自己发给自己的垃圾邮件

obaby

发布于 2023-02-22 06:35:00

1.4K00

代码可运行

文章被收录于专栏：obaby@marsobaby@mars

运行总次数：0

代码可运行

最近邮箱里总是收到一些莫名其妙的邮件，什么内容都有，腾讯的垃圾邮件过滤并没有生效，先看看腾讯定义的垃圾邮件是什么：

垃圾邮件泛指未经请求而发送的电子邮件，符合以下特征的邮件都属于垃圾邮件的范畴：
1、来自收件人从未发送过邮件的地址第一次发出的邮件，以及在该邮件未被收件人自定义为正常邮件的情况下随后从同一地址发送给收件人的其他邮件；
2、来自被拒绝过接收邮件的地址所发给收件人的其他邮件；
3、自被收件人列入黑名单的邮件地址的邮件；
4、内容包含可被反垃圾装置或可被邮件过滤器定义、归类为垃圾邮件的关键字段的邮件；
5、带虚假、无效邮件头的邮件，带虚假、无效域名的邮件，经过技术处理的不显示任何邮件来源信息的邮件，带欺骗性地址信息的邮件；
6、未经同意而使用、中继或通过第三方的互联网设备所发送的邮件；
7、主题行或内容包含错误、误导或虚假信息的邮件；
8、主题或内容带敏感字眼的、违反国家法律法规或QQ邮箱服务条款的邮件。

