Kako je moguće poslati e-poštu pomoću nekog drugog imena domene?

Sadržaj:

Kako je moguće poslati e-poštu pomoću nekog drugog imena domene?
Kako je moguće poslati e-poštu pomoću nekog drugog imena domene?

Video: Kako je moguće poslati e-poštu pomoću nekog drugog imena domene?

Video: Kako je moguće poslati e-poštu pomoću nekog drugog imena domene?
Video: Why People Hated Windows 8 - YouTube 2024, Travanj
Anonim
Biti u mogućnosti poslati e-poštu pomoću vlastitog naziva domene može biti vrlo lijepo, ali što učiniti kada netko počne odbacivati spam mail koristeći naziv domene? Današnji SuperUser Q & A post raspravlja o tome kako bi pomogao frustriranom čitatelju.
Biti u mogućnosti poslati e-poštu pomoću vlastitog naziva domene može biti vrlo lijepo, ali što učiniti kada netko počne odbacivati spam mail koristeći naziv domene? Današnji SuperUser Q & A post raspravlja o tome kako bi pomogao frustriranom čitatelju.

Današnja pitanja i odgovori nam se javljaju zahvaljujući SuperUseru - podjele Stack Exchange-a, zajednice-driven grupiranja Q & A web stranica.

Foto ljubaznošću Marije Elene (Flickr).

Pitanje

Čitač SuperUser Jake M želi znati kako je netko mogao poslati e-poštu putem svoje osobne domene:

Spammers or someone similar is sending e-mails to people using our domain name.

  • The e-mails are from a user we did not create called: [email protected].
  • The e-mail is to: [email protected].
  • The content of the e-mail talks about a stock that is six cents but will go to fifteen cents and that people should buy it. It contains a link to Yahoo’s finance website, but I will not click it, so I am not sure if it is legitimate. We know of the e-mails because we get bounce-backs (the recipient must not exist).

What would allow someone (or a bot) to send an e-mail under our domain name? Is there anything we can do to stop this? Is this Dictionary Spamming?

Kako netko to radi i da li postoji nešto što se može učiniti kako bi ublažila situaciju?

Odgovor

Pripadnici SuperUser-a Paul i AFH imaju odgovor za nas. Prvo, Paul:

The SMTP protocol does not include any controls over the From and To fields in an e-mail. They can be whatever you like provided you have authority to send e-mails using the SMTP server.

So the short answer is nothing prevents anyone from using your domain in e-mails they send. Even normal users can put whatever e-mail address they like in their e-mail settings.

Spammers routinely use valid domain names as From addresses to avoid being blocked.

While you cannot stop someone from sending e-mails with your domain name, you can help e-mail servers around the world understand if e-mails sent from your domain name actually originated from you and are legitimate e-mails, so that any others can be discarded as spam.

SPF

One way is to use SPF. This is a record that goes into DNS and lets the Internet know what servers are permitted to send e-mails on behalf of your domain. It looks like this:

ourdomain.com.au. IN TXT “v=spf1 mx ip4:123.123.123.123 -all”

This says that the only valid sources of e-mail for ourdomain.com.au are the MX servers – the server defined as the recipient of e-mails for the domain, and another server at 123.123.123.123. E-mail from any other server should be considered spam.

Most e-mail servers will check for the presence of this DNS record and act accordingly.

DKIM

While SPF is easy to set up, DKIM takes a little more effort and should be implemented by your e-mail server administrator. If you send your e-mail via an ISP e-mail server, they will often have methods for quick setup of DKIM.

DKIM works similarly to SSL certificates. A public/private key pair is generated. The private key is known only to the e-mail server, and it will sign any outgoing e-mails.

The public key is published using DNS. So any server receiving e-mails marked as coming from your domain can check that the e-mail was signed by retrieving the public key and checking the signature in the e-mails. If no signature is present, or it is incorrect, the e-mail can be considered spam.

Slijedi odgovor AFH:

An e-mail can contain any Reply-To address you choose. Some e-mail servers will send undeliverable notifications back to the Reply-To address rather than the originator. Online mail handlers like Gmail require you to validate any Reply-To address you use when composing online, but there is no such restriction when using a remote client with POP3/IMAP. And if you run your own e-mail server, you can probably also fake the From address.

Imate li nešto za objašnjenje? Zvuči u komentarima. Želite li pročitati više odgovora od drugih tehnoloških korisnika Stack Exchangea? Pogledajte ovdje cijelu raspravu.

Preporučeni: