{"id":4205,"date":"2026-01-05T16:20:12","date_gmt":"2026-01-05T13:20:12","guid":{"rendered":"https:\/\/www.dchost.com\/blog\/dmarc-raporlari-aggregate-ve-forensic-analiz-ile-pnonedan-prejecte-gecis\/"},"modified":"2026-01-05T16:20:12","modified_gmt":"2026-01-05T13:20:12","slug":"dmarc-raporlari-aggregate-ve-forensic-analiz-ile-pnonedan-prejecte-gecis","status":"publish","type":"post","link":"https:\/\/www.dchost.com\/blog\/dmarc-raporlari-aggregate-ve-forensic-analiz-ile-pnonedan-prejecte-gecis\/","title":{"rendered":"DMARC Raporlar\u0131: Aggregate ve Forensic Analiz ile p=none\u2019dan p=reject\u2019e Ge\u00e7i\u015f"},"content":{"rendered":"<div class=\"dchost-blog-content-wrapper\"><div id=\"toc_container\" class=\"toc_transparent no_bullets\"><p class=\"toc_title\">\u0130&ccedil;indekiler<\/p><ul class=\"toc_list\"><li><a href=\"#DMARC_raporlarini_gercekten_okumak_neden_bu_kadar_onemli\"><span class=\"toc_number toc_depth_1\">1<\/span> DMARC raporlar\u0131n\u0131 ger\u00e7ekten okumak neden bu kadar \u00f6nemli<\/a><\/li><li><a href=\"#Kisa_hatirlatma_DMARC_SPF_DKIM_ve_hizalama\"><span class=\"toc_number toc_depth_1\">2<\/span> K\u0131sa hat\u0131rlatma: DMARC, SPF, DKIM ve hizalama<\/a><\/li><li><a href=\"#DMARC_rapor_turleri_Aggregate_RUA_ve_Forensic_RUF\"><span class=\"toc_number toc_depth_1\">3<\/span> DMARC rapor t\u00fcrleri: Aggregate (RUA) ve Forensic (RUF)<\/a><\/li><li><a href=\"#Aggregate_RUA_DMARC_raporlarini_okumak\"><span class=\"toc_number toc_depth_1\">4<\/span> Aggregate (RUA) DMARC raporlar\u0131n\u0131 okumak<\/a><ul><li><a href=\"#Aggregate_rapor_yapisini_anlamak\"><span class=\"toc_number toc_depth_2\">4.1<\/span> Aggregate rapor yap\u0131s\u0131n\u0131 anlamak<\/a><\/li><li><a href=\"#Analize_pratik_bir_baslangic_Kaynak_envanteri_cikarma\"><span class=\"toc_number toc_depth_2\">4.2<\/span> Analize pratik bir ba\u015flang\u0131\u00e7: Kaynak envanteri \u00e7\u0131karma<\/a><\/li><li><a href=\"#SPF_ve_DKIM_hizalamasini_rapor_uzerinden_okumak\"><span class=\"toc_number toc_depth_2\">4.3<\/span> SPF ve DKIM hizalamas\u0131n\u0131 rapor \u00fczerinden okumak<\/a><\/li><li><a href=\"#Aggregate_raporlardan_aksiyon_listesi_cikarmak\"><span class=\"toc_number toc_depth_2\">4.4<\/span> Aggregate raporlardan aksiyon listesi \u00e7\u0131karmak<\/a><\/li><\/ul><\/li><li><a href=\"#Forensic_RUF_DMARC_raporlari_Ne_zaman_ve_nasil_kullanmali\"><span class=\"toc_number toc_depth_1\">5<\/span> Forensic (RUF) DMARC raporlar\u0131: Ne zaman ve nas\u0131l kullanmal\u0131<\/a><ul><li><a href=\"#Forensic_rapor_acarken_dikkat_edilmesi_gerekenler\"><span