I-imeyili Marketing & Automation

Ukuqinisekisa Kanjani Ukuqinisekiswa Kwe-imeyili Yakho Kusethelwe Ngokufanelekile I-DKIM, DMARC, SPF & BIMI

Uma uthumela noma yimaphi amavolumu abalulekile wama-imeyili wokumaketha, kungenzeka ukuthi i-imeyili yakho ayihambi ngendlela eya ebhokisini lokungenayo uma ungakalungiseleli ukuqinisekiswa kwe-imeyili yakho. Sisebenza nezinkampani eziningi ezizisiza ngokufuduka kwama-imeyili, ukufudumala kwe-IP, nezinkinga zokulethwa. Izinkampani eziningi aziboni nokuthi zinenkinga; bacabanga ukuthi ababhalisile abazibandakanyi nama-imeyili abo.

I-Phishing

Impikiswano indaba ekhulayo yama-imeyili anonya nawomgunyathi, ikakhulukazi ukuphinga ama-imeyili. Ubugebengu bokweba imininingwane ebucayi kuwukuhlasela ku-inthanethi lapho abantu noma izinhlangano zizama ukukhohlisa abantu ukuze baveze ulwazi olubucayi, olufana namagama ayimfihlo noma imininingwane yekhadi lesikweletu, ngokuzenza amabhizinisi athembekile. Lokhu kwenziwa ngokuyinhloko nge-imeyili. Umhlaseli uzothumela i-imeyili ebonakala sengathi iphuma kumthombo osemthethweni, bese ikuletha ekhasini lokubikezela okholelwa ukuthi elokungena ngemvume noma elinye ikhasi lokuqinisekisa lapho isisulu sifaka khona imininingwane yakhe siqu.

Izinkinga Ezingabonakali Zokudiliva

Kunezinkinga ezintathu ezingabonakali ngokuthunyelwa kwe-imeyili amabhizinisi angazazi:

  1. Imvume - Abahlinzeki besevisi ye-imeyili (Ama-ESP) phatha izimvume zokungena... kodwa umhlinzeki wesevisi ye-inthanethi (I-ISP) iphethe isango lekheli le-imeyili okuyiwa kulo. Isistimu enamaphutha ngokwemvelo eye yanda amacebo okukhwabanisa afana nobugebengu bokweba imininingwane ebucayi. Ungenza yonke into ngendlela efanele njengebhizinisi ukuze uthole imvume namakheli e-imeyili, futhi i-ISP ayinawo umqondo futhi ingase ikuvimbele noma kunjalo. Ama-ISP acabanga ukuthi ungugaxekile noma uthumela ama-imeyili anonya… ngaphandle kwalapho ubonisa okuhlukile.
  2. Ukubekwa Kwebhokisi Lemilayezo Engenayo - Ama-ESP ahlala ekhuthaza amanani aphezulu okulethwa angumbhedo. I-imeyili eqondiswe ngqo kufolda kadoti futhi engakaze ibonwe obhalisele i-imeyili yakho ilethwa ngokobuchwepheshe. Ukuqapha ngempela ukubekwa kwebhokisi lakho lokungenayo, kufanele usebenzise a uhlu lwembewu futhi ubheke i-ISP ngayinye ukuze ubone ukuthi i-imeyili yakho ifike kubhokisi lokungenayo noma kufolda kadoti. Inkampani yami ingakunikeza lokhu kuhlola nawe.
  3. Idumela - Ama-ISP kanye nezinsizakalo zezinkampani zangaphandle nazo zigcina amaphuzu edumela lokuthumela ikheli le-IP le-imeyili yakho. Kukhona izinhlu zokuvinjelwa ezingase zisetshenziswe ama-ISP ukuze uvimbele wonke ama-imeyili akho, noma ungase ube nedumela elibi elingakwenza udluliselwe kufolda yodoti. Ungasebenzisa izinsiza eziningi ukuze ugade isithunzi sakho se-IP, kodwa ngingaba nethemba njengoba abaningi bengenakho ukuqonda nge-algorithm ye-ISP ngayinye.

