如何检测域是否已捕获所有接受电子邮件的策略? [英] How to detect if domain has catch all policy to accept email?

问题描述

我几乎可以用一种工具来检测电子邮件是否有效.我被困在必须检测邮件服务器或域是否启用了包罗万象的策略的小地方.

I am almost done with a tool to detect if email is valid or not. I am stuck at small point where I have to detect If mail server or domain has catch-all policy enable.

全部捕获:即使电子邮件地址没有退出，邮件服务器也会接受所有电子邮件.

Catch all: mail server will accept all email even if email address do not exits.

谢谢.

推荐答案

没有100％可靠的方法来检测您无法控制的邮件服务器的所有内容. 最有前途的方法是在目标域中生成一个随机地址，该地址绝对不会用作真实帐户并发送测试消息.

There is no 100% reliable way to detect a catch-all of a mail server you don't control yourself. The most promising way is to generate a random address in the target domain which is definitely not used as a real account and send a test message.

如果您在发送过程中没有被拒绝，并且在几分钟之内没有跳到脚本的信封发件人地址，则可能涉及 .但这也可能只是意味着目标服务器隔离或丢弃了您的邮件，或者退回的邮件并未将其退还给您.

If you don't get a reject while sending and no bounce to the envelope sender address of your script within a few minutes, there could be a catch-all involved. But it could also simply mean that the target server quarantined or dropped your message or that the bounce didn't make it back to you.

如果您走这条路，请确保您的工具生成具有所有必要标头的有效消息，并具有正确的dns/helo设置，并且不使用任何非rfc smtp快捷方式等，以便不被过滤.

If you go down that road, make sure your tool generates valid messages, with all the necessary headers, has correct dns/helo settings, doesn't use any non-rfc smtp shortcuts, etc. in order not to get filtered.

附带说明:如果此工具即将公开，请确保对其进行了适当的保护.自动发送邮件的工具是常见的滥用目标.

On a side note: if this tool is going to be public, make sure its properly protected. Tools that automatically send mails are popular targets for abuse.

这篇关于如何检测域是否已捕获所有接受电子邮件的策略?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！