class=\"toc_number toc_depth_2\">5.1<\/span> Forensic rapor a\u00e7arken dikkat edilmesi gerekenler<\/a><\/li><\/ul><\/li><li><a href=\"#pnonedan_prejecte_gecis_icin_adim_adim_yol_haritasi\"><span class=\"toc_number toc_depth_1\">6<\/span> p=none\u2019dan p=reject\u2019e ge\u00e7i\u015f i\u00e7in ad\u0131m ad\u0131m yol haritas\u0131<\/a><ul><li><a href=\"#Asama_0_Altyapiyi_hazirlama\"><span class=\"toc_number toc_depth_2\">6.1<\/span> A\u015fama 0: Altyap\u0131y\u0131 haz\u0131rlama<\/a><\/li><li><a href=\"#Asama_1_pnone_ile_gorunurluk_donemi_en_az_24_hafta\"><span class=\"toc_number toc_depth_2\">6.2<\/span> A\u015fama 1: p=none ile g\u00f6r\u00fcn\u00fcrl\u00fck d\u00f6nemi (en az 2\u20134 hafta)<\/a><\/li><li><a href=\"#Asama_2_pquarantinee_ve_pct_parametresine_gecis\"><span class=\"toc_number toc_depth_2\">6.3<\/span> A\u015fama 2: p=quarantine\u2019e ve pct parametresine ge\u00e7i\u015f<\/a><\/li><li><a href=\"#Asama_3_prejecte_kademeli_gecis\"><span class=\"toc_number toc_depth_2\">6.4<\/span> A\u015fama 3: p=reject\u2019e kademeli ge\u00e7i\u015f<\/a><\/li><li><a href=\"#Yonlendirme_alias_ve_ucuncu_taraf_sistemler_icin_ozel_durumlar\"><span class=\"toc_number toc_depth_2\">6.5<\/span> Y\u00f6nlendirme, alias ve \u00fc\u00e7\u00fcnc\u00fc taraf sistemler i\u00e7in \u00f6zel durumlar<\/a><\/li><\/ul><\/li><li><a href=\"#Rapor_okurken_sik_gorulen_hatalar\"><span class=\"toc_number toc_depth_1\">7<\/span> Rapor okurken s\u0131k g\u00f6r\u00fclen hatalar<\/a><\/li><li><a href=\"#DCHost_altyapisinda_DMARC_verisini_kullanmaya_dair_ornek_senaryo\"><span class=\"toc_number toc_depth_1\">8<\/span> DCHost altyap\u0131s\u0131nda DMARC verisini kullanmaya dair \u00f6rnek senaryo<\/a><\/li><li><a href=\"#Sonuc_DMARC_raporlariyla_yasayan_bir_e-posta_guvenlik_kulturu_kurmak\"><span class=\"toc_number toc_depth_1\">9<\/span> Sonu\u00e7: DMARC raporlar\u0131yla ya\u015fayan bir e-posta g\u00fcvenlik k\u00fclt\u00fcr\u00fc kurmak<\/a><\/li><\/ul><\/div>\n<h2><span id=\"DMARC_raporlarini_gercekten_okumak_neden_bu_kadar_onemli\">DMARC raporlar\u0131n\u0131 ger\u00e7ekten okumak neden bu kadar \u00f6nemli<\/span><\/h2>\n<p>DMARC kayd\u0131n\u0131 DNS\u2019e ekleyip politikay\u0131 p=none b\u0131rakt\u0131ktan sonra \u00e7o\u011fu kurum ayn\u0131 yerde tak\u0131l\u0131yor: Posta kutular\u0131na her g\u00fcn onlarca, bazen y\u00fczlerce DMARC raporu d\u00fc\u015f\u00fcyor, ama kimse bu raporlar\u0131 sistematik bi\u00e7imde okumuyor. Sonu\u00e7 olarak da DMARC ayarlar\u0131 y\u0131llarca g\u00f6r\u00fcn\u00fcrl\u00fck modunda kal\u0131yor, sahtecilik ve kimlik av\u0131 riski azalm\u0131yor, e-posta itibar\u0131 ise tam potansiyeline ula\u015fam\u0131yor.