能够用自己的域名发送电子邮件是非常好的,但是当有人开始用你的域名发送垃圾邮件时,你会怎么做呢?今天的超级用户问答文章讨论了这个问题,以帮助一个沮丧的读者。
今天的问答环节是由SuperUser提供的,SuperUser是Stack Exchange的一个分支,是一个由社区驱动的问答网站分组。
照片由Maria Elena(Flickr)提供。
超级用户读者Jake M想知道某人是如何使用个人域发送电子邮件的:
Spammers or someone similar is sending e-mails to people using our domain name.
What would allow someone (or a bot) to send an e-mail under our domain name? Is there anything we can do to stop this? Is this Dictionary Spamming?
有人是如何做到这一点的?有什么办法可以缓解这种情况吗?
超级用户贡献者Paul和AFH为我们提供了答案。首先,保罗:
The SMTP protocol does not include any controls over the From and To fields in an e-mail. They can be whatever you like provided you have authority to send e-mails using the SMTP server.
So the short answer is nothing prevents anyone from using your domain in e-mails they send. Even normal users can put whatever e-mail address they like in their e-mail settings.
Spammers routinely use valid domain names as From addresses to avoid being blocked.
While you cannot stop someone from sending e-mails with your domain name, you can help e-mail servers around the world understand if e-mails sent from your domain name actually originated from you and are legitimate e-mails, so that any others can be discarded as spam.
SPF
One way is to use SPF. This is a record that goes into DNS and lets the Internet know what servers are permitted to send e-mails on behalf of your domain. It looks like this:
This says that the only valid sources of e-mail for ourdomain.com.au are the MX servers – the server defined as the recipient of e-mails for the domain, and another server at 123.123.123.123. E-mail from any other server should be c***idered spam.
Most e-mail servers will check for the presence of this DNS record and act accordingly.
DKIM
While SPF is easy to set up, DKIM takes a little more effort and should be implemented by your e-mail server administrator. If you send your e-mail via an ISP e-mail server, they will often have methods for quick setup of DKIM.
DKIM works similarly to SSL certificates. A public/private key pair is generated. The private key is known only to the e-mail server, and it will sign any outgoing e-mails.
The public key is published using DNS. So any server receiving e-mails marked as coming from your domain can check that the e-mail was signed by retrieving the public key and checking the signature in the e-mails. If no signature is present, or it is incorrect, the e-mail can be c***idered spam.
接下来是AFH的回答:
An e-mail can contain any Reply-To address you choose. Some e-mail servers will send undeliverable notificati*** back to the Reply-To address rather than the originator. Online mail handlers like Gmail require you to validate any Reply-To address you use when composing online, but there is no such restriction when using a remote client with POP3/IMAP. And if you run your own e-mail server, you can probably also fake the From address.
有什么要补充的解释吗?在评论中发出声音。想从其他精通技术的Stack Exchange用户那里了解更多答案吗?在这里查看完整的讨论主题。
... 如果你有一些网页空间附加到网址上怎么办?也许你想要一些?这里最好的选择是找到一些便宜的托管,或者使用低成本或免费的托管解决方案来创建一个网站。也许你会使用WordPress作为一个内容管理解决方...
一些用户报告说他们在谷歌地图上收到了一些奇怪的垃圾信息。弹出窗口通知用户他们赢得了一些东西,然后请求他们的位置。我勒个去? 线程已经出现在reddit上,用户问的问题和我们现在想知道的一样:这是什么?对于初学...
...将它锁定到特定的主机上。 如果我的域名已经被占用了怎么办? 如果有人已经拥有你的域名,你可能仍然可以购买它,但它将花费更多。这是因为你不需要以标准价格从注册商那里购买,而需要从拥有它的人那里购买。许多人...
...菜单 第3部分:定制、小部件和插件 那么,我们做得怎么样?你是觉得更困惑,还是更少困惑?或者你是一个传说中的“网络大师”,为新手的第一个“真正的”网页提供了很多提示?请在评论中告诉我们您的想法,或将您...
...算机上的finger命令查看远程计算机上的登录用户、他们的电子邮件地址和全名。实际上,几乎没有一台计算机运行可以连接的手指服务。 在早期的网络时代,这个实用程序是一个很好的主意,你可能想知道谁登录了你大学网络...
...恶意软件。该报告还包括两封为世卫组织和联合国募捐的电子邮件的文本,但要求将捐款发送给“几个已知受损”的比特币钱包。 谷歌也在模仿世界卫生组织(WHO)等组织的电子邮件中发现了捐款诈骗,并在4月中旬表示,在短...
...不久。我的计划到此为止。如果你想知道的话,423.75美元怎么便宜一点呢。 其他不那么“高级”的域名也不那么贵。我的名字作为一个律师。怎么能让我每年赚35美...
错误时有发生,尤其是在邮件方面。承运商有时会误读地址,信件可能会在卡车后面来回移动,人们移动时也不会更新地址所有情况都可能导致您收到其他收件人的邮件。如果你收到不属于你的邮件,你应该这样做。如果邮件寄...
...情。当你意识到你确实需要伸出援手时,Zucker对如何通过电子邮件来做到这一点提出了一些很好的建议。责怪他们(在你心里)第一步是克服接触失误带来的尴尬。这就是让你(可能)多年不给他们写信的原因。为了突破这个障...
...你有一个流行的名字组合,或者只是在工作中收到了很多电子邮件,你一定会收到一封不适合你的电子邮件。你可以忽略它,当然,但有更好的方法来处理它。为了得到一些关于如何处理这个非常普遍的问题的可靠建议,我和一...