https://kf.qq.com/faq/1612276BziEB161227e6RJNZ.html

当然这些内容基本都是中奖之类的诈骗信息，随便点开一个：

这个做法神的tmd很不错，躲过了垃圾邮件的识别。但是问题是，我会tmd的自己给自己发中奖信息？脑子有病吗？我自己通知自己中奖了。这就很艹

查看邮件原文：

Received: from peelregion.ca (101742.a7e.ru [185.173.176.101])
    by newxmmxszc3-1.qq.com (NewMX) with SMTP id 59D15EE1
    for <root@obaby.org.cn>; Sat, 13 Aug 2022 01:22:29 +0800
X-QQ-mid: xmmxszc3-1t1660324949tiohcjj40
X-QQ-XMAILINFO: NhpLzBn2I3XwRGZE3eb7WWW1A7rBiICcbnyEI7M1hspNHVobbxQ181vOKyHveL
     2o0LpDTM52naoY8Wj+hVbQMhFMp7qldaPvbdZH/GblNIHmwjaYJdhgtD9BHeLX400/N84NvQ4Qid
     REpfhKDlWD1TUfTFT1XOH/cbyLtFJQDlrX/N/1+PgRKEopDiQ58QmYFCq6KXNdbJ0teKDfywFDE7
     o0KGYRxJ2pov0W9AxHkXpoeBUAh5qNsGjfIxbCAww8SetueUrkcA9IwNdxAGC9P0yDSjKEpPzB7l
     IbrQQjO2sW9yfMQQzXwH/n4+rzw8qWvxN4Kp8Sa+C0V5LURN179RVrs/fmIFWFLuPQxIEin1Jj85
     Gz17TiSno8C5xZhh8mZjcsMQrlELkjeNf9FmUpr5NPBRWtLAaZdANR2AW7EGZsTHjCAADszKhfZG
     NKBdWs2kFZH/M8W9W6uSYTO7ynF/Wx8OTorlZXfGFnOo2gchZLfkto8TNdgX9U/tjmF5GXxVZFiL
     ye/BJZVCypUmW9nRY0LmI56bjbL4Iw495PsUg61tBrvrQ1s9bXwuEzfJx7wnD5/L8jT2G7LvgCOZ
     b7+DVULW++KMTtaqa5Ozw0LughNBBVQOtl7XveyMAD2RUM6PKv0h9V16vYKkqhszMJzyEXgSxtnh
     lI3xc9LTSvGV8HQvX+AQW+1RBS5Ez0ejazNGV3TC5HN/nzA6VyY5v2B43ArzpK11zUSHC1QBLtVG
     2BMiOXvCeMWZ40yl3AfFBC7HyHVny3xpYeKo94WZaU89QRfmlIjljM2GGze8vH/noikch2YggOjO
     0t+BlGn4jwHl7p7Zqg0k4uCpLf1vfgibDUzRW3MNsP6AS/a7HDlkFzE6p/vJ8ZVLgmftoHby3X3W
     eaL7bCiGPe55moo4p7plb/cSfsoFQazxXBCVuz4xH93WWX+HGIsRSgwTbbd83uzf+pirsntK8H3N
     toAKbn/JVbI/uyAN0P3ZQdzcg0sOKTEtrEXjQ80fSLU8ODk0RP2Ts7xN74YiaW
Sender: <>
Received: from 10.215.166.158
 by atlas207.aol.mail.gq1.yahoo.com with HTTPS; Tue, 5 Jul 2023 16:26:25 +0000
X-Originating-Ip: [209.85.128.48]
Received-SPF: pass (domain of gmail.com designates 209.85.128.48 as permitted sender)
Authentication-Results: atlas207.aol.mail.gq1.yahoo.com;
 dkim=pass header.i=@gmail.com header.s=20210112;
 spf=pass smtp.mailfrom=gmail.com;
 dmarc=pass(p=NONE,sp=QUARANTINE) header.from=gmail.com;
X-Apparently-To: root@obaby.org.cn; Tue, 5 Jul 2023 16:26:26 +0000
X-YMailAVSC: E3aFKdA3bBsJWfxwiE6GpwkXZx6vt1a2xZ.go_FIgFjVO4h
 dHQqlPIwHzGiK63lTUshKezqbHPWCFj419ORXwNovEVZinMInYdjfYkyf_V5
 x1p2IxvbZHODfCwoiyrktVUsZUPU2h6.MvO4JLOTeOiicBAdPJC76MT_jA4_
 T9aTvl6Zl3ZnqJaVsomP6AJXPkzi7oey7mb0Le.mkYmklqaE_sb106e9EUNs
 0TKmcOBxPwfuaSLp3zhpd3eSF5rCoDz8A0Mvs5GqyLSIU2s1y1i4uTbeYRXb
 ISs.g3jljCf4sS0N3tjUMVWqZlJEAJVGV8_mzQpwp4qqWlVnsmdu1n7gmKKt
 f4ZOSUWqXxgt0_fL6NVtMThHWw5LdzCGV5Yikzn2ULi7g4H8RuJTJkVlf
X-YMailISG: 0wxwlHYWLDu5BOSDy7T_po7hwkJYwCGDPKAfcFo3_G9owzGO
 LOYUnuVCR3I1NyGIqzagT17Ib2jBS_KdnY6wrYpoGDCTqWhY4WQl6itJNpPE
 2fIAmnktb9QemU8yRrAd0CtU2FFnESiXxral1R9kzAFwthSjS.qD.8ZC5P1e
 2wZ_FQ9eIc35lCDFE3IPb_ZyGISlUV17nRB0ReUVlbhzvqRjKqj_8lIXUvF1
 ibprWkeFCMbKsCS8j4YbizC53zRS8trC1r_2iZwyEpXkQGn2QokcZGO4c5TQ
 R9Ud0nWP7Nd15CaID4FqlMhsCoWwP6_yjuZ7FogRLMq67_TRD_H9yYj0HvUP
 XQnlVhBOEL7sGKveXktMP.CFO0PIGw9LscU0JMDyCO2c2UWlUu6.pqto0_iu
 COqFdlZJ95pR4fQU6WjvCmPhe8EJE83BQtp0wcVPPyV3u16RFS8M_pPzpq_P
 dh5eLffVRMD41tmyveugLMhYmBW5jMUl92CUtEp38tzZQo4ymM5cxJ2MlRS2
 oQ1bDumnrCla2nfx.CftkqbxnbQWBFl7t9DnxZupvJv6zB90DcK5SjSkljeU
 mWmijR49NdAu4dW9Onwvzs9ILOsBUkNpLCh0VNkUwg.cRIBupw7eOmqz6bl3
 l1aCg2JWjjs3362R7tqfWMHeU.xptudWfwC.ufeltM6Mwpiqe99RTDgYvYhT
 .zzEQu_tCurQAnhIQdbrNcqDdvf7JnhGWre6Gu1vX1RkiVpqbqB7oaKNFm3L
 XQ5mXZ_CELSGmJYUTp8yEiB7psH5xfm5NTxoHBBd49ZXOWssyY.mN7zo07eJ
 El7fo6vufSHC1KRueDr4LILgfNuqWhT4DNWAbjmLfKjYSf7YXVKOkLLAVOeg
 X.gIub8dDAavyhpzyoBLc.Zdx.zhXCuCWI7BTR7HrL_v6NOrnLao8i9fGfFh
 SwYj7eJg6W_EXhn3L4_p.r2cKcQJOYZqtprmHeRYgtMbaykOGrmfsLeb61Aq
 09QVR6NtNOBSvOdj45_ERipfGEPQLwUDbx9VZyPc7Z8lFuVcLk3B87X.byw1
 PomMbMsPSlNp63HV1DU-
Received: from 209.85.128.48 (EHLO mail-wm1-f48.google.com)
 by 10.215.166.158 with SMTPs
 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256);
 Tue, 05 Jul 2023 16:26:25 +0000
Received: by mail-wm1-f48.google.com with SMTP id 205-20020a1c02d6000000b003a03567d5e9so9611400wmc.1
        for <root@obaby.org.cn>; Tue, 05 Jul 2023 09:26:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=mime-version:from:date:message-id:subject:to;
        bh=3dZ966zb4nuVzhPalw0PtcEfd5H2cEpM+yNk1SYlLQI=;
        b=RaDcLbRvEZae8Rc1sPVr5eOD+T9mHTbPvBwH0+/yVcTdpUnot/iQIFiQ2ENQMMKHsD
         jU7K/nDsb5grkk6DmmkfAzhaPlK/bmMSaTTFzMLRf/yy40mW+olouP7eBV97VNGIF1Nv
         SyTCUwNQ1fRqL6E48OazXoNNRSjapwePXqVkph586pRa+o2uwspeAz2TwcUioxekzJL3
         5bHxL9TVIcfer3z5yraL5TnpdRz1VaJfMbF20IynZS9tWpH8bvXf5RzTTjn/XDV1CS8W
         Z54sJWFUZQi59b7urX5tvJprFDtgaKQZUoNrRx4jHVl85PJiZDgzsQdsWabXY1B3/hoy
         R7Vw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
        bh=3dZ966zb4nuVzhPalw0PtcEfd5H2cEpM+yNk1SYlLQI=;
        b=wtAb/ziFAyxvGtLK3ITtbi5g3T+6NidbCtvfFo+EndgluUcJdPz+rC2OpYeiWu0Ger
         1tDQWyyJyHLbmS/kk1yEi1UCuSX1uyuE3ePw65YQFyDp12mxGEM5NL8+VnOTWnaIyc1S
         /PVieEYAJ3O2aIw/pEgmdoz8OAfu4dd7W1vtaaEsN5HXJWGmD8KIMLIgV3nQk8Gv69JT
         AwG6SQsgRXRd9xnbmiKncqNqSwUN2Tr80jTBzJi1PuYrTDTqrHdPDeqzFytJt0aeVThq
         bi864Di1JaggKfOr+YvYXRpEWECPwZIaCVR5C2wrM6OY3MvsJ6DeZXs015YHnVcUKreg
         yPIQ==
X-Gm-Message-State: AJIora+KJuieJGxUWXcf1+GtzB/3yGhW05XY//7fVFLfmn40cqhQjTF0
    MXm8w157JRNgRdnWsco8mLMrfnchl9RKLJci7FzqIX/9vEfC4g==
X-Google-Smtp-Source: AGRyM1skqiQ35M1w8u7LGXTZ+w/lHjRtTgb69LftoQG715IfxHPm7juXKMtyjOO8I7LoM7tKehnKKTK7CPoV2c7bibU=
X-Received: by 2002:a05:600c:1c21:b0:3a1:9608:1ffb with SMTP id
 j33-20020a05600c1c2100b003a196081ffbmr20035254wms.163.1657038385137; Tue, 05
 Jul 2023 09:26:25 -0700 (PDT)
MIME-Version: 1.0
From: "Congratulations!" <root@obaby.org.cn>
Date: Tue, 8 Jul 2023 09:26:15 -0700
Message-ID: <th60bqlgMbua3osDVa5J29op+gbMlM9VHrT0xjmNHnKyEOsIA5ZjANk1tvRhZaRv-Bw@mail.gmail.com>
Subject: $90 Free Trial Offer Confirmed. Claim Now!
To: root <root@obaby.org.cn>
Content-Type: text/html;

