有人欺骗我的电子邮件发送垃圾邮件,我不知道如何阻止

信息安全 电子邮件 欺骗 邮箱 电子邮件欺骗
2021-08-25 20:15:01

有人在使用我的 Google Apps 电子邮件 ID 发送垃圾邮件,我收到了 2000 多封未送达和自动回复的电子邮件。

我不知道如何阻止它,因为垃圾邮件发送者还使用我的电子邮件作为回复电子邮件。

如果您有任何以前的经验,您能告诉我如何以简单的方式阻止它吗?

主题如“紧急恋童癖警报”和“这是你的 $1OOO 沃尔玛礼品卡”

我的 DNS 将此作为TXT 记录v=spf1 a mx ip4:X.X.XX.XX ~all

我现在添加了这个: v=spf1 include:_spf.google.com ~all

作为参考,这是我收到的电子邮件的示例回复(我添加了 xxxx 以隐藏一些电子邮件):

Delivered-To: mail@xxxxxxxx.com
Received: by 10.27.89.9 with SMTP id n9csp996482wlb;
        Sun, 24 Jan 2016 14:48:58 -0800 (PST)
X-Received: by 10.55.73.85 with SMTP id w82mr17774512qka.52.1453675738222;
        Sun, 24 Jan 2016 14:48:58 -0800 (PST)
Return-Path: <>
Received: from SNT004-OMC2S24.hotmail.com (snt004-omc2s24.hotmail.com. [65.55.90.99])
        by mx.google.com with ESMTPS id 7si20890653qgy.13.2016.01.24.14.48.57
        for <mail@xxxxxxx.com>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
        Sun, 24 Jan 2016 14:48:58 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of SNT004-OMC2S24.hotmail.com designates 65.55.90.99 as permitted sender) client-ip=65.55.90.99;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of SNT004-OMC2S24.hotmail.com designates 65.55.90.99 as permitted sender) smtp.mailfrom=;
       dmarc=fail (p=NONE dis=NONE) header.from=msn.com
Received: from na01-bl2-obe.outbound.protection.outlook.com ([65.55.90.72]) by SNT004-OMC2S24.hotmail.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.23008);
     Sun, 24 Jan 2016 14:48:57 -0800
Received: from BN3PR17MB0625.namprd17.prod.outlook.com (10.165.115.139) by
 BN3PR17MB0625.namprd17.prod.outlook.com (10.165.115.139) with Microsoft SMTP
 Server (TLS) id 15.1.390.13; Sun, 24 Jan 2016 22:48:56 +0000
Received: from BN3PR17MB0625.namprd17.prod.outlook.com ([127.0.0.1]) by
 BN3PR17MB0625.namprd17.prod.outlook.com ([10.165.115.139]) with Microsoft
 SMTP Server id 15.01.0390.013; Sun, 24 Jan 2016 22:48:56 +0000
From: MAC MCOMBER <macxxxxxxxarol1@msn.com>
To: Neighborhood Alert <mail@xxxxxxxxxx.com>
Subject: Automatic reply: URGENT Pedophile Alert
Thread-Topic: URGENT Pedophile Alert
Thread-Index: AQHRVvlnYJlMVx0pu0eDEW+YO1CewZ8LRN0u
Date: Sun, 24 Jan 2016 22:48:56 +0000
Message-ID: <56bcad494e29434eb31e762fcdf38e6f@BN3PR17MB0625.namprd17.prod.outlook.com>
References: <COL004-MC2F10rf3yXv000739cd@COL004-MC2F10.hotmail.com>
In-Reply-To: <COL004-MC2F10rf3yXv000739cd@COL004-MC2F10.hotmail.com>
X-MS-Has-Attach:
