我收到了一封来自一家公司的电子邮件,看起来不错。Gmail 认为没问题。我检查了域和各种 DMARC、DKIM 和 SPF 标头:它们都处于“PASS”状态。发件人的 IP 似乎也在 SPF 记录声明的范围内。
但是,在通过电话联系该公司(出于顾忌)后,他们声称他们不是发送电子邮件的人。以下是检查的摘录(通过混淆真实公司):
...
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
...
ARC-Authentication-Results: i=2; mx.google.com;
dkim=pass header.i=@<company_domain> header.s=selector1 header.b=idsPd4vx;
arc=pass (i=1 spf=pass spfdomain=<company_domain> dkim=pass dkdomain=<company_domain> dmarc=pass fromdomain=<company_domain>);
spf=pass (google.com: domain of <company_mail_address> designates <ipv6> as permitted sender) smtp.mailfrom=<company_mail_address>;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=<company_domain>
...
Received-SPF: pass (google.com: domain of <company_mail_address> designates <ipv6> as permitted sender) client-ip=<ipv6_same_as_above>;
Authentication-Results: mx.google.com;
dkim=pass ...
arc=pass ...
spf=pass ...
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=<company_domain>
...
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=<company_domain>;
...
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
...
现在,我的问题是:上述所有检查都处于“PASS”状态,是否意味着该电子邮件实际上是从公司的邮件服务器发送的?这是否意味着他们的邮件服务器认为发件人客户端是有效的?