服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 使用ESMTP标头发送原始电子邮件时,从我们的邮箱通过IMAP导入邮件时,无法validationGmail SPF
Intereting Posts
硬件状态与ESXi显示不完整的硬件信息; 错误的BMC细节 768Mb RAM @ 333Mhz比400Mhz 512Mb RAM更快还是更慢? 如何将VirtualBox 2虚拟计算机迁移到VmWare server2? 将registry或ADM应用于组策略以login到特定服务器 terminal服务 – RDP打印 你应该使用私有主机名还是公共主机名作为服务器主机名? 问题与gmailfs 我需要将目录名映射到域需要哪些Apache服务器configuration? 试图使用sed编辑named.conf并添加一些DNS转发器,但不能? 服务器在外部访问OWA时重置 初始Cisco ASA 5510configuration 亚马逊EC2 – 保留的私人地址 启动无法触摸现有文件的应用程序 在XenServer 6.2上升级openssh-server 戴尔PowerEdge R220风扇转速高时闲置,低压力下

使用ESMTP标头发送原始电子邮件时,从我们的邮箱通过IMAP导入邮件时,无法validationGmail SPF

我们有一个奇怪的情况:

  • 我们会收到一封包含ESMTP标题的电子邮件
  • 我们的服务器接受它,没关系
  • 我们像Gmail中的其他邮件一样在Gmail中导入该邮件
  • Gmail使SPF检查失败
  • Gmail使用我们的服务器IP地址和邮件发件人域进行检查(原文如此!

我们也有类似的邮件在本地邮箱之间的问题(但Gmail使用我们的服务器域和客户端的IP): 通过SMTP从一个本地箱发送到另一个邮箱,因为客户端IP而不是服务器的邮件导入到Gmail的SPF失败

例: 

Received-SPF: fail (google.com: domain of [email protected] does not designate 188.40.153.39 as permitted sender) client-ip=188.40.153.39; Authentication-Results: mx.google.com; spf=fail (google.com: domain of [email protected] does not designate 188.40.153.39 as permitted sender) smtp[email protected]

更多标题: 

 Delivered-To: example@gmail.com Received: by 10.194.168.164 with SMTP id zx4csp522020wjb; Thu, 19 Feb 2015 06:26:04 -0800 (PST) X-Received: by 10.180.219.66 with SMTP id pm2mr10333511wic.91.1424355964017; Thu, 19 Feb 2015 06:26:04 -0800 (PST) Return-Path: <[email protected]> Received: from server.webvizarts.com (server.webvizarts.com . [188.40.153.39]) by mx.google.com with ESMTPS id ge6si41332059wjd.24.2015.02.19.06.26.03 for <[email protected]> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 19 Feb 2015 06:26:04 -0800 (PST) Received-SPF: fail (google.com: domain of [email protected] does not designate 188.40.153.39 as permitted sender) client-ip=188.40.153.39; Authentication-Results: mx.google.com; spf=fail (google.com: domain of [email protected] does not designate 188.40.153.39 as permitted sender) [email protected] Received: from mx.msit.gov.pl ([77.252.152.34]) by server.webvizarts.com with esmtp (Exim 4.83) (envelope-from <[email protected]>) id 1YOS3G-0003eP-T2 for [email protected]; Thu, 19 Feb 2015 15:26:03 +0100 Received: from msit.gov.pl (unknown [192.168.10.30]) by mx.msit.gov.pl (Postfix) with ESMTPS id 5BE2F3B64 for <[email protected]>; Thu, 19 Feb 2015 15:24:48 +0100 (CET) Received: from EX3.sport.local (192.168.10.30) by EX3.sport.local (192.168.10.30) with Microsoft SMTP Server (TLS) id 15.0.1044.25; Thu, 19 Feb 2015 15:22:45 +0100 Received: from EX3.sport.local ([fe80::b8ed:df29:c87:77d2]) by EX3.sport.local ([fe80::b8ed:df29:c87:77d2%15]) with mapi id 15.00.1044.021; Thu, 19 Feb 2015 15:22:45 +0100 From: John Smith <[email protected]> To: Christopher Smith <[email protected]> Subject: Re: Some sensitive subject Thread-Topic: Some sensitive subject X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [192.168.0.102]

模糊的标题,邮箱名称和人名。

我们有基于Debian的VPS的dovecot + exim

我们寻找一些解决scheme如何避免这一点。 在Gmail方面的实施有缺陷,或者我们可以做些什么呢?

编辑:根据评论它的转发错误作为导入

[…]
我们像Gmail中的其他邮件一样在Gmail中导入该邮件
[…]

这是错误的,因为邮件标题告诉不同的东西: 

 Received: from server.webvizarts.com (server.webvizarts.com . [188.40.153.39]) by mx.google.com with ESMTPS id ge6si41332059wjd.24.2015.02.19.06.26.03 for <[email protected]> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 19 Feb 2015 06:26:04 -0800 (PST)

这些电子邮件是由server.webvizarts.com for [email protected] mx.google.com 。 显然没有设置信封,从: 

 Authentication-Results: mx.google.com; spf=fail (google.com: domain of [email protected] does not designate 188.40.153.39 as permitted sender) [email protected]

很明显,信封仍然是[email protected]

我可以在这里想到三个选项:

  1. 重写信封 – 使用发件人重写scheme ,例如使用postfix-srsd 。
  2. 在发送/转发之前,在gmail上进行身份validation
  3. 将电子邮件从您的服务器推送到Gmail的IMAP / POP3邮箱,或让他们通过Gmail从您的服务器上拉出(我不知道哪个更容易)