<\/p>\n<p>Oysa DMARC raporlar\u0131; hangi IP\u2019lerden, hangi servislerden, hangi alan adlar\u0131 ad\u0131na e-posta g\u00f6nderildi\u011fini; SPF ve DKIM kay\u0131tlar\u0131n\u0131z\u0131n ger\u00e7ekten i\u015fe yaray\u0131p yaramad\u0131\u011f\u0131n\u0131 ve DMARC\u2019nin bu sonu\u00e7lar\u0131 nas\u0131l yorumlad\u0131\u011f\u0131n\u0131 g\u00fcnl\u00fck olarak \u00f6n\u00fcn\u00fcze serer. Yani do\u011fru okundu\u011funda, p=none\u2019dan p=reject\u2019e g\u00fcvenle ge\u00e7mek i\u00e7in ihtiyac\u0131n\u0131z olan t\u00fcm veriyi zaten elinize vermektedir.<\/p>\n<p>Bu yaz\u0131da DCHost ekibi olarak, DMARC aggregate (RUA) ve forensic (RUF) raporlar\u0131n\u0131 pratik bi\u00e7imde nas\u0131l okuyabilece\u011finizi; sahtecilik giri\u015fimlerini iyi niyetli ama yanl\u0131\u015f yap\u0131land\u0131r\u0131lm\u0131\u015f kaynaklardan nas\u0131l ay\u0131rabilece\u011finizi ve politikay\u0131 kademeli olarak p=reject seviyesine nas\u0131l ta\u015f\u0131yabilece\u011finizi ad\u0131m ad\u0131m anlataca\u011f\u0131z. Zaten SPF ve DKIM temellerini kurduysan\u0131z, DMARC rapor analizi ile bu altyap\u0131y\u0131 g\u00fcvenlik ve teslim edilebilirlik a\u00e7\u0131s\u0131ndan \u00fcst seviyeye \u00e7\u0131karabilirsiniz.<\/p>\n<h2><span id=\"Kisa_hatirlatma_DMARC_SPF_DKIM_ve_hizalama\">K\u0131sa hat\u0131rlatma: DMARC, SPF, DKIM ve hizalama<\/span><\/h2>\n<p>Detayl\u0131 DMARC rapor analizine girmeden \u00f6nce birka\u00e7 kavram\u0131 netle\u015ftirmek \u00f6nemli. SPF, hangi IP\u2019lerin alan ad\u0131n\u0131z ad\u0131na e-posta g\u00f6ndermeye yetkili oldu\u011funu; DKIM ise e-posta i\u00e7eri\u011finin sizden \u00e7\u0131kt\u0131ktan sonra de\u011fi\u015ftirilmedi\u011fini kriptografik imza ile kan\u0131tlar. DMARC ise bu iki mekanizman\u0131n sonu\u00e7lar\u0131n\u0131 birle\u015ftirip, al\u0131c\u0131 tarafa \u015fu soruyu yan\u0131tlar: Bu mesaj ger\u00e7ekten bu alan ad\u0131na m\u0131 ait, de\u011filse ne yapmal\u0131y\u0131m.<\/p>\n<p>DMARC taraf\u0131nda kritik kavram, hizalama (alignment). \u00d6zetle:<\/p>\n<ul>\n<li><strong>SPF hizalamas\u0131<\/strong>: MAIL FROM veya Return-Path alan\u0131ndaki alan ad\u0131, From ba\u015fl\u0131\u011f\u0131ndaki alan ad\u0131 ile ayn\u0131 k\u00f6kten geliyor mu<\/li>\n<li><strong>DKIM hizalamas\u0131<\/strong>: DKIM imzas\u0131ndaki d= alan ad\u0131, From ba\u015fl\u0131\u011f\u0131ndaki alan ad\u0131 ile ayn\u0131 k\u00f6kten geliyor mu<\/li>\n<\/ul>\n<p>DMARC kayd\u0131n\u0131zda p=none