Amazon SES电子邮件以Yahoo＆Hotmail垃圾邮件文件夹结尾，即使SPF和SenderID和DKIM设置正确

这令人难以置信的令人沮丧。 即使我的SPF，SenderID和DKIM安装正确，我的Amazon SES电子邮件也以Yahoo＆Hotmail垃圾邮件文件夹结尾。 由于这个特定的网站要求用户确认他们的电子邮件地址，所以自从使用Amazon SES以来，我失去了超过50％的新注册，需要紧急解决。

以下是我的SPF和SenderIDlogging（包括来自Google，Rackspace和Amazon的电子邮件服务）：

v=spf1 include:_spf.google.com include:emailsrvr.com include:amazonses.com ~all

spf2.0/pra include:_spf.google.com include:emailsrvr.com include:amazonses.com ~all

• 亚马逊：如何知道我是否需要预置IOPS？
• AWS添加选项组
• ElasticBeanstalk：从configuration文件中设置实例types和安全组
• 如何自动扩展MySQL服务器？
• 找不到我的Amazon-RDS实例的私人IP地址

我用GoDaddy托pipe这个特定的域名，似乎你不需要使用引号（“）来包围SPF和SenderIDlogging（事实上，当我用引号进行尝试时， Kitterman和MXtoolbox工具都不能findSPFlogging，当我删除报价时，两者都是由两个服务。）

但是，尽pipe我使用了Amazon自己推荐的SPF和SenderIDlogging，但是我向Port25的身份validation服务发送了一个testing电子邮件，尽pipeDKIM通过了，但是SPF和SenderIDlogging似乎都有permerrors ， 似乎这些错误在亚马逊的结尾有“多个logging” （Kitterman工具失败，原因相同“结果 – PermError SPF永久错误：find两个或多个types的TXT SPFlogging”）。 以下是Port25服务的结果：

