Eto alafaramo Imọlẹmọlẹ
Tita Awọn ile-iṣẹ data Ilana ilokulo
akọsori - boga
Ibi iwaju alabujutoibi iwaju alabujuto
Olupin fun esiisakosoSSLAlakoso ISPWindows VPSLainos VPSVPS fun VPN
Imọlẹmọlẹ Awọn ilana ti o rọrun lati ṣiṣẹ pẹlu iṣẹ olupin Profitserver
Main Imọlẹmọlẹ SPF, DKIM ati DMRC iṣeto ni

SPF, DKIM ati DMRC iṣeto ni

Itọsọna yii yoo fihan ọ ilana ti atunto SPF, DKIM и DMARC - awọn paati pataki mẹta lati mu ilọsiwaju fifiranṣẹ imeeli ṣiṣẹ.

Iṣeto ni deede ti SPF, DKIM и DMARC yoo mu igbẹkẹle ti awọn olupin meeli pọ si ati dinku iṣeeṣe ti awọn ifiweranṣẹ rẹ ti n wọle sinu àwúrúju.

  • SPF (Ilana Ilana Olufiranṣẹ) jẹ iwọn aabo ti a ṣe apẹrẹ lati ṣe idiwọ fun awọn miiran lati firanṣẹ awọn imeeli ni ipo rẹ. O pinnu iru awọn adirẹsi IP ti o gba ọ laaye lati firanṣẹ awọn imeeli ati eyiti kii ṣe.
  • DKIM (DomainKeys Identified Mail) jẹ ọna ìfàṣẹsí ifiranṣẹ. Nigbati imeeli kọọkan ba ti firanṣẹ, o ti fowo si pẹlu bọtini ikọkọ ati rii daju ni olupin meeli ti ngba (tabi olupese iṣẹ Intanẹẹti) pẹlu bọtini gbogbogbo DNS.
  • DMARC (Ijeri Ifiranṣẹ ti o da lori-ašẹ, Iroyin & Imudara) nlo SPF ati DKIM fun ijẹrisi meeli, idinku àwúrúju ati ikọlu ararẹ.
Atọka akoonu
Gbe sokẹ

Iṣeto SPF (Ilana Ilana Olufiranṣẹ)

1.1. Lati tunto SPF, igbasilẹ TXT gbọdọ wa ni afikun si awọn eto DNS ti agbegbe rẹ.

1.2. Eyi ni sintasi atẹle ti igbasilẹ SPF:

  • v=spf1: pinnu ẹya SPF ti o lo. Loni SPF1 nikan ni a lo.
  • ip4: [Your_Mail_Server_IP]: O tọkasi pe adiresi IP olupin imeeli rẹ gba laaye lati fi imeeli ranṣẹ ni ipo agbegbe rẹ.
  • a: O ṣe afihan pe ti agbegbe kan ba ni igbasilẹ A (adirẹsi IPv4) ni DNS, olupin ti o wa ni pato ninu igbasilẹ naa le fi imeeli ranṣẹ ni ipo agbegbe naa.
  • mx: Tọkasi pe ti agbegbe kan ba ni igbasilẹ MX (paṣipaarọ mail) ni DNS, olupin ti o wa ni pato ninu igbasilẹ yii le fi imeeli ranṣẹ ni ipo agbegbe naa.
  • ~ gbogbo: O tọka si pe awọn olupin nikan ni igbasilẹ SPF le fi imeeli ranṣẹ ni ipo agbegbe naa. Ti imeeli ba wa lati ọdọ olupin miiran, yoo jẹ samisi bi “baramu asọ” (~), eyiti o tumọ si pe o le gba, ṣugbọn samisi bi àwúrúju ṣee ṣe.

Papọ, awọn eroja wọnyi ṣe agbekalẹ SPF kan ti o dabi eyi:

Orukọ: [Your_Domain]

v=spf1 ip4:[Your_Mail_Server_IP] a mx ~all

Rọpo [Your_Mail_Server_IP] pẹlu adiresi IP olupin imeeli rẹ.

DKIM (DomainKeys Identified Mail) iṣeto ni

2.1. Akọkọ fi opendkim ati opendkim-tools sori ẹrọ. Ilana fifi sori ẹrọ da lori ẹrọ ṣiṣe:

Fun CentOS:

yum install opendkim -y

Fun Debian/Ubuntu:

apt install opendkim opendkim-tools -y

2.2. Nigbamii, bẹrẹ iṣẹ opendkim ki o mu ifilọlẹ rẹ ṣiṣẹ lakoko bata:

systemctl start opendkim
systemctl enable opendkim

2.3. Ṣẹda itọsọna kan fun ibi ipamọ awọn bọtini:

mkdir -p /etc/opendkim/keys/yourdomain.com

2.4. Ṣe ina awọn bọtini ni lilo ohun elo opendkim-genkey:

opendkim-genkey --directory /etc/opendkim/keys/yourdomain.com/ --domain yourdomain.com --selector dkim

Maṣe gbagbe lati rọpo 'yourdomain.com' pẹlu orukọ ìkápá gidi rẹ.

