早上好,我们正在利用一个第三方软件来发送由上述程序生成的外发合同,它是基于网络的,并利用自己的Mailer,而不是我们的pop3smtp服务器。它是基于网络的,利用它自己的Mailer而不是我们的pop3smtp服务器来发送这封邮件。虽然我的GMAIL通过了所有的SPF检查,但如果我发到微软服务器上,它就会立即进入垃圾箱。我怎样才能避免这种情况发生?我们有很多客户和供应商使用OutlookMicrosoft Exchange Services。他们没有在他们的域上设置DMARC或DKIM。没有SPF通过,没有失败,只有NONE状态...... 我有spf记录在我们的DNS设置与IP的发送,以及他们提供的_spf.a####.com - 所以任何类型的微软服务器立即仍然标志着欺骗的电子邮件。我让他们通过的唯一方法是通过安全和合规中心接受它作为欺骗,但我不想为我的每个员工做这个.......
微软头信息
3rd Party Sender - a####.comExchange Cloud Emails - kl@######inc.com ######inc.comOutside Exchange EmailOutside Company User - e.l#####[email protected]
######inc.com 60 IN TXT "v=spf1 include:spf.protection.outlook.com include:zcsend.net include:_spf.a####.com ip4:###.###.###.0/25 ip4:###.68.###.0/26 ip4:###.###.253.0/26 ip4:###.###.32.0/26 ip4:###.###.238.224/27 ~all"
交换头
X-EOPTenantAttributedMessage: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa:0
X-MS-Exchange-Organization-MessageDirectionality: Incoming
X-Forefront-Antispam-Report:
CIP:70.36.32.23;CTRY:US;LANG:en;SCL:0;SRV:;IPV:NLI;SFV:NSPM;H:d##23.a####.com;PTR:d##23.a####.com;CAT:NONE;SFTY:;SFS:;DIR:INB;SFP:;
X-MS-PublicTrafficType: Email
X-MS-Exchange-Organization-AuthSource:
######.eop-EUR01.prod.protection.outlook.com
X-MS-Exchange-Organization-AuthAs: Anonymous
X-MS-UserLastLogonTime: 5/13/2020 4:42:31 PM
X-MS-Office365-Filtering-Correlation-Id: 6fee5a11-6f92-4460-2e49-08d7f75ccfdf
X-MS-TrafficTypeDiagnostic: VE1EUR01HT206:
X-MS-Exchange-EOPDirect: true
X-Sender-IP: ##.##.##.23
X-SID-PRA: KL@######INC.COM
X-SID-Result: NONE
X-MS-Exchange-Organization-PCL: 2
X-Microsoft-Antispam: BCL:0;
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 May 2020 16:43:49.1037
(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 6fee5a11-6f92-4460-2e49-08d7f75ccfdf
X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg:
00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VE1EUR01HT206
X-MS-Exchange-Transport-EndToEndLatency: 00:00:01.4677680
X-MS-Exchange-Processed-By-BccFoldering: 15.20.3000.016
X-MS-Exchange-Organization-SCL: 6
X-Message-Info:
qoGN4b5S4yqbilezPnhatOC9U6skltNx3TD3J195AJDRLWaN47sSkcFVPDqFmJXjM32PXpyL2Vn3pzaxzNrhkoqbNPBzO4CtkI8NHfb4v07rh/mqh2YuVQ/tYy1A/VRD6qprQ1WDe0eGebAYMtjzsCacMYu6AgWynwzxH0LujGARbFE+Q8AgIzFNVu+NEbsQI/hWWJ9RRmVBPPOdZiSb3A==
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0xO0Q9MjtHRD0xO1NDTD02
X-Microsoft-Antispam-Mailbox-Delivery:
abwl:0;wl:0;pcwl:0;kl:0;iwl:0;dwl:0;dkl:0;rwl:0;ucf:0;jmr:0;ex:0;psp:0;auth:0;dest:J;OFR:SpamFilterAuthJ;ENG:(5062000282)(90000001)(90005001)(90010001)(90020001)(9000001)(9010001)(5061607266)(5061608174)(4900115)(58390011)(8390131)(8376100)(8395060)(98390011)(4920090)(6516100)(6394001)(4950130)(4990090)(9140004);RF:JunkEmail;
X-Microsoft-Antispam-Message-Info:
Gmail标题
Delivered-To: e.l#####[email protected]
Received: by 2002:ad4:418d:0:0:0:0:0 with SMTP id e13csp360462qvp;
