{"id":8716,"date":"2020-08-28T12:02:19","date_gmt":"2020-08-28T09:02:19","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=8716"},"modified":"2020-08-28T12:02:19","modified_gmt":"2020-08-28T09:02:19","slug":"how-to-cure-dmarc","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/how-to-cure-dmarc\/8716\/","title":{"rendered":"DMARC nas\u0131l onar\u0131l\u0131r?"},"content":{"rendered":"<p>E-postan\u0131n tarihi boyunca insanlar, <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/36c3-fake-emails\/7644\/\" target=\"_blank\" rel=\"noopener\">al\u0131c\u0131lar\u0131 doland\u0131r\u0131c\u0131l\u0131k ama\u00e7l\u0131 (\u00e7o\u011funlukla kimlik av\u0131) e-postalardan korumak<\/a> i\u00e7in tasarlanm\u0131\u015f bir\u00e7ok teknoloji geli\u015ftirdiler. DomainKeys Identified Mail (DKIM) ve Sender Policy Framework (SPF) \u00f6nemli dezavantajlara sahipti, bu nedenle Domain-based Message Authentication Reporting and Conformance (DMARC) posta kimlik do\u011frulama mekanizmas\u0131, sahte alan adlar\u0131 \u00fczerinden g\u00f6nderilen e-postalar\u0131 tan\u0131mlamak i\u00e7in tasarland\u0131. Ancak DMARC\u2019nin ideal bir \u00e7\u00f6z\u00fcm olmaktan uzak oldu\u011fu da ortaya \u00e7\u0131kt\u0131. Bu nedenle, ara\u015ft\u0131rmac\u0131lar\u0131m\u0131z DMARC\u2019\u0131n dezavantajlar\u0131n\u0131 ortadan kald\u0131rmak i\u00e7in ek bir teknoloji geli\u015ftirdiler.<\/p>\n<h2>DMARC nas\u0131l \u00e7al\u0131\u015f\u0131r?<\/h2>\n<p>Ba\u015fkalar\u0131n\u0131n, \u00e7al\u0131\u015fanlar\u0131n\u0131n adlar\u0131n\u0131 kullanarak e-posta g\u00f6ndermesini engellemek isteyen bir \u015firket, DNS kaynak kayd\u0131nda DMARC\u2019i yap\u0131land\u0131rabilir. Asl\u0131nda bu, e-posta al\u0131c\u0131lar\u0131n\u0131n \u201cKimden:\u201d ba\u015fl\u0131\u011f\u0131ndaki alan ad\u0131n\u0131n DKIM ve SPF\u2019deki ile ayn\u0131 oldu\u011fundan emin olmalar\u0131na olanak tan\u0131r. Ayr\u0131ca bu kay\u0131t, e-posta sunucular\u0131n\u0131n do\u011frulamay\u0131 ge\u00e7emeyen iletilerle ilgili raporlar\u0131 g\u00f6nderdi\u011fi adresi g\u00f6sterir (\u00f6rne\u011fin, bir hata olu\u015ftu\u011funda veya bir g\u00f6ndericiyi taklit etme giri\u015fimi tespit edildi\u011finde).<\/p>\n<p>Ayn\u0131 kaynak kayd\u0131nda, denetimi ge\u00e7ememesi halinde iletiye ne olaca\u011f\u0131n\u0131 belirlemek i\u00e7in DMARC ilkesi de yap\u0131land\u0131rabilirsiniz. Bu t\u00fcr durumlar\u0131 kapsayan \u00fc\u00e7 DMARC ilkesi vard\u0131r.<\/p>\n<ul>\n<li>E-postay\u0131 Reddetmek en kat\u0131 ilkedir. DMARC kontrol\u00fcn\u00fc ge\u00e7meyen t\u00fcm e-postalar\u0131 engellemek i\u00e7in bunu se\u00e7in.<\/li>\n<li>Karantina ilkesi ile e-posta sa\u011flay\u0131c\u0131s\u0131n\u0131n ayarlar\u0131na ba\u011fl\u0131 olarak, e-posta ya istenmeyen posta klas\u00f6r\u00fcne d\u00fc\u015fer ya da gelen kutusunda \u015f\u00fcpheli olarak i\u015faretlenir.<\/li>\n<li>Hi\u00e7biri ilkesi, g\u00f6ndericiye bir rapor g\u00f6nderilse de, e-postan\u0131n al\u0131c\u0131n\u0131n gelen kutusuna normal \u015fekilde ula\u015fmas\u0131n\u0131 sa\u011flayan moddur.<\/li>\n<\/ul>\n<h2>DMARC\u2019nin dezavantajlar\u0131<\/h2>\n<p>Genel olarak, DMARC yeterlidir. Teknoloji, kimlik av\u0131n\u0131 \u00e7ok daha zor hale getiriyor. Ancak bir sorunu \u00e7\u00f6zerken, bu \u00e7\u00f6z\u00fcm bir di\u011fer soruna neden olur: Yanl\u0131\u015f pozitifler. Ge\u00e7erli e-postalar, iki durumda engellenebilir veya spam olarak i\u015faretlenebilir:<\/p>\n<ul>\n<li><strong>Y\u00f6nlendirilen mesajlar.