Ukuqinisekiswa kwe-imeyili

Umkhuba ongcono kakhulu wokunciphisa noma yiziphi izinkinga zokubekwa kwebhokisi lokungenayo uwukuqinisekisa ukuthi usethe amarekhodi okuqinisekisa ama-imeyili ama-ISP angawasebenzisa ukuze abheke futhi aqinisekise ukuthi ama-imeyili owathumelayo athunyelwa nguwe ngempela hhayi othile ozenza inkampani yakho. Lokhu kwenziwa ngezindinganiso ezimbalwa:

  • Uhlaka lwenqubomgomo yabentwana (SPF) - izinga elidala kunawo wonke, yilapho ubhalisa khona irekhodi le-TXT ekubhaliseni kwesizinda sakho (DNS) esho ukuthi yiziphi izizinda noma IP amakheli othumela kuwo ama-imeyili enkampani yakho. Isibonelo, ngithumela ama-imeyili okuthi Martech Zone kusukela Indawo Yokusebenzela yakwaGoogle.
v=spf1 include:_spf.google.com ~all
  • DomainUkuqinisekiswa Komlayezo okusekelwe, Ukubika kanye Nokuhambisana (I-DMARC) - leli zinga elisha linokhiye obethelwe ongaqinisekisa kokubili isizinda sami kanye nomthumeli. Ukhiye ngamunye ukhiqizwa umthumeli wami, eqinisekisa ukuthi ama-imeyili athunyelwe umuntu othumela ogaxekile awakwazi ukonakala. Uma usebenzisa i-Google Workspace, nakhu indlela yokusetha i-DMARC.
  • Imeyili Ekhonjiwe Ye-DomainKeys (I-DKIM) - Ngokusebenza ngokuhambisana nerekhodi le-DMARC, leli rekhodi lazisa ama-ISP ukuthi ayiphathe kanjani imithetho yami ye-DMARC kanye ne-SPF nokuthi ithunyelwa kuphi imibiko yokulethwa. Ngifuna ama-ISP enqabe noma imiphi imilayezo engadluli i-DKIM noma i-SPF, futhi ngifuna ukuthi athumele imibiko kulelo kheli le-imeyili.
v=DMARC1; p=reject; rua=mailto:dmarc@martech.zone; aspf=s; fo=s;
  • Izinkomba Zomkhiqizo Zokuhlonza Umlayezo (I-BIMI) – okungeziwe okusha, i-BIMI ihlinzeka ngendlela yokuthi ama-ISP nezicelo zawo ze-imeyili abonise ilogo yomkhiqizo ngaphakathi kweklayenti le-imeyili. Kukhona kokubili izinga elivulekile kanye ne- indinganiso ebethelwe ye-Gmail, lapho udinga futhi isitifiketi somaka esiqinisekisiwe (I-VMC). Izitifiketi ziyabiza, ngakho-ke angikwenzi lokho okwamanje. Ama-VMC akhishwa iziphathimandla ezimbili ezamukelwayo zokuqinisekisa ukoma: Ukungena futhi DigiCert. Olunye ulwazi lungatholakala ku- Iqembu le-BIMI.
v=BIMI1; l=https://martech.zone/logo.svg;a=self;

Ungakuqinisekisa Kanjani Ukuqinisekiswa Kwe-imeyili Yakho

Yonke imithombo, ukudluliselwa, kanye nolwazi lokuqinisekisa oluhlotshaniswa nawo wonke ama-imeyili atholakala ngaphakathi kwezihloko zemiyalezo. Ukutolika lokhu kulula kakhulu uma unguchwepheshe wokulethwa, kodwa uma ungumfundi, kunzima ngendlela emangalisayo. Nakhu ukuthi isihloko somlayezo sibukeka kanjani ephephandabeni lethu; Ngikhiphe amanye ama-imeyili ezimpendulo nolwazi lomkhankaso:

Unhlokweni Womlayezo - DKIM ne-SPF

Uma ufunda konke, ungabona imithetho yami ye-DKIM, noma ngabe i-DMARC iyaphasa (ayiphasi) futhi i-SPF iyadlula… kodwa umsebenzi omningi lowo. Kukhona i-workaround engcono kakhulu, noma kunjalo, ongayisebenzisa DKIMValidator. I-DKIMValidator ikunikeza ikheli le-imeyili ongalingeza ohlwini lwakho lwezindaba noma ulithumele nge-imeyili yehhovisi lakho…

Okokuqala, iqinisekisa ukubethela kwami ​​​​kwe-DMARC kanye nesiginesha ye-DKIM ukuze ubone ukuthi iyadlula noma ayidluli (ayiphumeleli).