2.5. Ṣeto awọn igbanilaaye ti o yẹ fun awọn bọtini:

chown -R opendkim:opendkim /etc/opendkim/keys/yourdomain.com

2.6. Bayi a nilo lati tunto opendkim. Ṣii faili /etc/opendkim.conf ki o fi awọn eto wọnyi kun:

AutoRestart Yes
AutoRestartRate 10/1h
Umask 002
Syslog Yes
SyslogSuccess Yes
LogWhy Yes
Canonicalization relaxed/simple
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
InternalHosts refile:/etc/opendkim/TrustedHosts
KeyTable refile:/etc/opendkim/KeyTable
SigningTable refile:/etc/opendkim/SigningTable
Mode sv
PidFile /var/run/opendkim/opendkim.pid
SignatureAlgorithm rsa-sha256
UserID opendkim:opendkim
Socket inet:8891@localhost

2.7. Ṣafikun-ašẹ rẹ si faili /etc/opendkim/TrustedHosts

127.0.0.1
localhost
*.yourdomain.com

2.8. Ṣatunkọ /etc/opendkim/KeyTable faili lati wo bi eleyi:

dkim._domainkey.yourdomain.com yourdomain.com:dkim:/etc/opendkim/keys/yourdomain.com/dkim.private

2.9. Yi faili /etc/opendkim/SigningTable pada. Lati le dabi eyi

*@yourdomain.com dkim._domainkey.yourdomain.com

2.10. Ti o ba lo Debian/Ubuntu, pato ibudo opendkim:

echo 'SOCKET="inet:8891@localhost"' >> /etc/default/opendkim

2.11. Tun iṣẹ opendkim bẹrẹ ni ibere fun awọn ayipada lati lo:

systemctl restart opendkim

2.12. Nikẹhin, ṣafikun bọtini gbogbo eniyan si awọn atunto DNS ti agbegbe rẹ. Awọn bọtini wa ni /etc/opendkim/keys/yourdomain.com/dkim.txt.

DMARC (Ijeri Ifiranṣẹ ti o da lori-ašẹ, Ijabọ & Iṣeduro) iṣeto ni

3.1. Lati tunto DMARC, ṣafikun igbasilẹ TXT kan si awọn eto agbegbe rẹ:

Name: _dmarc.[Your_Domain].
Значение: v=DMARC1; p=none; aspf=r; sp=none

Rọpo [Your_Domain] pẹlu orukọ agbegbe rẹ.

PTR (Pointer Gba) iṣeto ni

4.1. Igbasilẹ PTR, ti a tun mọ ni igbasilẹ DNS iyipada, ni a lo lati yi adiresi IP pada si orukọ ìkápá kan. Eyi ṣe pataki fun awọn olupin meeli nitori diẹ ninu awọn olupin le kọ awọn ifiranṣẹ laisi igbasilẹ PTR kan.

4.2. Igbasilẹ PTR nigbagbogbo ni tunto ni awọn eto ti olupese iṣẹ intanẹẹti tabi olupese alejo gbigba. Ti o ba ni iwọle si awọn eto wọnyi, o le ṣeto igbasilẹ PTR kan nipa sisọ adiresi IP olupin rẹ ati orukọ-ašẹ ti o baamu.

4.3. Ti o ko ba ni iwọle si awọn eto igbasilẹ PTR, kan si olupese iṣẹ intanẹẹti rẹ tabi olupese gbigbalejo pẹlu ibeere iṣeto igbasilẹ PTR kan.

4.4. Lẹhin fifi PTR sori ẹrọ, o le ṣayẹwo rẹ nipa lilo aṣẹ iwo ni Linux:

dig -x your_server_IP

Rọpo 'your_server_IP' pẹlu adiresi IP olupin rẹ. Idahun naa yẹ ki o pẹlu orukọ ìkápá rẹ.

Lẹhin ipari gbogbo awọn igbesẹ ti atunto SPF, DKIM ati DMARC, olupin meeli yoo kere pupọ lati samisi awọn ifiweranṣẹ rẹ bi àwúrúju – yoo ṣe ẹri pe awọn lẹta rẹ de ọdọ awọn olugba.

❮ Nkan ti o ti kọja SPF, DKIM ati DMRC iṣeto ni
Nkan ti o tẹle ❯ Bii o ṣe le ṣẹda ati ṣeto awọn igbasilẹ DNS ni Oluṣakoso DNS

Beere wa nipa VPS

A ni o wa nigbagbogbo setan lati dahun ibeere rẹ ni eyikeyi akoko ti ọjọ tabi oru.
ProfitServer
@profitserver
Darapọ mọ lori ikanni