<\/strong> Baz\u0131 e-posta sistemleri, iletilerin bir ka\u00e7 e-postan\u0131n gelen kutusundan y\u00f6nlendirilmesi veya ara posta a\u011flar\u0131 (merkez noktalar\u0131) aras\u0131nda yeniden y\u00f6nlendirilmesi halinde, y\u00f6nlendirilen iletilerin SPF ve DKIM imzalar\u0131n\u0131 bozar.<\/li>\n<li><strong>Yanl\u0131\u015f ayarlar<\/strong>. E-posta sunucusu y\u00f6neticilerinin, DKIM ve SPF\u2019yi yap\u0131land\u0131r\u0131rken hata yapmas\u0131 al\u0131\u015f\u0131lmad\u0131k bir durum de\u011fildir.<\/li>\n<\/ul>\n<p>\u0130\u015f e-postas\u0131 s\u00f6z konusu oldu\u011funda, hangi senaryonun daha k\u00f6t\u00fc oldu\u011funu s\u00f6ylemek zordur: Bir kimlik av\u0131 e-postas\u0131na izin vermek veya ge\u00e7erli bir e-postay\u0131 engellemek.<\/p>\n<h2>DMARC\u2019nin kusurlar\u0131n\u0131 gidermeye y\u00f6nelik yakla\u015f\u0131m\u0131m\u0131z<\/h2>\n<p>Bu teknolojinin tart\u0131\u015fmas\u0131z bir \u015fekilde faydal\u0131 oldu\u011funu d\u00fc\u015f\u00fcn\u00fcyoruz, bu nedenle yanl\u0131\u015f pozitifleri en aza indirgemek i\u00e7in sa\u011flad\u0131\u011f\u0131 faydalar\u0131 ortadan kald\u0131rmadan, makine \u00f6\u011frenimi teknolojisini do\u011frulama s\u00fcrecine dahil ederek DMARC\u2019\u0131 g\u00fc\u00e7lendirmeye karar verdik. Gelin bu takti\u011fe biraz daha yak\u0131ndan bakal\u0131m.<\/p>\n<p>Kullan\u0131c\u0131lar e-posta olu\u015ftururken, Microsoft Outlook gibi bir E-Posta Kullan\u0131c\u0131 Arabirimi (MUA) kullan\u0131rlar. MUA, iletiyi olu\u015fturmaktan ve daha fazla y\u00f6nlendirme i\u00e7in E-posta Aktar\u0131m Temsilcisi\u2019ne (MTA) g\u00f6ndermekten sorumludur. MUA, gerekli teknik ba\u015fl\u0131klar\u0131 ileti g\u00f6vdesine, konuya ve al\u0131c\u0131 adresine (kullan\u0131c\u0131 taraf\u0131ndan doldurulur) ekler.<\/p>\n<p>Sald\u0131rganlar, g\u00fcvenlik sistemlerini a\u015fmak i\u00e7in genellikle kendi MUA\u2019lar\u0131n\u0131 kullan\u0131r. \u00c7o\u011funlukla bunlar, belirli bir \u015fablona g\u00f6re iletileri olu\u015fturan ve dolduran kendilerinin yapt\u0131\u011f\u0131 e-posta motorlar\u0131d\u0131r. \u00d6rne\u011fin, e-posta iletileri ve i\u00e7erikleri i\u00e7in teknik ba\u015fl\u0131klar olu\u015ftururlar. Her MUA\u2019n\u0131n kendi \u201cel yaz\u0131s\u0131\u201d vard\u0131r.<\/p>\n<p>Gelen e-posta DMARC kontrol\u00fcn\u00fc ge\u00e7emezse, teknolojimiz devreye girer. Cihazdaki g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fcne ba\u011flanan bir bulut hizmeti \u00fczerinde \u00e7al\u0131\u015f\u0131r. Teknolojimiz bir sinir a\u011f\u0131 kullanarak \u00fcstbilgi dizisinin yan\u0131 s\u0131ra X-Mailer ve Message-ID ba\u015fl\u0131klar\u0131n\u0131n i\u00e7eri\u011finin ileri analizine ba\u015flar ve b\u00f6ylece \u00e7\u00f6z\u00fcm\u00fcm\u00fcz\u00fcn ge\u00e7erli bir e-postay\u0131 kimlik av\u0131ndan ay\u0131rmas\u0131na olanak tan\u0131r. Bu teknoloji, b\u00fcy\u00fck bir e-posta mesaj\u0131 ar\u015fivi \u00fczerinde e\u011fitildi (yakla\u015f\u0131k 140 milyon mesaj, bunlar\u0131n% 40\u2019\u0131 spam idi).