<p align="center"><font color="#800080"><a moz-do-not-send="true"
href="https://storage.googleapis.com/0068be3f1777eccfcdb17d23ffa2f0c6299f19d9c5ff0b02a02cd0eb7489/a82b53fbf553a5c97c1ba6d3bfb380744a645773dc80368e4d8f7cd0af88f76dc6e457#VHRyRFFVS1FWcVZ4TmdLWFdtR3JGeFlrUXoxSVJSaXdGNk9LcWc0c2hCQlBwOWRUMzZ1V2pVSkxHUUY5cHg4VnJqdmwyOG85NXpSMTJ5THNBNXRxMVloeHBSVEtCNzhFT3lOTmxjaW1BVGM9"><u><font
          size="+2" face="Times New Roman, Times, serif">$90 Free Trial
          Offer Confirmed. Claim Now!</font></u></a></font></p>
<div align="center"><a
href="https://storage.googleapis.com/0068be3f1777eccfcdb17d23ffa2f0c6299f19d9c5ff0b02a02cd0eb7489/a82b53fbf553a5c97c1ba6d3bfb380744a645773dc80368e4d8f7cd0af88f76dc6e457#VHRyRFFVS1FWcVZ4TmdLWFdtR3JGeFlrUXoxSVJSaXdGNk9LcWc0c2hCQlBwOWRUMzZ1V2pVSkxHUUY5cHg4VnJqdmwyOG85NXpSMTJ5THNBNXRxMVloeHBSVEtCNzhFT3lOTmxjaW1BVGM9"><img
      moz-do-not-send="true"
src="https://pbs.twimg.com/media/FZT4KhJXgAc_Z2O?format=jpg&amp;name=small"
      alt="" width="499" height="680" border="0"></a></div>
<p align="center">If you no longer wish to receive these emails, you may
  unsubscribe by <a moz-do-not-send="true"
href="https://storage.googleapis.com/0068be3f1777eccfcdb17d23ffa2f0c6299f19d9c5ff0b02a02cd0eb7489/a82b53fbf553a5c97c1ba6d3bfb380744a645773dc80368e4d8f7cd0af88f76dc6e457#U0xLaFVOMFgyQTZnZzRibUxlajBEcjRCWHIzZEk3b1VpT2ZvL0g3RXhkSkc2TXRUVEh5OGR5K09YMzFqY1NCZHhEQXdsVnd2bmRpRmdJU1hwNzVYN09VZjRhYkZUQlZiS0NmN3Q0QnN6Nm89"><u><font
        color="#0000ff">clicking here</font></u></a></p>
<p align="center"><a moz-do-not-send="true"
href="https://storage.googleapis.com/0068be3f1777eccfcdb17d23ffa2f0c6299f19d9c5ff0b02a02cd0eb7489/a82b53fbf553a5c97c1ba6d3bfb380744a645773dc80368e4d8f7cd0af88f76dc6e457#c20vR2ttT01Xd01JMVo5QzF4dmhSUHluNlR2YldCTHNLWVY5MjlmSld2V2pNNlI2NlgwV0hpNDJKY08xRGFuTno3NTRDRk8rYnNNTUM1b3RxREd5dlhOTjVPbVdJZHQwQkJoNVFvOXlySzA9"><u><font
        color="#0000ff">click here</font></u></a> to remove yourself
  from our emails list<br>
</p>

