SPF / DKIM / DMARC 与 AWS SES dns 设置
[英]SPF / DKIM / DMARC with AWS SES dns setup
问题描述
I've been trying to figure out how to set up DNS for the domain that we use to distribute emails via AWS SES API.
我一直在试图弄清楚如何为我们用来通过 AWS SES API 分发电子邮件的域设置 DNS。
Taking domain like example.com I have verified DKIM by using 3 generated CNAME records.以域为例example.com我已经使用 3 个生成的 CNAME 记录验证了 DKIM。 I then enabled MAIL FROM Doman , where I was only able to generate subdomain mail.example.com with the following records:然后我启用MAIL FROM Doman ,我只能生成子域mail.example.com并具有以下记录:
MX
name: mail
value: 10 feedback-smtp.eu-west-2.amazonses.com.
TXT
name: mail
value: "v=spf1 include:amazonses.com ~all"
I also have a TXT record for DMARK as:我也有DMARK的TXT记录:
name: _dmark
value: "v=DMARC1; p=quarantine; fo=1; pct=25; rua=mailto:dmarcreports@example.com ruf=mailto:dmarcreports@example.com"
For sender email address I use mail@example.com which uses all the same verification.对于发件人 email 地址,我使用mail@example.com ,它使用所有相同的验证。
My DMARC policy specifies relaxed alignment for DKIM as the From header uses email address with plain domain mail@example.com while MAIL FROM subdomain mail.example.com My DMARC policy specifies relaxed alignment for DKIM as the From header uses email address with plain domain mail@example.com while MAIL FROM subdomain mail.example.com
All emails at the moment bounce back and I'm not entirely sure why.目前所有的电子邮件都会反弹,我不完全确定为什么。 Also - when previewing the bounced message - From shows as From: MAILER-DAEMON@eu-west-2.amazonses.com rather than verified sub-domain mail.example.com - not entirely sure how long does it take for changes to take effect, but everything has been verified a couple of hours ago and it's still failing.此外 - 在预览退回的邮件时 - 来自显示为From: MAILER-DAEMON@eu-west-2.amazonses.com MAILER-DAEMON@eu-west-2.amazonses.com 而不是经过验证的子域mail.example.com - 不完全确定更改需要多长时间效果,但一切都在几个小时前得到验证,但仍然失败。
I have the sending email mail@example.com set up with Gsuite - so it also has a set of standard Gmail MX records.我使用mail@example.com设置了发送 email mail@example.com - 所以它还有一组标准的 Gmail MX 记录。
Question问题
Should I instead remove the SPF TXT record for mail.example.com and instead create one which will include subdomain as well as amazonses.com ?:我是否应该删除mail.example.com的 SPF TXT 记录,而是创建一个包含子域和amazonses.com的记录?
TXT
name:
value: "v=spf1 include:mail.example.com include:amazonses.com ~all"
Anything else that could be done to make it all work?还有什么可以让这一切正常工作的吗? I learn as I go with it so perhaps I miss something obvious, but any help would be much appreciated.我在 go 中学习它,所以也许我错过了一些明显的东西,但任何帮助将不胜感激。
1 个解决方案
解决方案1
0 2021-03-19 08:14:33
so actually I think this article can be helpful, but if you cannot find the answer you are looking for, guys from EasyDmarc provide cool support.所以实际上我认为这篇文章可能会有所帮助,但如果你找不到你正在寻找的答案,来自 EasyDmarc 的人会提供很酷的支持。 I had a case and couldn't find answer, they helped me to figure out.我有一个案例,找不到答案,他们帮我弄清楚。 So you can contact with them by support chat.因此,您可以通过支持聊天与他们联系。 https://easydmarc.com/blog/dmarc-step-by-step-guide/ https://easydmarc.com/blog/dmarc-step-by-step-guide/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.