Wed, 13 May 2020 06:51:07 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzK970WvVWszl6FMsAOgqxy6CL699y3tXG6OieV/bjVidHGdu9VYzmPeLhXXbW9QQ4O19np
X-Received: by 2002:a50:c014:: with SMTP id r20mr10205271edb.110.1589377867251;
Wed, 13 May 2020 06:51:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1589377867; cv=none;
d=google.com; s=arc-20160816;
b=uEeSL4BDn8F7X6+lOlkocObEwvIz++M+/UM10QV0GABVsRZgeJH2yRD/9I6FeDwooO
TwklHuISaoeBLg/WYaK+ZLGGllhsjC6vVv4D9UZCvELZkYoLET4QU8ZHlDqNKtRvolj5
4cQrQ3nWbjuesUkRYc2c399Q4OevmBLDJaIslb5/tWNGxYH+QEjfAvfsG+wzQPISswLS
JFhhjavyuK7o743ObUH3e5wdMlxemsXzoFbLqwC3nW2EKcD2w2sjGGhAt/Oc2UgXY8mA
dlR2fOS9qe+ICgQl2TPKYkZjMXClAGv95JSrQvl6QatDcdMaZe+fs6/i3gyTaFA3wV/U
rVyA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=date:subject:mime-version:message-id:errors-to:sender:reply-to:from
:to;
bh=caLvrRx6h8XU/K+DVGOOkDOBXH23fTHYz0z0T57a5+M=;
b=G/aYv5SXeNhk8bnrBHgFVU9gn2NF6MPnRlU9kX/8h9cX3/03I89HOWlY3kUK1zN2EL
bILeu/1M9fGiJlNk+9NlILjgVCzbl+HQXIyTP4fwLt9yuWm513Lxhg2yBr+gAFg9RiZz
TuHYZWyT2eNnzKTxy1o/IHUcB7jwLdPi3tt4vr407MMlg/DmEiAYV7/HfMz4TrUy9yQU
yhpGZv1WbcRTN/aSiakzJAdu1LvKn4BdFxRwJr0UDiKlO4xXLJyx8pdkj08qXrhPSmJh
CraHqPOMz9Ey8w2KrEHZ0+M0TbJof1QWao6ZWyqhcfIvcWuVcMdNfud5wIvt2kpPNN29
q++Q==
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: best guess record for domain of wwwrun@d##23.a#####.com designates ##.##.32.23 as permitted sender) smtp.mailfrom=wwwrun@d##23.a####.com
Return-Path: <wwwrun@d##23.a####.com>
Received: from d##23.a####.com (d##23.a####.com. [##.##.32.23])
by mx.google.com with ESMTPS id m17si10314011eds.398.2020.05.13.06.51.06
for <e.l#####[email protected]>
(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
Wed, 13 May 2020 06:51:07 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of wwwrun@d##23.a####.com designates ##.##.32.23 as permitted sender) client-ip=##.##.32.23;
Authentication-Results: mx.google.com;
spf=pass (google.com: best guess record for domain of wwwrun@d##23.a####.com designates ##.##.32.23 as permitted sender) smtp.mailfrom=wwwrun@d##23.a####.com
Received: by d##23.a####.com (Postfix, from userid 1003)
id 64E28660B74C0; Wed, 13 May 2020 09:51:05 -0400 (EDT)
To: e.l#####[email protected]
From: kl@######inc.com
Reply-To: kl@######inc.com
Sender: kl@######inc.com
X-Sender: kl@######inc.com
Errors-To: kl@######inc.com
Message-ID: <331199.1589377866@d##23.a####.com>
Mime-Version: 1.0
Subject: <BOGUS SUBJECT>
Content-Type: multipart/mixed; boundary="-"
Date: Wed, 13 May 2020 09:51:05 -0400 (EDT)
这是微软设计的,不是拒绝,而是标记为垃圾邮件。
如果发送服务器的DMARC策略是 p=拒绝,EOP将邮件标记为欺骗,而不是拒绝它。换句话说,对于入站电子邮件,Microsoft 365 对 p=reject 和 p=quarantine 的处理方式是一样的。管理员可以在反钓鱼策略中定义对分类为欺骗的邮件采取的行动。
Microsoft 365 之所以这样配置,是因为一些合法的电子邮件可能无法通过 DMARC。例如,如果一条消息被发送到一个邮件列表,然后将该消息转发到所有列表参与者,则该消息可能无法通过DMARC。如果Microsoft 365拒绝这些邮件,人们可能会失去合法的电子邮件,并且没有办法检索。相反,这些邮件仍然会无法通过DMARC,但它们会被标记为垃圾邮件,而不是拒绝。