如何知道是否SPF配置在工作(亚马逊SES / Route53)? [英] How to know if the SPF config is working (Amazon SES/Route53)?
问题描述
我使用的是亚马逊SES和Route53和困惑我怎么指定TXT价值,包括适当的SPF配置。亚马逊给了我一个SES TXT名称/值对,看起来是这样的:
名称:_amazonses.xxx.com
价值:bInxJfnRbxxxxx9uFXgmxxxxxQHd08UxxxxxxsG + K =
我插入我的Route53记录集(等同于区域文件关于Godaddy的)这一点。加入我的SMTP凭据我的应用程序,并有亚马逊验证我的帐户(批生产准入),它的工作原理,我可以从我的网站发送电子邮件的各种账户(Gmail,雅虎,Hotmail的,我的埃杜大学毕业后果然帐户)。
我什么都不知道SPF,但听到这是件好事包括在自己的电子邮件服务器的配置。通过谷歌搜索关于亚马逊SES,我总是看到,包括流动的片段:
V = SPF1包括:amazonses.com〜一切
spf2.0 / PRA包括:amazonses.com〜一切
目前,这两个片段都包含在同一个TXT值字段如上面那么大,丑的价值(bInxJfnRb ......)和我的邮件仍然可以发送OK。
两个相关的问题:
- 无论把所有3的片断在一个TXT值字段是正确的地方为这些片段?
- 在什么情况下使用V = SPF1包括:amazonses.com〜一切和spf2 ......开始发挥作用?基本上,我怎么知道他们在做什么?
添,
我一直使用TXT记录饲养SPF和SenderID信息,如如下(以下线的 DIG 的结果):
mydomain.com。 86400为TXT的V = SPF1包括:amazonses.com所有
mydomain.com。 86400 IN TXTspf2.0 / PRA包括:amazonses.com吗?
这也是亚马逊如何建议你去做。
无论SPF和SenderID是机制的ISP用于验证其发送的电子邮件从您的域名是服务器确实是的授权的通过您的域名这样做。每当一个ISP即将转发的电子邮件,他们会以保证它是不是垃圾进行这种检查。在亚马逊SES页面的解释是最简洁的,我可以找到一个:
互联网服务供应商在互联网上转发电子邮件的交通都十分清楚垃圾邮件发送者和他们的活动。大多数ISP已经采取措施评估电子邮件是否合法。一个这样的行动,互联网服务供应商考虑的是电子邮件验证,在发送者提供证据证明他们是,他们发送的帐户的拥有者。在某些情况下,互联网服务供应商将拒绝转发未经过身份验证的电子邮件。
如果如Gmail,雅虎,等供应商,提供您的电子邮件,它的最终目标,你的DNS条目可能已经是正确的。如果尝试将其删除,并等待一些时间DNS设置进行传播,很可能你的邮件就开始被归类为垃圾邮件。有一些网络工具,如这个,它可以帮助您验证您的SPF记录。
希望它帮助。
I'm using Amazon SES and Route53 and confused how I specify the TXT value to include the proper SPF config. Amazon gave me a SES TXT name/value pair which looks something like this:
Name: "_amazonses.xxx.com"
Value: "bInxJfnRbxxxxx9uFXgmxxxxxQHd08UxxxxxxsG+k="
I plugged this into my Route53 Record Set (same as "Zone file" on Godaddy). Sure enough after adding my SMTP credentials to my app and having Amazon verify my account ("grant production access"), it works and I can send email from my site to a variety of accounts (Gmail, Yahoo, Hotmail, my .edu university account).
I know nothing about SPF but hear it is good include in one's email server configuration. By googling about Amazon SES, I keep seeing to include the flowing snippets:
"v=spf1 include:amazonses.com ~all"
"spf2.0/pra include:amazonses.com ~all"
Currently, these 2 snippets are included in the same TXT value field as that big, ugly value above("bInxJfnRb...") and my emails still get sent ok.
Two related questions:
- Whether putting all 3 of the snippets in a single TXT value field is the right place for these snippets?
- What are the circumstances under which "v=spf1 include:amazonses.com ~all" and "spf2..." come into play? Basically, how do I know if they are doing anything?
Tim,
I have always used TXT records for keeping SPF and SenderID information, like follows (the lines below are the result of a dig):
mydomain.com. 86400 IN TXT "v=spf1 include:amazonses.com ?all"
mydomain.com. 86400 IN TXT "spf2.0/pra include:amazonses.com ?all"
This is also how Amazon recommends you to do it.
Both SPF and SenderID are mechanisms ISPs use to verify the server which sent the email as being from your domain is really authorized by your domain to do so. Whenever an ISP is about to forward your email message, they will perform this kind of checks in order to guarantee it is not a SPAM. The explanation on Amazon SES page is one of the most concise I could find:
ISPs that forward email traffic on the Internet are well aware of spammers and their activities. Most ISPs have taken measures to evaluate whether email is legitimate. One such action that ISPs consider is email authentication, in which senders provide evidence that they are the owner of the account that they are sending from. In some cases, ISPs will refuse to forward email that is not authenticated.
If providers like Gmail, Yahoo!, etc, delivered your email to its final destination, your DNS entries are probably already correct. If you try to remove them and wait some time for the DNS settings to propagate, it is very likely your email will start being classified as spam. There are some web tools, like this one, which can help you validate your SPF records.
Hope it helps.
这篇关于如何知道是否SPF配置在工作(亚马逊SES / Route53)?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