X-Auto-Response-Suppress: All
X-MS-Exchange-Inbox-Rules-Loop: macxxxol1@msn.com
X-MS-TNEF-Correlator:
authentication-results: xxxxxx.com; dkim=none (message not signed)
 header.d=none;web3canvas.com; dmarc=none action=none header.from=msn.com;
x-ms-exchange-parent-message-id: <COL004-MC2F10rf3yXv000739cd@COL004-MC2F10.hotmail.com>
auto-submitted: auto-generated
x-ms-exchange-generated-message-source: Mailbox Rules Agent
x-microsoft-exchange-diagnostics: 1;BN3PR17MB0625;23:szzPHpRWFWcejvo2dVr00t4AmKBuIQDpL3YmG6ZCC5F/mfnjUl/jlt55bZF/MtXSTFhp0/CX3A1b/sGFEV4zxkFoBjbtnJtEa6BKcTT8WTQ6Teef4aeLAfDtuizz7xnYvOABjb7ypohELRorJ+crqT4VC49sxoI0DL4/s/FBdgqQldhRcWIqGt03naEtuRpUyN/Fe92wH/fcA8NXyAg+Mg==;5:+c3FXL7JypOTqHvY8I3WIqTp7xEaq8cyZMuC77eHCAmKt2hVjmUtKB91eVkr7Qi7d6sVjae+uk9gbv2/uxkXrXpbQM/GoP8gwpN6hSb08y9SqQHh2BOVNMl+0YvIB57AcGMYQUXW2gvzanmG1GLPfA==;24:MRTsqWmPbTTdXzjvcnrNYmNjuiue/CXXsOT8meWUHPlRD+VBUVnIkamU4QgBZoVbx2+IOOUkNKcqkrXVQdN6m2Cmr7fSpQ04SBxi8vaQ3lA=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BN3PR17MB0625;
x-ms-office365-filtering-correlation-id: 0afd3f36-0f70-4738-daf4-08d325108aa3
x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(432015012)(82015046);SRVR:BN3PR17MB0625;BCL:0;PCL:0;RULEID:;SRVR:BN3PR17MB0625;
x-forefront-prvs: 0831C25939
x-forefront-antispam-report: SFV:NSPM;SFS:(7070004)(98900002);DIR:OUT;SFP:1901;SCL:1;SRVR:BN3PR17MB0625;H:BN3PR17MB0625.namprd17.prod.outlook.com;FPR:;SPF:None;LANG:en;
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative;
    boundary="_000_56bcad494e29434eb31e762fcdf38e6fBN3PR17MB0625namprd17pr_"
MIME-Version: 1.0
X-OriginatorOrg: sct-15-1-318-15-msonline-outlook-9143d.templateTenant
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2016 22:48:56.4758
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR17MB0625
Return-Path: <>
X-OriginalArrivalTime: 24 Jan 2016 22:48:57.0752 (UTC) FILETIME=[68EAD180:01D156F9]

--_000_56bcad494e29434eb31e762fcdf38e6fBN3PR17MB0625namprd17pr_
3个回答

我现在添加了这个:v=spf1 include:_spf.google.com ~all

最后~all只是导致软失败,即邮件仍将被传递。如果您想永久失败,请使用-all. 当然这只会影响检查 SPF 记录的邮件服务器,这不是全部。

从邮件看来,他们是从谷歌帐户发送的,绕过了 SPF 记录。误读了相应的标题。事实并非如此

我的建议是推出DMARCDKIM如果邮件不是由您的服务器发送和签名的,这允许您要求接收服务器丢弃或隔离邮件。我不知道 Google Apps 电子邮件是否可以使用 DKIM。

如果您收到退回的消息,这就是所谓的反向散射可以过滤掉虚假的退回邮件另请参阅http://www.dontbouncespam.org/#BS了解过滤反向散射的其他方法。

这不会阻止垃圾邮件发送者在 From: 行中使用您的姓名向受害者发送电子邮件。

其它你可能感兴趣的问题
上一篇如何安全使用公共WiFi? 下一篇Team Viewer 如何建立远程桌面连接?