affiliate shirin Bayanan basira
Sakewa Masu bada bayanai Manufar cin zarafi
kai -- burger
Kwamitin sarrafawaControlPanel
Sabar don amsawaAdministrationSSLManajan ISPWindows VPSVPS LinuxVPS don VPN
Bayanan basira Sauƙaƙan umarni don aiki tare da sabis na Riba
Main Bayanan basira SPF, DKIM da DMRC daidaitawa

SPF, DKIM da DMRC daidaitawa

Wannan jagorar zai nuna maka tsarin daidaitawa SPF, DKIM и DMRC - abubuwa masu mahimmanci guda uku don inganta aikin aika imel.

Daidaitaccen tsari na SPF, DKIM и DMARC zai ƙara amincin sabar saƙon imel kuma rage yuwuwar saƙon ku ya shiga cikin spam.

  • SPF (Tsarin Manufofin Masu aikawa) matakan tsaro ne da aka tsara don hana wasu aika imel a madadin ku. Yana ƙayyade waɗanne adiresoshin IP aka yarda su aika imel da waɗanda ba su.
  • DKIM (DomainKeys Identified Mail) hanya ce ta tabbatar da saƙo. Lokacin da aka aika kowane imel, ana sanya hannu tare da maɓalli na sirri sannan a tabbatar da sabar saƙo mai karɓa (ko mai bada sabis na Intanet) tare da maɓallin jama'a na DNS.
  • DMARC (Gabatar da Saƙon da ke tushen yanki, Ba da rahoto & Amincewa) yana amfani da SPF da DKIM don tantance wasiku, rage hare-haren saƙon saƙo da saƙo.
Table da ke ciki
Rage rage

Tsarin SPF (Tsarin Manufofin Mai Aiki)

1.1. Don saita SPF, dole ne a ƙara rikodin TXT zuwa saitunan DNS na yankinku.

1.2. Wannan shi ne ma'auni mai zuwa na rikodin SPF:

  • v=spf1: yana ƙayyade sigar SPF da kuke amfani da ita. A yau SPF1 kawai ake amfani dashi.
  • ip4: [Your_Mail_Server_IP]: Yana nuna cewa adireshin IP ɗin sabar sabar ku an ba da izinin aika imel a madadin yankinku.
  • a: Ya ƙayyade cewa idan yanki yana da rikodin (adireshin IPv4) a cikin DNS, uwar garken da aka ƙayyade a cikin wannan rikodin zai iya aika imel a madadin yankin.
  • mx: Yana nuna cewa idan yanki yana da rikodin MX (musanyar wasiƙa) a cikin DNS, uwar garken da aka ƙayyade a cikin wannan rikodin zai iya aika imel a madadin yankin.
  • ~ duka: Yana nuna cewa kawai sabobin a cikin rikodin SPF na iya aika imel a madadin yankin. Idan imel ɗin ya fito daga wata uwar garken, za a yi masa alama a matsayin "taushi mai laushi" (~), wanda ke nufin ana iya karɓa, amma alama mai yiwuwa spam.

Tare, waɗannan abubuwan suna samar da SPF mai kama da wannan:

Suna: [Your_Domain]

v=spf1 ip4:[Your_Mail_Server_IP] a mx ~all

Sauya [Your_Mail_Server_IP] da adireshin IP na sabar imel.

DKIM (DomainKeys Identified Mail) daidaitacce

2.1. Da farko shigar opendkim da opendkim-tools. Tsarin shigarwa ya dogara da tsarin aiki:

Don CentOS:

yum install opendkim -y

Don Debian/Ubuntu:

apt install opendkim opendkim-tools -y

2.2. Na gaba, fara sabis ɗin opendkim kuma kunna ƙaddamar da shi yayin taya:

systemctl start opendkim
systemctl enable opendkim

2.3. Ƙirƙiri kundin adireshi don ajiyar maɓalli:

mkdir -p /etc/opendkim/keys/yourdomain.com

2.4. Ƙirƙirar maɓalli ta amfani da kayan aikin opendkim-genkey:

opendkim-genkey --directory /etc/opendkim/keys/yourdomain.com/ --domain yourdomain.com --selector dkim

Kar a manta don maye gurbin 'yourdomain.com' tare da ainihin sunan yankinku.

