V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
fuxkcsdn
V2EX  ›  Amazon Web Services

通过 AWS 的 SES 发送的垃圾邮件既然能设置成 @amazon.com 后缀的发件人... 这算是 BUG 吗??

  •  
  •   fuxkcsdn · 2016-08-26 10:40:15 +08:00 · 8421 次点击
    这是一个创建于 3013 天前的主题,其中的信息可能已经有所发展或是发生改变。

    http://i.imgur.com/7wvcFF8.png

    查看原始信息,回复人是 [email protected]

    Delivered-To: [email protected]
    Received: by 10.103.78.68 with SMTP id c65csp1119657vsb;
            Thu, 25 Aug 2016 13:22:11 -0700 (PDT)
    X-Received: by 10.55.81.68 with SMTP id f65mr11968345qkb.65.1472156531841;
            Thu, 25 Aug 2016 13:22:11 -0700 (PDT)
    Return-Path: <201608252022119d4c75a2d15b431480c1d54c8e60p0na@bounces.amazon.com>
    Received: from a13-23.smtp-out.amazonses.com (a13-23.smtp-out.amazonses.com. [54.240.13.23])
            by mx.google.com with ESMTPS id 63si11690663qkd.218.2016.08.25.13.22.11
            for <[email protected]>
            (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
            Thu, 25 Aug 2016 13:22:11 -0700 (PDT)
    Received-SPF: pass (google.com: domain of 201608252022119d4c75a2d15b431480c1d54c8e60p0na@bounces.amazon.com designates 54.240.13.23 as permitted sender) client-ip=54.240.13.23;
    Authentication-Results: mx.google.com;
           dkim=pass [email protected];
           dkim=pass [email protected];
           spf=pass (google.com: domain of 201608252022119d4c75a2d15b431480c1d54c8e60p0na@bounces.amazon.com designates 54.240.13.23 as permitted sender) smtp.mailfrom=201608252022119d4c75a2d15b431480c1d54c8e60p0na@bounces.amazon.com;
           dmarc=pass (p=QUARANTINE dis=NONE) header.from=amazon.com
    DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
    	s=eaxkvsyelrnxjh4cicqyjjmtjpetuwjx; d=amazon.com; t=1472156531;
    	h=From:Reply-To:To:Message-ID:Subject:MIME-Version:Content-Type:Date;
    	bh=xQZvU3XfE1KpatAeOuDxMmjPGqKMcrMQ34zdCejNf7o=;
    	b=ETT9XG/ve66j9uf5YpOwNt2qC0b5VgC/CC8zORKh0Mw0sxyLLAsZ7OQwjmmgcPkX
    	ZJSNxf0lfht8pe9CHBk4rU6wDV59Qd9P7sUnLOzYMwLApfAfGEODFKvODTo/N9y1HwP
    	LmCEVOnkRqGZj1RlupfcSoFFzF7dyxEQy4ErzICw=
    DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
    	s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1472156531;
    	h=From:Reply-To:To:Message-ID:Subject:MIME-Version:Content-Type:Date:Feedback-ID;
    	bh=xQZvU3XfE1KpatAeOuDxMmjPGqKMcrMQ34zdCejNf7o=;
    	b=IlkYqndT4pgDMHr5uELX8rTDGo3PcojWoJK7US/yTbZG2pZ3rHtyNToby4ChcD/M
    	z2IFB83oU+pW1P02wjMsqKff0yLEZ5eSDzdskuja8yuKLJMidclO0JVzyDPT62Zdppi
    	BsrX8L0Vq9RB8bX6BE7AEKJyfA38DhOdwvWb/rO0=
    From: Amazon Drive <[email protected]>
    Reply-To: [email protected]
    To: [email protected]
    Message-ID: <01000156c35dfaf0-3f804a10-d2a9-470f-a3e7-b24c1c846df6-000000@email.amazonses.com>
    Subject: =?UTF-8?B?5Zyo57q/55yL54mH77yB5L2g5oeC55qE?=
    MIME-Version: 1.0
    Content-Type: multipart/alternative; 
    	boundary="----=_Part_1072685_1108589026.1472156531432"
    X-AMAZON-MAIL-RELAY-TYPE: notification
    Bounces-to: 201608252022119d4c75a2d15b431480c1d54c8e60p0na@bounces.amazon.com
    X-AMAZON-METADATA: CA=C6HOLO2DQXDGG-RI=A2MGWP62MYS8IP
    X-Original-MessageID: <urn.rtn.msg.201608252022119d4c75a2d15b431480c1d54c8e60p0na@1472156531432.rtn-svc-na-1a-afa81be0.us-east-1.amazon.com>
    Date: Thu, 25 Aug 2016 20:22:11 +0000
    X-SES-Outgoing: 2016.08.25-54.240.13.23
    Feedback-ID: 1.us-east-1.ZHcGJK6s+x+i9lRHKog4RW3tECwWIf1xzTYCZyUaiec=:AmazonSES
    
    13 条回复    2016-08-26 11:47:36 +08:00
    fuxkcsdn
        1
    fuxkcsdn  
    OP
       2016-08-26 10:43:19 +08:00
    是因为使用 MD ,所以上面的连接不显示图片吗??
    @Livid
    Delbert
        2
    Delbert  
       2016-08-26 10:48:43 +08:00 via Android
    发件人地址本来就是可以随便改的啊。
    morethansean
        3
    morethansean  
       2016-08-26 10:49:27 +08:00
    月经贴 23333
    fuxkcsdn
        4
    fuxkcsdn  
    OP
       2016-08-26 10:54:10 +08:00
    @Delbert
    @morethansean
    关键是,他是通过 AWS SES 发送的!!!
    我用的第三方 EDM 服务都还要验证发件域,发件人地址只能是验证过的发件域
    AWS 这么大的公司连这都没审核??
    Perry
        5
    Perry  
       2016-08-26 10:56:47 +08:00
    AWS: 我就不,怎么着?
    apert
        6
    apert  
       2016-08-26 10:57:15 +08:00
    "既然" -> "竟然"
    hl
        7
    hl  
       2016-08-26 11:14:29 +08:00
    都说了是垃圾邮件了...
    GhostFlying
        8
    GhostFlying  
       2016-08-26 11:17:12 +08:00 via iPad
    实际上你也过不了收件方的检测吧,因为 spf 之类的不对
    fuxkcsdn
        9
    fuxkcsdn  
    OP
       2016-08-26 11:22:38 +08:00
    @GhostFlying
    实际上我的 gmail 就收到了啊
    ZE3kr
        10
    ZE3kr  
       2016-08-26 11:30:06 +08:00 via iPhone
    @Delbert SES 发件有反 spam 系统,只能从认证域名 /邮箱地址发

    为什么我的 SES 就不能这么发?
    dorentus
        11
    dorentus  
       2016-08-26 11:35:57 +08:00
    @fuxkcsdn 但是 Google 警告你了,这个本来是被识别为垃圾邮件的,只是因为你一个自定义的规则,才被放在收件箱里了。
    dorentus
        12
    dorentus  
       2016-08-26 11:38:25 +08:00
    不过这个看起来更像是 Amazon Drive 的分享邮件,也就是说确实是 amazon 发的……

    内容应该是用户填的,这个也确实应该算是 amazon 的问题吧
    Livid
        13
    Livid  
    MOD
       2016-08-26 11:47:36 +08:00 via Android
    @fuxkcsdn MD image syntax is:

    !()[]

    We do not auto convert imgur links in Markdown mode. You should try preview next time.
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   5579 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 331ms · UTC 08:20 · PVG 16:20 · LAX 00:20 · JFK 03:20
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.