DKIM Information:
DKIM Signature

Message contains this DKIM Signature:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=circupressmail.com;
	s=cpmail; t=1643110423;
	bh=PTOH6xOB3+wFZnnY1pLaJgtpK9n/IkEAtaO/Xc4ruZs=;
	h=Date:To:From:Reply-to:Subject:List-Unsubscribe;
	b=HKytLVgsIfXxSHVIVurLQ9taKgs6hAf/s4+H3AjqE/SJpo+tamzS9AQVv3YOq1Nt/
	 o1mMOkAJN4HTt8JXDxobe6rJCia9bU1o7ygGEBY+dIIzAyURLBLo5RzyM+hI/X1BGc
	 jeA93dVXA+clBjIuHAM9t9LGxSri7B5ka/vNG3n8=


Signature Information:
v= Version:         1
a= Algorithm:       rsa-sha256
c= Method:          relaxed/relaxed
d= Domain:          circupressmail.com
s= Selector:        cpmail
q= Protocol:        
bh=                 PTOH6xOB3+wFZnnY1pLaJgtpK9n/IkEAtaO/Xc4ruZs=
h= Signed Headers:  Date:To:From:Reply-to:Subject:List-Unsubscribe
b= Data:            HKytLVgsIfXxSHVIVurLQ9taKgs6hAf/s4+H3AjqE/SJpo+tamzS9AQVv3YOq1Nt/
	 o1mMOkAJN4HTt8JXDxobe6rJCia9bU1o7ygGEBY+dIIzAyURLBLo5RzyM+hI/X1BGc
	 jeA93dVXA+clBjIuHAM9t9LGxSri7B5ka/vNG3n8=
Public Key DNS Lookup

Building DNS Query for cpmail._domainkey.circupressmail.com
Retrieved this publickey from DNS: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+D53OskK3EM/9R9TrX0l67Us4wBiErHungTAEu7DEQCz7YlWSDA+zrMGumErsBac70ObfdsCaMspmSco82MZmoXEf9kPmlNiqw99Q6tknblJnY3mpUBxFkEX6l0O8/+1qZSM2d/VJ8nQvCDUNEs/hJEGyta/ps5655ElohkbiawIDAQAB
Validating Signature

result = fail
Details: body has been altered

Bese, ibheka irekhodi lami le-SPF ukubona ukuthi liyadlula (liyaphumelela):

SPF Information:
Using this information that I obtained from the headers

Helo Address = us1.circupressmail.com
From Address = info@martech.zone
From IP      = 74.207.235.122
SPF Record Lookup

Looking up TXT SPF record for martech.zone
Found the following namesevers for martech.zone: ns57.domaincontrol.com ns58.domaincontrol.com
Retrieved this SPF Record: zone updated 20210630 (TTL = 600)
using authoritative server (ns57.domaincontrol.com) directly for SPF Check
Result: pass (Mechanism 'include:circupressmail.com' matched)

Result code: pass
Local Explanation: martech.zone: Sender is authorized to use 'info@martech.zone' in 'mfrom' identity (mechanism 'include:circupressmail.com' matched)
spf_header = Received-SPF: pass (martech.zone: Sender is authorized to use 'info@martech.zone' in 'mfrom' identity (mechanism 'include:circupressmail.com' matched)) receiver=ip-172-31-60-105.ec2.internal; identity=mailfrom; envelope-from="info@martech.zone"; helo=us1.circupressmail.com; client-ip=74.207.235.122

Okokugcina, inginikeza ukuqonda ngomlayezo ngokwawo kanye nokuthi okuqukethwe kungase kuhlabe umkhosi yini kwamanye amathuluzi okuthola ugaxekile, ihlole ukuze ibone ukuthi ngisohlwini lwabavinjelwe, futhi ingitshele ukuthi kuyanconywa yini noma cha ukuthi ithunyelwe kufolda kadoti:

SpamAssassin Score: -4.787
Message is NOT marked as spam
Points breakdown: 
-5.0 RCVD_IN_DNSWL_HI       RBL: Sender listed at https://www.dnswl.org/,
                            high trust
                            [74.207.235.122 listed in list.dnswl.org]
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or
                            identical to background
 0.0 HTML_MESSAGE           BODY: HTML included in message
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not necessarily
                            valid
 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted
                            Colors in HTML
 0.1 DKIM_INVALID           DKIM or DK signature exists, but is not valid

Qiniseka ukuthi uhlola yonke i-ESP noma isevisi yemiyalezo yenkampani yangaphandle inkampani yakho ethumela kuyo i-imeyili ukuze uqiniseke ukuthi Ukuqinisekiswa Kwe-imeyili yakho kumiswe ngendlela efanele!