iken, al\u0131c\u0131lar mesaj\u0131 sadece raporlar; p=quarantine veya p=reject oldu\u011funda ise hizalama ba\u015far\u0131s\u0131zsa DMARC politikan\u0131za g\u00f6re spama atar ya da tamamen reddeder. E\u011fer SPF ve DKIM temellerini tazelemek isterseniz, daha \u00f6nce haz\u0131rlad\u0131\u011f\u0131m\u0131z <a href='https:\/\/www.dchost.com\/blog\/spf-dkim-ve-dmarc-nedir-ozel-alan-adi-ile-e-posta-dogrulamasini-cpanel-ve-vpste-sifirdan-kurmak\/'>SPF, DKIM ve DMARC nedir rehberine<\/a> g\u00f6z atman\u0131z faydal\u0131 olacakt\u0131r.<\/p>\n<h2><span id=\"DMARC_rapor_turleri_Aggregate_RUA_ve_Forensic_RUF\">DMARC rapor t\u00fcrleri: Aggregate (RUA) ve Forensic (RUF)<\/span><\/h2>\n<p>DMARC raporlar\u0131 iki ana t\u00fcre ayr\u0131l\u0131r:<\/p>\n<ul>\n<li><strong>Aggregate raporlar (RUA)<\/strong>: G\u00fcnl\u00fck \u00f6zet raporlard\u0131r. Genellikle XML format\u0131nda gelir ve belirli bir zaman aral\u0131\u011f\u0131nda alan ad\u0131n\u0131z ad\u0131na g\u00f6nderilen t\u00fcm e-postalar\u0131 IP, g\u00f6nderen servis, SPF\/DKIM sonu\u00e7lar\u0131 ve DMARC karar\u0131 baz\u0131nda \u00f6zetler.<\/li>\n<li><strong>Forensic raporlar (RUF)<\/strong>: Tekil mesaj bazl\u0131 hata raporlar\u0131d\u0131r. DMARC ba\u015far\u0131s\u0131z oldu\u011funda, ilgili mesaj\u0131n ba\u015fl\u0131klar\u0131n\u0131 ve bazen g\u00f6vde \u00f6zetini i\u00e7erir. Hata analizinde olduk\u00e7a detayl\u0131 bilgi verir, fakat hacim ve gizlilik nedeniyle dikkatli y\u00f6netilmesi gerekir.<\/li>\n<\/ul>\n<p>DMARC DNS kayd\u0131n\u0131zda bunlar\u0131 \u015fu etiketlerle tan\u0131mlars\u0131n\u0131z:<\/p>\n<ul>\n<li>rua=mailto:dmarc-rua@alanadiniz.com<\/li>\n<li>ruf=mailto:dmarc-ruf@alanadiniz.com<\/li>\n<\/ul>\n<p>Genellikle g\u00fcvenli bir ba\u015flang\u0131\u00e7 i\u00e7in \u00f6nce sadece RUA tan\u0131mlay\u0131p birka\u00e7 hafta sadece aggregate raporlar\u0131 toplamak, daha sonra gerekti\u011finde RUF raporlar\u0131n\u0131 a\u00e7mak en pratik yakla\u015f\u0131md\u0131r.<\/p>\n<h2><span id=\"Aggregate_RUA_DMARC_raporlarini_okumak\">Aggregate (RUA) DMARC raporlar\u0131n\u0131 okumak<\/span><\/h2>\n<p>Aggregate raporlar ilk bak\u0131\u015fta g\u00f6z korkutucu olabilir; \u00e7\u00fcnk\u00fc XML format\u0131nda ve genellikle ham haliyle okunmas\u0131 zor dosyalard\u0131r. \u00c7o\u011fu kurum bu nedenle onlar\u0131 do\u011frudan bir klas\u00f6re b\u0131rak\u0131p unutuyor. Ancak yap\u0131 asl\u0131nda olduk\u00e7a d\u00fczenlidir ve birka\u00e7 temel alan\u0131 tan\u0131d\u0131\u011f\u0131n\u0131zda tablo g\u00f6z\u00fcn\u00fczde netle\u015fir.