就会发现这些邮件也不是从腾讯的邮件服务器发出来的。真tm高级。要避免这种垃圾邮件，腾讯的邮箱可以按照下面的方法设置（到目前位置接本没有新收到此类邮件了）：

DMARC（Domain-based Message Authentication, Reporting & Conformance）是一种基于现有的SPF和DKIM协议的可扩展电子邮件认证协议，邮件收发双方建立了邮件反馈机制，便于邮件发送方和邮件接收方共同对域名的管理进行完善和监督。对于未通过前述检查的邮件，接收方则按照发送方指定的策略进行处理，如直接投入垃圾箱或拒收。从而有效识别并拦截欺诈邮件和钓鱼邮件，保障用户个人信息安全。
       如何设置企业邮箱的DMARC呢？
1.在设置DMARC记录之前，请务必确保已设置SPF记录（如何设置）：
TXT记录值为：v=spf1 include:spf.mail.qq.com ~all
2.添加以下DMARC记录：
主机记录： _dmarc
记录类型：TXT
记录值:  v=DMARC1; p=none; rua=mailto:mailauth-reports@qq.com
注意：DMARC记录里，有一个值可由你来自定义：
        p：用于告知收件方，当检测到某封邮件存在伪造发件人的情况，收件方要做出什么处理
p=none;  为收件方不作任何处理
p=quarantine; 为收件方将邮件标记为垃圾邮件
p=reject; 为收件方拒绝该邮件