9. Recording the Result (记录结果)

9. Recording the Result (记录结果)

本节描述了如何在邮件消息中记录 SPF 检查的结果。有两种方法可以记录结果: 使用 Received-SPF 标头字段或使用 Authentication-Results 标头字段。

9.1 The Received-SPF Header Field (Received-SPF 标头字段)

接收方 MTA 可以记录 SPF 检查的结果, 方法是在邮件中添加 Received-SPF 标头字段。该标头字段应该添加在所有其他 Received-SPF 标头字段之前（即在消息标头的顶部附近）。

Received-SPF 标头字段的格式如下:

Received-SPF = "Received-SPF:" [CFWS] result [CFWS]
               [comment] [CFWS] ";" [CFWS]
               [ key-value-list ] CRLF

result = "Pass" / "Fail" / "SoftFail" / "Neutral" /
         "None" / "TempError" / "PermError"

key-value-list = key-value-pair *( [CFWS] ";" [CFWS] key-value-pair )

key-value-pair = key [CFWS] "=" [CFWS] value

key = "client-ip" / "envelope-from" / "helo" / "problem" /
      "receiver" / "identity" / "mechanism" / token

value = dot-atom / quoted-string / addr-spec / msg-id / 
        domain / macro-string

token = 1*( ALPHA / DIGIT / "-" / "_" / "." )

关键值对说明：

• client-ip: 客户端的 IP 地址
• envelope-from: MAIL FROM 地址
• helo: HELO/EHLO 标识
• receiver: 接收 MTA 的主机名
• identity: 检查的标识（"mailfrom" 或 "helo"）
• mechanism: 匹配的机制
• problem: 错误描述（如果有）

示例：

Received-SPF: pass (example.com: domain of [email protected]
    designates 192.0.2.1 as permitted sender)
    client-ip=192.0.2.1; [email protected];
    helo=mail.example.com;

9.2 SPF Results in the Authentication-Results Header Field

SPF 检查的结果也可以使用 Authentication-Results 标头字段记录, 如 [RFC8601] 中所定义。该标头字段允许多个认证方法的结果被记录在单个标头字段中。

示例：

Authentication-Results: example.com;
    spf=pass [email protected]

Authentication-Results 标头字段提供了一种标准化的方式来记录各种认证方法（包括 SPF, DKIM, 和 DMARC）的结果。