<\/p>\n<h3><span id=\"Aggregate_rapor_yapisini_anlamak\">Aggregate rapor yap\u0131s\u0131n\u0131 anlamak<\/span><\/h3>\n<p>Tipik bir RUA raporunda \u015fu bloklar bulunur:<\/p>\n<ul>\n<li><strong>report_metadata<\/strong>: Raporu g\u00f6nderen sa\u011flay\u0131c\u0131, rapor id\u2019si ve kapsad\u0131\u011f\u0131 zaman aral\u0131\u011f\u0131<\/li>\n<li><strong>policy_published<\/strong>: Sizin DNS\u2019te yay\u0131nlad\u0131\u011f\u0131n\u0131z DMARC kayd\u0131n\u0131n o anki hali (p, sp, adkim, aspf, pct gibi alanlar)<\/li>\n<li><strong>record<\/strong>: As\u0131l faydal\u0131 k\u0131s\u0131m. Her record bir kaynak IP ya da kaynak sunucu grubu i\u00e7in \u00f6zet veriyi i\u00e7erir.<\/li>\n<\/ul>\n<p>Record i\u00e7indeki kritik alanlar ise \u015funlard\u0131r:<\/p>\n<ul>\n<li><strong>row.source_ip<\/strong>: Hangi IP\u2019den g\u00f6nderim yap\u0131ld\u0131\u011f\u0131<\/li>\n<li><strong>row.count<\/strong>: \u0130lgili IP\u2019den gelen ka\u00e7 mesaj oldu\u011fu<\/li>\n<li><strong>policy_evaluated.disposition<\/strong>: DMARC\u2019in bu mesajlar i\u00e7in verdi\u011fi karar (none, quarantine, reject)<\/li>\n<li><strong>policy_evaluated.dkim \/ spf<\/strong>: DKIM ve SPF sonu\u00e7lar\u0131 (pass veya fail)<\/li>\n<li><strong>identifiers.header_from<\/strong>: From ba\u015fl\u0131\u011f\u0131ndaki alan ad\u0131<\/li>\n<li><strong>auth_results.dkim \/ spf<\/strong>: Detayl\u0131 SPF ve DKIM sonu\u00e7lar\u0131<\/li>\n<\/ul>\n<p>Bu alanlar\u0131 tabloya d\u00f6kt\u00fc\u011f\u00fcn\u00fczde, alan ad\u0131n\u0131z ad\u0131na ger\u00e7ekte kimlerin e-posta g\u00f6nderdi\u011fini, hangi IP\u2019lerden \u00e7\u0131kt\u0131\u011f\u0131n\u0131 ve hangi mesajlar\u0131n DMARC a\u00e7\u0131s\u0131ndan sorunlu oldu\u011funu \u00e7ok net g\u00f6rebilirsiniz.<\/p>\n<h3><span id=\"Analize_pratik_bir_baslangic_Kaynak_envanteri_cikarma\">Analize pratik bir ba\u015flang\u0131\u00e7: Kaynak envanteri \u00e7\u0131karma<\/span><\/h3>\n<p>\u0130lk ad\u0131m, raporlardaki t\u00fcm benzersiz kaynak IP ve g\u00f6nderen servisleri gruplayarak bir <strong>ger\u00e7ek hayat g\u00f6nderen envanteri<\/strong> \u00e7\u0131karmakt\u0131r. \u00c7o\u011fu kurum bu a\u015famada \u015fu s\u00fcrprizlerle kar\u015f\u0131la\u015f\u0131yor:<\/p>\n<ul>\n<li>Eski bir pazarlama otomasyon arac\u0131n\u0131n h\u00e2l\u00e2 alan ad\u0131n\u0131z ad\u0131na e-posta atmas\u0131<\/li>\n<li>Geli\u015ftirici ekibin test ama\u00e7l\u0131 kurdu\u011fu ama unutulan SMTP servisleri<\/li>\n<li>Yanl\u0131\u015f yap\u0131land\u0131r\u0131lm\u0131\u015f bir CRM veya helpdesk yaz\u0131l\u0131m\u0131<\/li>\n<li>Fark\u0131nda