QQ 企业邮箱,使用过的朋友交流一下

2014-07-07 13:28:55 +08:00
 Raynor41
我们自己搭建了一个小站,在用户注册的时候使用了邮件发送验证链接的功能。邮件服务器当然使用的就是QQ企业邮箱。然后大概在2周之前的样子,我们观察到一个特别奇怪的现象。就是通过465端口发送的邮件,里面的验证链接居然在发送的2s之后被一个机器人莫名其妙的访问了。

于是我们展开一系列的查log活动,以下是被点击url的log记录。(以下是我们反复注册,但不点验证链接的结果)

["06/Jul/2014:02:39:13 +0800",404,"-","180.153.206.30 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-0239415-CST HTTP/1.1","-"]
["06/Jul/2014:02:39:13 +0800",404,"-","101.226.89.64 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-0239415-CST HTTP/1.1","-"]
["06/Jul/2014:02:39:13 +0800",301,"-","101.226.33.217 Shanghai","Mozilla/4.0","GET /verify/20140706-0239415-CST HTTP/1.1","-"]
["06/Jul/2014:02:39:13 +0800",404,"-","101.226.89.69 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-0239415-CST HTTP/1.1","-"]
["06/Jul/2014:02:39:14 +0800",200,"-","101.226.33.217 Shanghai","Mozilla/4.0","GET /verify/20140706-0239415-CST/ HTTP/1.1","-"]
["06/Jul/2014:02:42:10 +0800",301,"-","101.226.33.218 Shanghai","Mozilla/4.0","GET /verify/20140706-024210-CST HTTP/1.1","-"]
["06/Jul/2014:02:42:11 +0800",200,"-","101.226.33.218 Shanghai","Mozilla/4.0","GET /verify/20140706-024210-CST/ HTTP/1.1","-"]
["06/Jul/2014:02:42:11 +0800",404,"-","112.65.193.13 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-024210-CST HTTP/1.1","-"]
["06/Jul/2014:02:44:45 +0800",404,"-","101.226.51.230 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-024445-CST HTTP/1.1","-"]
["06/Jul/2014:02:44:45 +0800",301,"-","101.226.65.105 Shanghai","Mozilla/4.0","GET /verify/20140706-024445-CST HTTP/1.1","-"]
["06/Jul/2014:02:44:45 +0800",200,"-","101.226.65.105 Shanghai","Mozilla/4.0","GET /verify/20140706-024445-CST/ HTTP/1.1","-"]
["06/Jul/2014:02:45:03 +0800",404,"-","180.153.206.16 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-024503-CST HTTP/1.1","-"]
["06/Jul/2014:02:45:03 +0800",301,"-","101.226.51.228 Shanghai","Mozilla/4.0","GET /verify/20140706-024503-CST HTTP/1.1","-"]
["06/Jul/2014:02:45:04 +0800",200,"-","101.226.51.228 Shanghai","Mozilla/4.0","GET /verify/20140706-024503-CST/ HTTP/1.1","-"]
["06/Jul/2014:02:48:33 +0800",301,"-","101.226.89.116 Shanghai","Mozilla/4.0","GET /verify/20140706-024831-CST HTTP/1.1","-"]
["06/Jul/2014:02:48:33 +0800",404,"-","101.226.66.191 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-024831-CST HTTP/1.1","-"]
["06/Jul/2014:02:48:34 +0800",200,"-","101.226.89.116 Shanghai","Mozilla/4.0","GET /verify/20140706-024831-CST/ HTTP/1.1","-"]
["06/Jul/2014:02:59:19 +0800",404,"-","112.65.193.13 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-025919-CST HTTP/1.1","-"]
["06/Jul/2014:02:59:19 +0800",301,"-","180.153.201.64 Shanghai","Mozilla/4.0","GET /verify/20140706-025919-CST HTTP/1.1","-"]
["06/Jul/2014:02:59:19 +0800",200,"-","180.153.201.64 Shanghai","Mozilla/4.0","GET /verify/20140706-025919-CST/ HTTP/1.1","-"]
["06/Jul/2014:03:00:06 +0800",301,"-","101.226.33.223 Shanghai","Mozilla/4.0","GET /verify/20140706-030006-CST HTTP/1.1","-"]
["06/Jul/2014:03:00:06 +0800",404,"-","101.226.33.239 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-030006-CST HTTP/1.1","-"]
["06/Jul/2014:03:00:06 +0800",200,"-","101.226.33.223 Shanghai","Mozilla/4.0","GET /verify/20140706-030006-CST/ HTTP/1.1","-"]
["06/Jul/2014:03:05:46 +0800",404,"-","180.153.214.188 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-030546-CST HTTP/1.1","-"]
["06/Jul/2014:03:05:46 +0800",301,"-","180.153.163.189 Shanghai","Mozilla/4.0","GET /verify/20140706-030546-CST HTTP/1.1","-"]
["06/Jul/2014:03:05:46 +0800",200,"-","180.153.163.189 Shanghai","Mozilla/4.0","GET /verify/20140706-030546-CST/ HTTP/1.1","-"]
["06/Jul/2014:03:09:04 +0800",301,"-","180.153.163.186 Shanghai","Mozilla/4.0","GET /verify/20140706-030904-CST HTTP/1.1","-"]
["06/Jul/2014:03:09:05 +0800",404,"-","112.65.193.14 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-030904-CST HTTP/1.1","-"]
["06/Jul/2014:03:09:05 +0800",200,"-","180.153.163.186 Shanghai","Mozilla/4.0","GET /verify/20140706-030904-CST/ HTTP/1.1","-"]
["06/Jul/2014:03:09:08 +0800",301,"-","101.226.33.201 Shanghai","Mozilla/4.0","GET /verify/20140706-030908-CST HTTP/1.1","-"]
["06/Jul/2014:03:09:08 +0800",200,"-","101.226.33.201 Shanghai","Mozilla/4.0","GET /verify/20140706-030908-CST/ HTTP/1.1","-"]
["06/Jul/2014:03:09:09 +0800",404,"-","112.64.235.90 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-030908-CST HTTP/1.1","-"]
["06/Jul/2014:03:24:55 +0800",301,"-","101.226.89.123 Shanghai","Mozilla/4.0","GET /verify/20140706-032455-CST HTTP/1.1","-"]
["06/Jul/2014:03:24:55 +0800",200,"-","101.226.89.123 Shanghai","Mozilla/4.0","GET /verify/20140706-032455-CST/ HTTP/1.1","-"]
["06/Jul/2014:03:24:57 +0800",404,"-","101.226.33.227 Shanghai","Mozilla/4.0","GET /message.html?code=20140706-032455-CST HTTP/1.1","-"]


