Email 服务器之 SPF 记录

发布于

节选自《Netkiller Mail 手札》

6.1. Sender Policy Framework

6.1.1. 分析 SPF 记录

从主域开始查看 txt 记录

代码语言:javascript
复制
neo@netkiller:~$ nslookup -type=txt 163.com
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:

163.com	text = "v=spf1 include:spf.163.com -all"


Authoritative answers can be found from:

找到 spf.163.com 域名,再查看它的 txt 记录

代码语言:javascript
复制
neo@netkiller:~$ nslookup -type=txt spf.163.com

Server:		8.8.8.8

Address:	8.8.8.8#53


Non-authoritative answer:

spf.163.com	text = "v=spf1 include:a.spf.163.com include:b.spf.163.com include:c.spf.163.com include:d.spf.163.com -all"


Authoritative answers can be found from:

一次查看 a.spf.163.com ~ d.spf.163.com 几个域名

代码语言:javascript
复制
neo@netkiller:~$ nslookup -type=txt a.spf.163.com

Server:		8.8.8.8

Address:	8.8.8.8#53


Non-authoritative answer:

a.spf.163.com	text = "v=spf1 ip4:220.181.12.0/22 ip4:220.181.31.0/24 ip4:123.125.50.0/24 ip4:220.181.72.0/24 ip4:123.58.178.0/24 ip4:123.58.177.0/24 ip4:113.108.225.0/24 ip4:218.107.63.0/24 ip4:123.58.189.128/25 -all"


Authoritative answers can be found from:

这样就可以获得163.com所有邮件服务器的IP地址

下面我们使用 dig 演示此过程

代码语言:javascript
复制
			neo@netkiller:~$ dig -t txt google.com


; <<>> DiG 9.9.5-11ubuntu1.2-Ubuntu <<>> -t txt google.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55272

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1


;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 512

;; QUESTION SECTION:

;google.com.			IN	TXT


;; ANSWER SECTION:

google.com.		3599	IN	TXT	"v=spf1 include:_spf.google.com ~all"


;; Query time: 40 msec

;; SERVER: 8.8.8.8#53(8.8.8.8)

;; WHEN: Wed Feb 24 11:12:01 HKT 2016

;; MSG SIZE  rcvd: 87


neo@netkiller:~$ dig -t txt _spf.google.com


; <<>> DiG 9.9.5-11ubuntu1.2-Ubuntu <<>> -t txt _spf.google.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24347

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1


;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 512

;; QUESTION SECTION:

;_spf.google.com.		IN	TXT


;; ANSWER SECTION:

_spf.google.com.	299	IN	TXT	"v=spf1 include:_netblocks.google.com include:_netblocks2.google.com include:_netblocks3.google.com ~all"


;; Query time: 45 msec

;; SERVER: 8.8.8.8#53(8.8.8.8)

;; WHEN: Wed Feb 24 11:12:07 HKT 2016

;; MSG SIZE  rcvd: 160


neo@netkiller:~$ dig -t txt _netblocks.google.com


; <<>> DiG 9.9.5-11ubuntu1.2-Ubuntu <<>> -t txt _netblocks.google.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59355

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1


;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 512

;; QUESTION SECTION:

;_netblocks.google.com.		IN	TXT


;; ANSWER SECTION:

_netblocks.google.com.	3599	IN	TXT	"v=spf1 ip4:64.18.0.0/20 ip4:64.233.160.0/19 ip4:66.102.0.0/20 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:74.125.0.0/16 ip4:108.177.8.0/21 ip4:173.194.0.0/16 ip4:207.126.144.0/20 ip4:209.85.128.0/17 ip4:216.58.192.0/19 ip4:216.239.32.0/19 ~all"


;; Query time: 42 msec

;; SERVER: 8.8.8.8#53(8.8.8.8)

;; WHEN: Wed Feb 24 11:12:13 HKT 2016

;; MSG SIZE  rcvd: 304

#com#ip#policy#txt#域名