Q6tknblJnY3mpUBxFkEX6l0O8/+1qZSM2d/VJ8nQvCDUNEs/hJEGyta/ps5655ElohkbiawIDAQAB
Validating Signature

result = fail
Details: body has been altered

A laila, nānā ʻo ia i kaʻu moʻolelo SPF e ʻike inā ua hala (ʻo ia):

SPF Information:
Using this information that I obtained from the headers

Helo Address = us1.circupressmail.com
From Address = info@martech.zone
From IP      = 74.207.235.122
SPF Record Lookup

Looking up TXT SPF record for martech.zone
Found the following namesevers for martech.zone: ns57.domaincontrol.com ns58.domaincontrol.com
Retrieved this SPF Record: zone updated 20210630 (TTL = 600)
using authoritative server (ns57.domaincontrol.com) directly for SPF Check
Result: pass (Mechanism 'include:circupressmail.com' matched)

Result code: pass
Local Explanation: martech.zone: Sender is authorized to use 'info@martech.zone' in 'mfrom' identity (mechanism 'include:circupressmail.com' matched)
spf_header = Received-SPF: pass (martech.zone: Sender is authorized to use 'info@martech.zone' in 'mfrom' identity (mechanism 'include:circupressmail.com' matched)) receiver=ip-172-31-60-105.ec2.internal; identity=mailfrom; envelope-from="info@martech.zone"; helo=us1.circupressmail.com; client-ip=74.207.235.122

A ʻo ka mea hope loa, hāʻawi ia iaʻu i ka ʻike i ka memo ponoʻī a inā paha e hōʻailona paha ka ʻike i kekahi mau mea ʻike SPAM, nānā e ʻike inā aia wau ma ka papa inoa ʻeleʻele, a haʻi mai iaʻu inā makemake ʻia e hoʻouna ʻia i ka waihona junk:

SpamAssassin Score: -4.787
Message is NOT marked as spam
Points breakdown: 
-5.0 RCVD_IN_DNSWL_HI       RBL: Sender listed at https://www.dnswl.org/,
                            high trust
                            [74.207.235.122 listed in list.dnswl.org]
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or
                            identical to background
 0.0 HTML_MESSAGE           BODY: HTML included in message
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not necessarily
                            valid
 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted
                            Colors in HTML
 0.1 DKIM_INVALID           DKIM or DK signature exists, but is not valid

E ho'āʻo i kēlā me kēia ESP a i ʻole lawelawe leka uila a kāu hui e hoʻouna ai i ka leka uila e hōʻoia i ka hoʻonohonoho pono ʻana o kāu Email Authentication!

E ho'āʻo i kāu leka uila me DKIM Validator

Hōʻike: Ke hoʻohana nei wau i kaʻu loulou pili ʻO Google Workspace ma kēiaʻatikala.