Izindlela Ezinhle Kakhulu Zokusebenzisa I-DMARC

Ukusebenzisa i-DMARC ngendlela efanele kubalulekile ekuvikelekeni kwe-imeyili nesithunzi somthumeli. Inqubomgomo oyikhethayo incike ezinhlosweni zakho zokuqinisekisa i-imeyili kanye nokulungela kwakho ukusingatha izinkinga ezingase zibe khona. Nakhu ukuhlukaniswa kwezinqubomgomo ezintathu:

  1. Lutho (p=none): Le nqubomgomo ngokuvamile isetshenziselwa ukuqapha nokuqoqa idatha ngaphandle kokuphazamisa ukulethwa kwama-imeyili akho. Ivumela abanikazi besizinda ukuthi babone ukuthi ubani othumela imeyili egameni lesizinda sabo. Yisiqalo esihle sokuqonda ukuthi i-imeyili yakho icutshungulwa kanjani nokuhlonza izinkinga ezingaba khona zokuqinisekisa ngaphandle kokufaka ukuthunyelwa kwe-imeyili okusemthethweni. Nakuba kungase kubonakale njengokuziba inqubomgomo, iyithuluzi elibalulekile lokuxilonga lokuqinisekisa ukuthi yonke into isethwe ngendlela efanele ngaphambi kokudlulela kuzinqubomgomo ezinemikhawulo eyengeziwe.
  2. Ukuvalelwa (p=quarantine): Le nqubomgomo iphakamisa ekutholeni amaseva e-imeyili ukuthi ama-imeyili ahluleka ukuhlolwa kwe-DMARC kufanele aphathwe ngokusolisayo. Ngokuvamile, lokhu kusho ukuzibeka kufolda yogaxekile kunokuzenqaba ngokuqondile. Kuyisisekelo esimaphakathi esinciphisa ubungozi bokwenqatshwa kwama-imeyili ngesikhathi esanikeza isivikelo kuma-imeyili omgunyathi. Kuyisinyathelo esilandelayo esihle ngemva kwalokho none uma usuqinisekise ukuthi ama-imeyili akho asemthethweni ayaphumelela ekuhlolweni kwe-DMARC.
  3. Yenqaba (p=nqaba): Lena inqubomgomo ephephe kakhulu, ebonisa ekwamukeleni iziphakeli ukuthi ama-imeyili ahluleka ukuhlolwa kwe-DMARC kufanele enqatshwe. Le nqubomgomo ivimbela ngempumelelo ukuhlaselwa kobugebengu bokweba imininingwane ebucayi futhi iqinisekisa ukuthi ama-imeyili aqinisekisiwe kuphela afinyelela kubamukeli. Nokho, kufanele isetshenziswe ngokucophelela ngemva kokuhlolwa okuphelele ngezinqubomgomo ezithi “akekho” futhi ngokunokwenzeka “nokuvalelwa yedwa” ukuze kugwenywe ukwenqaba ama-imeyili asemthethweni.

Imikhuba Engcono Kakhulu:

  • Qala nge p=lutho ukuqoqa idatha futhi uqinisekise ukuthi ama-imeyili akho asemthethweni agunyazwe ngokufanelekile.
  • Dlulela ku p=i-quarantine ukuze uqale ukuvikela isizinda sakho kuyilapho unciphisa ubungozi bokwenqatshwa kwama-imeyili asemthethweni.
  • Ekugcineni, shintshela kokuthi p=nqaba uma usuqiniseka ukuthi izinqubo zakho zokuthumela i-imeyili zithobelana ngokugcwele ne-DMARC, ukuze kukhuliswe ukuvikeleka ekukhwabaniseni i-imeyili.

Isinyathelo ngasinye kufanele sibandakanye ukuhlaziya imibiko ye-DMARC kanye nokulungisa izinqubo zokuthumela i-imeyili yakho njengoba kudingeka ukuze kuqinisekiswe ukuthi ama-imeyili asemthethweni agunyazwe ngendlela efanele.

SPF Record Builder I-SPF kanye ne-DKIM Validator Umhloli we-BIMI

Douglas Karr

Douglas Karr i-CMO ye VulaINSIGHTS kanye nomsunguli we Martech Zone. UDouglas usize inqwaba yeziqalo eziphumelelayo ze-MarTech, uye wasiza ekukhuthaleni okungaphezu kuka-$5 bil ekuthengeni nasekutshalweni kwe-Martech, futhi uyaqhubeka nokusiza izinkampani ekusebenziseni nasekuzenzeleni amasu azo okuthengisa nokumaketha. UDouglas uyingcweti yokuguqula idijithali eyaziwa emhlabeni wonke kanye nesikhulumi se-MarTech. UDouglas futhi ungumbhali oshicilelwe wencwadi kaDummie kanye nencwadi yobuholi bebhizinisi.

Izihloko ezihlobene Nalesi

Buyela emuva kunkinobho phezulu
Close

I-Adblock itholiwe

Martech Zone iyakwazi ukukunikeza lokhu okuqukethwe ngaphandle kwenkokhiso ngoba senza imali ngesayithi yethu ngemali engenayo yezikhangiso, izixhumanisi ezingaphansi, noxhaso. Singajabula uma ungasusa i-ad blocker yakho njengoba ubuka isayithi lethu.