<\/p>\n<p>DMARC teknolojisi ve makine \u00f6\u011freniminin birle\u015fimi, yanl\u0131\u015f pozitiflerin say\u0131s\u0131n\u0131 en aza indirirken kullan\u0131c\u0131n\u0131n kimlik av\u0131 sald\u0131r\u0131lar\u0131ndan korunmas\u0131na yard\u0131mc\u0131 olur. Antispam bile\u015fenine sahip \u00fcr\u00fcnlerimizin her birine bu teknolojiyi uygulad\u0131k:Kaspersky Security for Microsoft Exchange Server, Kaspersky Security for Linux Mail Server, Kaspersky Security for Mail Gateway (<a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">Kaspersky Total Security for Business<\/a> \u00fcr\u00fcn\u00fcn\u00fcn bir par\u00e7as\u0131 olan) ve <a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security\/microsoft-office-365-security?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder____kso365___\" target=\"_blank\" rel=\"noopener\">Kaspersky Security for Microsoft Office 365<\/a>.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-trial-leadgen\">\n","protected":false},"excerpt":{"rendered":"<p>DMARC mekanizmas\u0131n\u0131n dezavantajlar\u0131 vard\u0131r, ancak bunlar\u0131 ortadan kald\u0131racak bir teknoloji geli\u015ftirdik.<\/p>\n","protected":false},"author":2598,"featured_media":8717,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194],"tags":[2255,2254,1921,1074,2256,990],"class_list":{"0":"post-8716","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"tag-dkim","10":"tag-dmarc","11":"tag-e-posta","12":"tag-kimlik-avi","13":"tag-spf","14":"tag-teknolojiler"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/how-to-cure-dmarc\/8716\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/how-to-cure-dmarc\/21708\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/how-to-cure-dmarc\/17171\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/how-to-cure-dmarc\/23047\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/how-to-cure-dmarc\/21240\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/how-to-cure-dmarc\/19939\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/how-to-cure-dmarc\/23685\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/how-to-cure-dmarc\/22594\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/how-to-cure-dmarc\/28935\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/how-to-cure-dmarc\/36787\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/how-to-cure-dmarc\/15501\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/how-to-cure-dmarc\/13954\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/how-to-cure-dmarc\/24966\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/how-to-cure-dmarc\/11857\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/how-to-cure-dmarc\/29054\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/how-to-cure-dmarc\/25963\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/how-to-cure-dmarc\/22758\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/how-to-cure-dmarc\/27998\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/how-to-cure-dmarc\/27829\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/e-posta\/","name":"e-posta"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8716","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2598"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=8716"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8716\/revisions"}],"predecessor-version":[{"id":8718,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8716\/revisions\/8718"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/8717"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=8716"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=8716"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=8716"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}