2.5. Saita izini masu dacewa don maɓalli:

chown -R opendkim:opendkim /etc/opendkim/keys/yourdomain.com

2.6. Yanzu muna buƙatar saita opendkim. Bude fayil ɗin /etc/opendkim.conf kuma ƙara saitunan masu zuwa:

AutoRestart Yes
AutoRestartRate 10/1h
Umask 002
Syslog Yes
SyslogSuccess Yes
LogWhy Yes
Canonicalization relaxed/simple
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
InternalHosts refile:/etc/opendkim/TrustedHosts
KeyTable refile:/etc/opendkim/KeyTable
SigningTable refile:/etc/opendkim/SigningTable
Mode sv
PidFile /var/run/opendkim/opendkim.pid
SignatureAlgorithm rsa-sha256
UserID opendkim:opendkim
Socket inet:8891@localhost

2.7. Ƙara yankinku zuwa /etc/opendkim/TrustedHosts fayil

127.0.0.1
localhost
*.yourdomain.com

2.8. Shirya /etc/opendkim/KeyTable fayil don yin kama da wannan:

dkim._domainkey.yourdomain.com yourdomain.com:dkim:/etc/opendkim/keys/yourdomain.com/dkim.private

2.9. Canza fayil ɗin /etc/opendkim/SigningTable. Domin ganin kamar haka

*@yourdomain.com dkim._domainkey.yourdomain.com

2.10. Idan kuna amfani da Debian/Ubuntu, saka tashar tashar opendkim:

echo 'SOCKET="inet:8891@localhost"' >> /etc/default/opendkim

2.11. Sake kunna sabis na opendkim domin a yi amfani da canje-canje:

systemctl restart opendkim

2.12. A ƙarshe, ƙara maɓallin jama'a zuwa saitunan DNS na yankinku. Makullan suna cikin /etc/opendkim/keys/yourdomain.com/dkim.txt.

DMRC (Tabbacin Saƙo na tushen yanki, Rahoto & Amincewa).

3.1. Don saita DMRC, ƙara rikodin TXT zuwa saitunan yankinku:

Name: _dmarc.[Your_Domain].
Значение: v=DMARC1; p=none; aspf=r; sp=none

Sauya [Your_Domain] da sunan yankin ku.

PTR (Pointer Record) daidaitawa

4.1. Ana amfani da rikodin PTR, wanda kuma aka sani da rikodin DNS na baya, don canza adireshin IP zuwa sunan yanki. Wannan yana da mahimmanci ga sabar saƙon wasiku saboda wasu sabar na iya ƙi saƙon ba tare da rikodin PTR ba.

4.2. Ana saita rikodin PTR yawanci a cikin saitunan mai bada sabis na intanit ko mai bada sabis. Idan kuna da damar yin amfani da waɗannan saitunan, zaku iya saita rikodin PTR ta ƙayyade adireshin IP na uwar garken ku da sunan yankin da ya dace.

4.3. Idan baku da damar yin amfani da saitunan rikodin PTR, tuntuɓi mai ba da sabis na intanit ɗinku ko mai ba da sabis tare da buƙatar daidaita rikodin PTR.

4.4. Bayan shigar da PTR, zaku iya duba shi ta amfani da umarnin tono a cikin Linux:

dig -x your_server_IP

Sauya 'your_server_IP' da adireshin IP na sabar ku. Amsar yakamata ta ƙunshi sunan yankin ku.

Bayan kammala duk matakan daidaita SPF, DKIM da DMARC, uwar garken wasikun zai yi ƙasa da yuwuwar sanya alamar wasiƙarku azaman spam - zai ba da tabbacin cewa wasiƙun ku sun isa ga masu karɓa.

❮ Labari na baya SPF, DKIM da DMRC daidaitawa
Labari na gaba ❯ Yadda ake ƙirƙira da saita bayanan DNS a cikin Manajan DNS

Tambaye mu game da VPS

A ko da yaushe a shirye muke mu amsa tambayoyinku a kowane lokaci dare ko rana.
ProfitServer
@profitserver
Shiga channel