 This message is an automatic response from Port25's authentication verifier service at verifier.port25.com. The service allows email senders to perform a simple check of various sender authentication mechanisms. It is provided free of charge, in the hope that it is useful to the email community. While it is not officially supported, we welcome any feedback you may have at <[email protected]>. This message is an automatic response from Port25's authentication verifier service at verifier.port25.com. The service allows email senders to perform a simple check of various sender authentication mechanisms. It is provided free of charge, in the hope that it is useful to the email community. While it is not officially supported, we welcome any feedback you may have at <[email protected]>. Thank you for using the verifier, The Port25 Solutions, Inc. team ========================================================== Summary of Results ========================================================== SPF check: permerror DomainKeys check: neutral DKIM check: pass Sender-ID check: permerror SpamAssassin check: ham ========================================================== Details: ========================================================== HELO hostname: a192-142.smtp-out.amazonses.com Source IP: 199.255.192.142 mail-from: [email protected] ---------------------------------------------------------- SPF check details: ---------------------------------------------------------- Result: permerror (multiple SPF records) ID(s) verified: [email protected] DNS record(s): amazonses.com. SPF (no records) amazonses.com. 900 IN TXT "v=spf1 ip4:199.255.192.0/22 ip4:199.127.232.0/22 ~all" amazonses.com. 900 IN TXT "spf2.0/pra ip4:199.255.192.0/22 ip4:199.127.232.0/22 ~all" amazonses.com. 900 IN TXT "v=spf1 ip4:199.255.192.0/22 ip4:199.127.232.0/22 54.240.0.0/18 ~all" amazonses.com. 900 IN TXT "spf2.0/pra ip4:199.255.192.0/22 ip4:199.127.232.0/22 54.240.0.0/18 ~all" amazonses.com. 900 IN TXT "mailru-verification: 71asdf5de908d6ed" ---------------------------------------------------------- DomainKeys check details: ---------------------------------------------------------- Result: neutral (message not signed) ID(s) verified: [email protected] DNS record(s): ---------------------------------------------------------- DKIM check details: ---------------------------------------------------------- Result: pass (matches From: [email protected]) NOTE: DKIM checking has been performed based on the latest DKIM specs (RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for older versions. If you are using Port25's PowerMTA, you need to use version 3.2r11 or later to get a compatible version of DKIM. ---------------------------------------------------------- Sender-ID check details: ---------------------------------------------------------- Result: permerror (multiple SPF records with 'pra' scope) ID(s) verified: [email protected] DNS record(s): _spf.google.com. SPF (no records) _spf.google.com. 300 IN TXT "v=spf1 ip4:216.239.32.0/19 ip4:64.233.160.0/19 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:209.85.128.0/17 ip4:66.102.0.0/20 ip4:74.125.0.0/16 ip4:64.18.0.0/20 ip4:207.126.144.0/20 ip4:173.194.0.0/16 ?all" emailsrvr.com. SPF (no records) emailsrvr.com. 28800 IN TXT "v=spf1 ip4:207.97.245.0/24 ip4:207.97.227.208/28 ip4:67.192.241.0/24 ip4:98.129.184.0/23 ip4:72.4.117.0/27 ip4:72.32.49.0/24 ip4:72.32.252.0/24 ip4:72.32.253.0/24 ip4:207.97.200.40 ip4:173.203.2.0/25 ip4:173.203.6.0/23 ip4:50.57.0.0/27 ~all" amazonses.com. SPF (no records) amazonses.com. 900 IN TXT "v=spf1 ip4:199.255.192.0/22 ip4:199.127.232.0/22 ~all" amazonses.com. 900 IN TXT "spf2.0/pra ip4:199.255.192.0/22 ip4:199.127.232.0/22 ~all" amazonses.com. 900 IN TXT "v=spf1 ip4:199.255.192.0/22 ip4:199.127.232.0/22 54.240.0.0/18 ~all" amazonses.com. 900 IN TXT "spf2.0/pra ip4:199.255.192.0/22 ip4:199.127.232.0/22 54.240.0.0/18 ~all" amazonses.com. 900 IN TXT "mailru-verification: 71asdf5de908d6ed" ---------------------------------------------------------- SpamAssassin check details: ---------------------------------------------------------- SpamAssassin v3.3.1 (2010-03-16) Result: ham (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SINGLE_HEADER_2K A single header contains 2K-3K characters -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [199.255.192.142 listed in list.dnswl.org] -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature ========================================================== Explanation of the possible results (from RFC 5451) ========================================================== SPF and Sender-ID Results ========================= "none" No policy records were published at the sender's DNS domain. "neutral" The sender's ADMD has asserted that it cannot or does not want to assert whether or not the sending IP address is authorized to send mail using the sender's DNS domain. "pass" The client is authorized by the sender's ADMD to inject or relay mail on behalf of the sender's DNS domain. "policy" The client is authorized to inject or relay mail on behalf of the sender's DNS domain according to the authentication method's algorithm, but local policy dictates that the result is unacceptable. "fail" This client is explicitly not authorized to inject or relay mail using the sender's DNS domain. "softfail" The sender's ADMD believes the client was not authorized to inject or relay mail using the sender's DNS domain, but is unwilling to make a strong assertion to that effect. "temperror" The message could not be verified due to some error that is likely transient in nature, such as a temporary inability to retrieve a policy record from DNS. A later attempt may produce a final result. "permerror" The message could not be verified due to some error that is unrecoverable, such as a required header field being absent or a syntax error in a retrieved DNS TXT record. A later attempt is unlikely to produce a final result. DKIM and DomainKeys Results =========================== "none" The message was not signed. "pass" The message was signed, the signature or signatures were acceptable to the verifier, and the signature(s) passed verification tests. "fail" The message was signed and the signature or signatures were acceptable to the verifier, but they failed the verification test(s). "policy" The message was signed but the signature or signatures were not acceptable to the verifier. "neutral" The message was signed but the signature or signatures contained syntax errors or were not otherwise able to be processed. This result SHOULD also be used for other failures not covered elsewhere in this list. "temperror" The message could not be verified due to some error that is likely transient in nature, such as a temporary inability to retrieve a public key. A later attempt may produce a final result. "permerror" The message could not be verified due to some error that is unrecoverable, such as a required header field being absent. A later attempt is unlikely to produce a final result. ========================================================== Original Email ========================================================== Return-Path: <[email protected]> Received: from a192-142.smtp-out.amazonses.com (199.255.192.142) by verifier.port25.com id asdf for <[email protected]>; Sat, 1 Sep 2012 09:24:25 -0400 (envelope-from <[email protected]>) Authentication-Results: verifier.port25.com; spf=permerror (multiple SPF records) [email protected] Authentication-Results: verifier.port25.com; domainkeys=neutral (message not signed) [email protected] Authentication-Results: verifier.port25.com; dkim=pass (matches From: [email protected]) header.d=mysite.com Authentication-Results: verifier.port25.com; sender-id=permerror (multiple SPF records with 'pra' scope) [email protected] Return-Path: [email protected] Message-ID: <[email protected]> Date: Sat, 1 Sep 2012 13:24:08 +0000 Subject: Confirm your E-mail From: "[email protected]" <[email protected]> To: [email protected] MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-SES-Outgoing: 199.255.192.142 Hello testuser, Confirm your e-mail by clicking this li= nk: http://mysite.com/confirmemail/aaasdf7798e If you ar= e having problems confirming, enter the code below. Code: aaasdf7798e Thanks! The mysite.com Team 

我能做些什么来解决这个紧急问题，以便我的电子邮件通过亚马逊SES通过SPF和SenderID，并最终在我的雅虎和Hotmail用户的收件箱？ 我已经尝试了一切，似乎没有任何工作。 谢谢。

  amazonses.com. 900 IN TXT "v=spf1 ip4:199.255.192.0/22 ip4:199.127.232.0/22 ~all" amazonses.com. 900 IN TXT "v=spf1 ip4:199.255.192.0/22 ip4:199.127.232.0/22 54.240.0.0/18 ~all"