1. 首頁
  2. 問答
  3. Plesk中的郵件配置 - DKIM,DMARC,SPF,DNS記錄

Plesk中的郵件配置 - DKIM,DMARC,SPF,DNS記錄

2017-10-06 147 views
0

我正在使用Plesk(Onyx)與外部DNS組合。 我配置了郵件,一切似乎都沒問題,但我不確定郵件配置是否正確,因爲有時DMARC報告指出,SPF/DKIM驗證未通過。Plesk中的郵件配置 - DKIM,DMARC,SPF,DNS記錄

我CONFIGS:

DNS-記錄域 - mydomain.com和mail.mydomain.com(創建相同的DNS條目兩次,mydomain.com和子域mail.mydomain.com,除了MX-進入,其被配置爲僅用於mydomain.com):

  • 反向DNS:123.456.1.1 -> mail.mydomain.com

  • MX:mail.mydomain.com

  • SPF:v=spf1 +a +mx -all

  • _dmarc:v=DMARC1; p=none; pct=100; rua=mailto:[email protected]; ruf=mailto:[email protected]; fo=1; adkim=s; aspf=r

  • 域關鍵字:o=-

  • default._domainkey:v=DKIM1; p=SIGNATUREHERE;

PLESK /服務器相關:

  • 主機名:zeus.mydomain.com
  • 郵件名:測試郵件mail.mydomain.com

郵件信頭:

Delivered-To: [email protected] 
Received: by 10.31.48.86 with SMTP id w83csp1454833vkw; 
     Fri, 6 Oct 2017 01:39:44 -0700 (PDT) 
X-Google-Smtp-Source: AOwi7QAKFeawe3fGhxawUkAdVvaqjrBGMTZvJ466CoQNxwFGRk6xInOapHBRt14rI+zpCQmcl4z4 
X-Received: by 10.223.184.246 with SMTP id c51mr1352887wrg.250.1507279184077; 
     Fri, 06 Oct 2017 01:39:44 -0700 (PDT) 
ARC-Seal: i=1; a=rsa-sha256; t=1507279184; cv=none; 
     d=google.com; s=arc-20160816; 
     b=SignatureHERE 
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; 
     h=content-transfer-encoding:mime-version:subject:to:from:date 
     :dkim-signature:message-id:arc-authentication-results; 
     bh=4lLj3bndoJBX1fsz99dGcUZLZyWwVlQLXwB3uGl3sKs=; 
     b=SignatureHERE 
ARC-Authentication-Results: i=1; mx.google.com; 
     dkim=pass [email protected] header.s=default header.b=RUVEDlBN; 
     spf=pass (google.com: domain of [email protected] designates 123.456.1.1 as permitted sender) [email protected]; 
     dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=mydomain.com 
Return-Path: <[email protected]> 
Received: from mail.mydomain.com (mail.mydomain.com. [123.456.1.1]) 
     by mx.google.com with ESMTPS id k10si874730wrg.550.2017.10.06.01.39.43 
     for <[email protected]> 
     (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); 
     Fri, 06 Oct 2017 01:39:44 -0700 (PDT) 
Received-SPF: pass (google.com: domain of [email protected] designates 123.456.1.1 as permitted sender) client-ip=123.456.1.1; 
Authentication-Results: mx.google.com; 
     dkim=pass [email protected] header.s=default header.b=RUVEDlBN; 
     spf=pass (google.com: domain of [email protected] designates 123.456.1.1 as permitted sender) [email protected]; 
     dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=mydomain.com 
Message-Id: <[email protected]> 
Received: from mydomain.com (unknown [188.93.221.133]) by mail.mydomain.com (Postfix) with ESMTPSA id 6821B3C00CF for <[email protected]>; Fri, 
    6 Oct 2017 10:39:43 +0200 (CEST) 
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mydomain.com; s=default; t=1507279183; bh=4lLj3bndoJBX1fsz99dGcUZLZyWwVlQLXwB3uGl3sKs=; l=26539; h=From:To:Subject; b=RUVEDlBNkO7PgHEEmuAlCSgG+batl5Ple/8O94GKLu7StZJLLa01k4rbjlnKX+3R9 
    mWt8+kOAPthM6lro4Z23B7LMk2ueWDpkFJZX3zRnOUC9E7LiIIQXNz83s8N640T6e7 
    7a4nFVAWgS9bIu/+TyyInPHOsnbe0/IKZKAyJw9k= 
Authentication-Results: zeus.mydomain.com; 
     spf=pass (sender IP is 188.93.221.133) [email protected] smtp.helo=mydomain.com 
Received-SPF: pass (zeus.mydomain.com: connection is authenticated) 
Date: Fri, 06 Oct 2017 10:39:43 +0200 
From: MyDomain <[email protected]> 
To: [email protected] 
Subject: mydomain.com: Test Subject 
MIME-Version: 1.0 
Content-Type: text/html; charset="utf-8" 
Content-Transfer-Encoding: quoted-printable

我有什麼改變,如果我想使用f。即「[email protected]」作爲發件人地址/發件人地址?我是否需要將郵件名更改爲「mydomain.com」?如果我將郵件名更改爲「mydomain.com」,我可以安全刪除mail.mydomain.com的DNS條目嗎?有沒有辦法在PLESK中配置郵件名/確保PLESK不覆蓋它,如果進行了新的更新/升級?

編輯:unlocktheinbox的測試:https://www.unlocktheinbox.com/mail-tester/9YBYhi8wpqo=/

來源

2017-10-06 mfuesslin

回答

1

@mfuesslin,

你應該通過這個email tester運行您的電子郵件,它是公認的#1電子郵件身份驗證和配置的測試平臺。您只需發送電子郵件至[email protected]即可在幾分鐘內自動響應。

一旦你得到了結果,如果你需要幫助修復它指向你的任何項目,每個人都將能夠幫助你更多,因爲它更具體。

來源

2017-10-12 01:55:17 Henry

0

mydomain.com是從您使用的域,對不對?你應該確保有SPF,DKIM,也許還有DMARC的域名與信封一致。

作爲一個側面說明,這是所有這些都在你的SPF記錄中嗎?您希望能夠代表哪些服務能夠發送電子郵件?爲什麼不更具體? v=spf1 +a +mx -all

來源

2018-01-05 05:27:58

+0

謝謝你的回答。我爲我的域添加了測試結果。只需將「mydomain.com」替換爲「lotsearch.de」即可。 – mfuesslin

+0

我不認爲這是一個很好的SPF記錄。它可能在技術上驗證,但SPF記錄應包括您已授權發送傳出電子郵件的特定IP地址和/或主機服務。你是否看到我的意思是'ip4:'代表IP地址和/或'include:'代表主機 DKIM記錄是什麼?如果您指出主機名,查找起來會更容易。 –

+0

是的,我看着,並相應地改變我的SPF。謝謝。通過「域對齊」,你的意思是說所有的東西都應該是同一個域(「mydomain.com」)?因此,我需要將主機名從「zeus.mydomain.com」更改爲「mydomain.com」,並將郵件名/郵件服務器配置更改爲通過「mail.mydomain.com」使用「mydomain.com」? – mfuesslin

相關問題

 相關問題