本来网站使用的人就不多,都是一些爱好者来注册玩的,所以之前一直没有注意这个问题。但是有朋友反映说需要验证的链接已经失效,于是我们才开始去查找原因。

虽然现在这个问题通过在验证码里面加上ip信息来过滤了,但是作为邮件服务器如果存在某种反垃圾机制是需要扫描和访问链接的话,这样是不是合理的?

不知道v2ex有多少朋友使用QQ企业邮箱,可以一起来交流一下。也很想知道大家的解决方案。

PS:我们用桌面客户端软件发送的邮件,链接都会被点击,只要你的链接是新的,以前没有在邮件中出现过的。
6546 次点击
所在节点    云计算
15 条回复
bobopu
2014-07-07 13:53:48 +08:00
腾讯企业邮箱会把邮件内的链接自动加上他们的所谓安全检测链接再跳转,同时不忘在此时推广他们坑爹的安全管家。
lanbing
2014-07-07 13:54:43 +08:00
从QQ企业邮箱发出的每个链接都会被扫描,一直都有这个问题。
lanbing
2014-07-07 13:57:32 +08:00
180.153.206.32 - - [07/Jul/2014:13:50:19 +0800] "GET /2 HTTP/1.1" 301 284 "-" "Mozilla/4.0"
Actrace
2014-07-07 14:16:49 +08:00
@lanbing 这跟那天我调试那个数据乱码问题碰到的UA一模一样...这个可能不是QQ干的...
lanbing
2014-07-07 14:17:58 +08:00
@Actrace 必须是QQ企业邮箱干的。。。。
Actrace
2014-07-07 14:25:29 +08:00
lanbing
2014-07-07 14:27:31 +08:00
@Actrace 我是故意用QQ邮箱去发了测试邮件才有的。。。
Raynor41
2014-07-07 14:47:36 +08:00
@lanbing
@Actrace

我们也做了大量实验,基本确定是QQ企业邮箱干的。
kt1any
2014-07-07 14:55:21 +08:00
很早就有这个问题了,qq邮箱会对收到的自动爬一遍,以前有位仁兄写验证的链接点一次就失效,然后用户死活验证不成功……
chenillen
2014-07-07 15:10:46 +08:00
原來是這個樣導致餓問題。太坑爹了
abscon
2014-07-07 20:00:41 +08:00
初夜权,哦不,是初阅权
missdeer
2014-07-07 22:56:52 +08:00
哇擦这么坑爹啊,我还正准备用呢
googlefans
2014-07-08 11:01:01 +08:00
很明显邮件被扫描了。。。 因为看到那些精准的垃圾广告邮件 就基本可以确定了。。
mxi1
2014-07-12 14:18:19 +08:00
我正打算使用qq的企业邮箱呢~ 请问现在还有靠谱的免费(或者便宜的)企业邮箱托管服务么?😓
jiequfengzi
2014-07-28 17:46:48 +08:00
你可以一起腾讯的企业邮箱了,很垃圾

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/121344

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX