V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
Recommended Services
Amazon Web Services
LeanCloud
New Relic
ClearDB
Raynor41
V2EX  ›  云计算

QQ 企业邮箱,使用过的朋友交流一下

  •  
  •   Raynor41 · 2014-07-07 13:28:55 +08:00 · 6483 次点击
    这是一个创建于 3779 天前的主题,其中的信息可能已经有所发展或是发生改变。
    我们自己搭建了一个小站,在用户注册的时候使用了邮件发送验证链接的功能。邮件服务器当然使用的就是QQ企业邮箱。然后大概在2周之前的样子,我们观察到一个特别奇怪的现象。就是通过465端口发送的邮件,里面的验证链接居然在发送的2s之后被一个机器人莫名其妙的访问了。

    于是我们展开一系列的查log活动,以下是被点击url的log记录。(以下是我们反复注册,但不点验证链接的结果)

    ["06/Jul/2014:02:39:13 +0800",404,"-","180.153.206.30 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-0239415-CST HTTP/1.1","-"]
    ["06/Jul/2014:02:39:13 +0800",404,"-","101.226.89.64 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-0239415-CST HTTP/1.1","-"]
    ["06/Jul/2014:02:39:13 +0800",301,"-","101.226.33.217 Shanghai","Mozilla/4.0","GET /verify/20140706-0239415-CST HTTP/1.1","-"]
    ["06/Jul/2014:02:39:13 +0800",404,"-","101.226.89.69 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-0239415-CST HTTP/1.1","-"]
    ["06/Jul/2014:02:39:14 +0800",200,"-","101.226.33.217 Shanghai","Mozilla/4.0","GET /verify/20140706-0239415-CST/ HTTP/1.1","-"]
    ["06/Jul/2014:02:42:10 +0800",301,"-","101.226.33.218 Shanghai","Mozilla/4.0","GET /verify/20140706-024210-CST HTTP/1.1","-"]
    ["06/Jul/2014:02:42:11 +0800",200,"-","101.226.33.218 Shanghai","Mozilla/4.0","GET /verify/20140706-024210-CST/ HTTP/1.1","-"]
    ["06/Jul/2014:02:42:11 +0800",404,"-","112.65.193.13 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-024210-CST HTTP/1.1","-"]
    ["06/Jul/2014:02:44:45 +0800",404,"-","101.226.51.230 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-024445-CST HTTP/1.1","-"]
    ["06/Jul/2014:02:44:45 +0800",301,"-","101.226.65.105 Shanghai","Mozilla/4.0","GET /verify/20140706-024445-CST HTTP/1.1","-"]
    ["06/Jul/2014:02:44:45 +0800",200,"-","101.226.65.105 Shanghai","Mozilla/4.0","GET /verify/20140706-024445-CST/ HTTP/1.1","-"]
    ["06/Jul/2014:02:45:03 +0800",404,"-","180.153.206.16 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-024503-CST HTTP/1.1","-"]
    ["06/Jul/2014:02:45:03 +0800",301,"-","101.226.51.228 Shanghai","Mozilla/4.0","GET /verify/20140706-024503-CST HTTP/1.1","-"]
    ["06/Jul/2014:02:45:04 +0800",200,"-","101.226.51.228 Shanghai","Mozilla/4.0","GET /verify/20140706-024503-CST/ HTTP/1.1","-"]
    ["06/Jul/2014:02:48:33 +0800",301,"-","101.226.89.116 Shanghai","Mozilla/4.0","GET /verify/20140706-024831-CST HTTP/1.1","-"]
    ["06/Jul/2014:02:48:33 +0800",404,"-","101.226.66.191 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-024831-CST HTTP/1.1","-"]
    ["06/Jul/2014:02:48:34 +0800",200,"-","101.226.89.116 Shanghai","Mozilla/4.0","GET /verify/20140706-024831-CST/ HTTP/1.1","-"]
    ["06/Jul/2014:02:59:19 +0800",404,"-","112.65.193.13 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-025919-CST HTTP/1.1","-"]
    ["06/Jul/2014:02:59:19 +0800",301,"-","180.153.201.64 Shanghai","Mozilla/4.0","GET /verify/20140706-025919-CST HTTP/1.1","-"]
    ["06/Jul/2014:02:59:19 +0800",200,"-","180.153.201.64 Shanghai","Mozilla/4.0","GET /verify/20140706-025919-CST/ HTTP/1.1","-"]
    ["06/Jul/2014:03:00:06 +0800",301,"-","101.226.33.223 Shanghai","Mozilla/4.0","GET /verify/20140706-030006-CST HTTP/1.1","-"]
    ["06/Jul/2014:03:00:06 +0800",404,"-","101.226.33.239 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-030006-CST HTTP/1.1","-"]
    ["06/Jul/2014:03:00:06 +0800",200,"-","101.226.33.223 Shanghai","Mozilla/4.0","GET /verify/20140706-030006-CST/ HTTP/1.1","-"]
    ["06/Jul/2014:03:05:46 +0800",404,"-","180.153.214.188 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-030546-CST HTTP/1.1","-"]
    ["06/Jul/2014:03:05:46 +0800",301,"-","180.153.163.189 Shanghai","Mozilla/4.0","GET /verify/20140706-030546-CST HTTP/1.1","-"]
    ["06/Jul/2014:03:05:46 +0800",200,"-","180.153.163.189 Shanghai","Mozilla/4.0","GET /verify/20140706-030546-CST/ HTTP/1.1","-"]
    ["06/Jul/2014:03:09:04 +0800",301,"-","180.153.163.186 Shanghai","Mozilla/4.0","GET /verify/20140706-030904-CST HTTP/1.1","-"]
    ["06/Jul/2014:03:09:05 +0800",404,"-","112.65.193.14 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-030904-CST HTTP/1.1","-"]
    ["06/Jul/2014:03:09:05 +0800",200,"-","180.153.163.186 Shanghai","Mozilla/4.0","GET /verify/20140706-030904-CST/ HTTP/1.1","-"]
    ["06/Jul/2014:03:09:08 +0800",301,"-","101.226.33.201 Shanghai","Mozilla/4.0","GET /verify/20140706-030908-CST HTTP/1.1","-"]
    ["06/Jul/2014:03:09:08 +0800",200,"-","101.226.33.201 Shanghai","Mozilla/4.0","GET /verify/20140706-030908-CST/ HTTP/1.1","-"]
    ["06/Jul/2014:03:09:09 +0800",404,"-","112.64.235.90 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-030908-CST HTTP/1.1","-"]
    ["06/Jul/2014:03:24:55 +0800",301,"-","101.226.89.123 Shanghai","Mozilla/4.0","GET /verify/20140706-032455-CST HTTP/1.1","-"]
    ["06/Jul/2014:03:24:55 +0800",200,"-","101.226.89.123 Shanghai","Mozilla/4.0","GET /verify/20140706-032455-CST/ HTTP/1.1","-"]
    ["06/Jul/2014:03:24:57 +0800",404,"-","101.226.33.227 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-032455-CST HTTP/1.1","-"]


    本来网站使用的人就不多,都是一些爱好者来注册玩的,所以之前一直没有注意这个问题。但是有朋友反映说需要验证的链接已经失效,于是我们才开始去查找原因。

    虽然现在这个问题通过在验证码里面加上ip信息来过滤了,但是作为邮件服务器如果存在某种反垃圾机制是需要扫描和访问链接的话,这样是不是合理的?

    不知道v2ex有多少朋友使用QQ企业邮箱,可以一起来交流一下。也很想知道大家的解决方案。

    PS:我们用桌面客户端软件发送的邮件,链接都会被点击,只要你的链接是新的,以前没有在邮件中出现过的。
    15 条回复    2014-07-28 17:46:48 +08:00
    bobopu
        1
    bobopu  
       2014-07-07 13:53:48 +08:00 via Android
    腾讯企业邮箱会把邮件内的链接自动加上他们的所谓安全检测链接再跳转,同时不忘在此时推广他们坑爹的安全管家。
    lanbing
        2
    lanbing  
       2014-07-07 13:54:43 +08:00
    从QQ企业邮箱发出的每个链接都会被扫描,一直都有这个问题。
    lanbing
        3
    lanbing  
       2014-07-07 13:57:32 +08:00
    180.153.206.32 - - [07/Jul/2014:13:50:19 +0800] "GET /2 HTTP/1.1" 301 284 "-" "Mozilla/4.0"
    Actrace
        4
    Actrace  
       2014-07-07 14:16:49 +08:00
    @lanbing 这跟那天我调试那个数据乱码问题碰到的UA一模一样...这个可能不是QQ干的...
    lanbing
        5
    lanbing  
       2014-07-07 14:17:58 +08:00
    @Actrace 必须是QQ企业邮箱干的。。。。
    Actrace
        6
    Actrace  
       2014-07-07 14:25:29 +08:00
    lanbing
        7
    lanbing  
       2014-07-07 14:27:31 +08:00   ❤️ 1
    @Actrace 我是故意用QQ邮箱去发了测试邮件才有的。。。
    Raynor41
        8
    Raynor41  
    OP
       2014-07-07 14:47:36 +08:00
    @lanbing
    @Actrace

    我们也做了大量实验,基本确定是QQ企业邮箱干的。
    kt1any
        9
    kt1any  
       2014-07-07 14:55:21 +08:00
    很早就有这个问题了,qq邮箱会对收到的自动爬一遍,以前有位仁兄写验证的链接点一次就失效,然后用户死活验证不成功……
    chenillen
        10
    chenillen  
       2014-07-07 15:10:46 +08:00
    原來是這個樣導致餓問題。太坑爹了
    abscon
        11
    abscon  
       2014-07-07 20:00:41 +08:00 via Android
    初夜权,哦不,是初阅权
    missdeer
        12
    missdeer  
       2014-07-07 22:56:52 +08:00 via iPhone
    哇擦这么坑爹啊,我还正准备用呢
    googlefans
        13
    googlefans  
       2014-07-08 11:01:01 +08:00
    很明显邮件被扫描了。。。 因为看到那些精准的垃圾广告邮件 就基本可以确定了。。
    mxi1
        14
    mxi1  
       2014-07-12 14:18:19 +08:00
    我正打算使用qq的企业邮箱呢~ 请问现在还有靠谱的免费(或者便宜的)企业邮箱托管服务么?😓
    jiequfengzi
        15
    jiequfengzi  
       2014-07-28 17:46:48 +08:00
    你可以一起腾讯的企业邮箱了,很垃圾
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   2664 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 25ms · UTC 10:00 · PVG 18:00 · LAX 02:00 · JFK 05:00
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.