DMARC/SPF配置错误 [英] DMARC/SPF configuration error

问题描述

我在domains.google.com注册了一个域，该域与G Suite帐户一起使用，还可以从SES和mailchimp发送电子邮件.

I have a domain registered at domains.google.com that I use with a G Suite account and also to send email from SES and mailchimp.

我的DNS记录对我来说看起来正确( Mailchimp说明):

My DNS records look correct to me (Mailchimp instructions):

@ TXT"v = spf1包括:_spf.google.com包括:amazonses.com包括:servers.mcsv.net〜all"

@ TXT "v=spf1 include:_spf.google.com include:amazonses.com include:servers.mcsv.net ~all"

_dmarc TXT"v = DMARC1; p =无； pct = 100; rua = mailto:re+aml1ryadtn7@dmarc.postmarkapp.com; sp = none; aspf = r;"

_dmarc TXT "v=DMARC1; p=none; pct=100; rua=mailto:re+aml1ryadtn7@dmarc.postmarkapp.com; sp=none; aspf=r;"

我使用邮戳的精美服务来获取每周的DMARC摘要，他们针对mailchimp电子邮件报告此错误:

I use postmark's nifty service to get a weekly DMARC digest, and they report this error for mailchimp emails:

mcsv.net被授权代表mydomain.com发送，但是看起来SPF仍未通过DMARC的一致性测试. DMARC查看邮件的返回路径，以确保那里的域与您的发件人"地址中的域匹配.如果返回路径"路径与您的发件人"地址不匹配，则这些邮件将无法通过DMARC的SPF对齐测试.请检查此来源，因为您可能需要设置自定义的Return-Path.

mcsv.net is authorized to send on behalf of mydomain.com, however it looks like SPF is still failing DMARC’s alignment test. DMARC looks at the Return-Path of a message to make sure the domain there matches the domain in your From address. If the Return-Path path doesn’t match your From address, those messages will fail DMARC’s SPF alignment test. Check with this source because you may need to set up a custom Return-Path.

这是mailchimp电子邮件中的相关标头:

Here are relevant headers from a mailchimp email:

Return-Path: <bounce-mc.us17_88978185.265251-recipient=patentbots.com@mail125.suw11.mcdlv.net>
From: me@mydomain.com

我在安装程序中是否有错误(DNS或Mailchimp)导致SPF DMARC对齐失败?还是Mailchimp不支持的东西?

Do I have an error in setup (either DNS or Mailchimp) that causes SPF DMARC alignment to fail? Or is this something that isn't supported by Mailchimp?

推荐答案

Mailchimp不支持SPF，因为它在退回地址中使用自己的域.但是，他们的域身份验证工具需要包括Mailchimp. Mailchimp始终无法通过DMARC的SPF对齐测试，因为Return-Path路径与发件人"地址不匹配. MailChimp不支持自定义的Return-Path(尽管Mailchimp拥有的Mandrill支持).这使得Mailchimp无法按照DMARC规则100％兼容SPF.

Mailchimp does not support SPF as it uses its own domain in the bounce address. Their domain authentication verification tool requires including Mailchimp, though. Mailchimp always fails DMARC's SPF alignment test because the Return-Path path doesn’t match the From address. MailChimp doesn't support custom Return-Path (even though Mandrill, which is owned by Mailchimp, does). This makes it impossible to be 100% SPF-compliant under DMARC rules with Mailchimp.

这篇关于DMARC/SPF配置错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！