olunmayan \u00fc\u00e7\u00fcnc\u00fc taraf sistem bildirimleri<\/li>\n<\/ul>\n<p>Bu envanteri ikiye ay\u0131r\u0131n:<\/p>\n<ul>\n<li><strong>Yetkili ve kal\u0131c\u0131 g\u00f6nderenler<\/strong>: Kurumsal posta sunucunuz, pazarlama platformlar\u0131n\u0131z, ERP\/CRM bildirimleri gibi<\/li>\n<li><strong>Yetkisiz veya gereksiz g\u00f6nderenler<\/strong>: Eski servisler, test ortamlar\u0131, sald\u0131r\u0131 ama\u00e7l\u0131 denemeler<\/li>\n<\/ul>\n<p>Yetkili g\u00f6nderenler i\u00e7in SPF ve DKIM hizalamas\u0131n\u0131 d\u00fczeltmek; yetkisiz g\u00f6nderenler i\u00e7in ise trafi\u011fi kesmek veya alan ad\u0131n\u0131z\u0131 kullanmalar\u0131n\u0131 \u00f6nleyecek ek \u00f6nlemler almak, p=reject\u2019e giden yolun temel ta\u015flar\u0131n\u0131 olu\u015fturur.<\/p>\n<h3><span id=\"SPF_ve_DKIM_hizalamasini_rapor_uzerinden_okumak\">SPF ve DKIM hizalamas\u0131n\u0131 rapor \u00fczerinden okumak<\/span><\/h3>\n<p>RUA raporlar\u0131nda SPF ve DKIM ile ilgili iki \u00f6nemli s\u00fctun grubu g\u00f6r\u00fcrs\u00fcn\u00fcz:<\/p>\n<ul>\n<li><strong>auth_results<\/strong> alt\u0131ndaki SPF\/DKIM sonucu: Teknik olarak SPF ve DKIM\u2019in ge\u00e7ip ge\u00e7medi\u011fini g\u00f6sterir.<\/li>\n<li><strong>policy_evaluated.spf \/ dkim<\/strong>: DMARC a\u00e7\u0131s\u0131ndan hizalaman\u0131n da ba\u015far\u0131yla sa\u011flan\u0131p sa\u011flanmad\u0131\u011f\u0131n\u0131 g\u00f6sterir.<\/li>\n<\/ul>\n<p>\u00d6rne\u011fin:<\/p>\n<ul>\n<li>auth_results.spf = pass, policy_evaluated.spf = fail ise, SPF teknik olarak ge\u00e7iyor ama alan ad\u0131 hizalamas\u0131 tutmuyor demektir.<\/li>\n<li>auth_results.dkim = pass, policy_evaluated.dkim = pass ise, hem DKIM imzas\u0131 hem de hizalama ba\u015far\u0131l\u0131 demektir.<\/li>\n<\/ul>\n<p>p=none a\u015famas\u0131nda hedefiniz, yetkili t\u00fcm g\u00f6nderenler i\u00e7in <strong>en az bir tanesinin<\/strong> (SPF veya DKIM) hem pass hem de aligned olmas\u0131n\u0131 sa\u011flamak. \u0130deal senaryo ise ikisinin de hizal\u0131 \u015fekilde ge\u00e7mesidir.<\/p>\n<h3><span id=\"Aggregate_raporlardan_aksiyon_listesi_cikarmak\">Aggregate raporlardan aksiyon listesi \u00e7\u0131karmak<\/span><\/h3>\n<p>Pratik bir y\u00f6ntem olarak, her bir RUA raporu d\u00f6nemini (\u00f6rne\u011fin haftal\u0131k) \u015fu sorularla taray\u0131n:<\/p>\n<ol>\n<li>Hangi IP\u2019ler alan ad\u0131m ad\u0131na en \u00e7ok e-posta g\u00f6nderiyor ve bunlar ger\u00e7ekten onayl\u0131 m\u0131<\/li>\n<li>Yetkili IP ve servisler i\u00e7in SPF ve DKIM hizalamas\u0131 tam olarak sa\u011flanm\u0131\u015f m\u0131<\/li>\n<li>DMARC a\u00e7\u0131s\u0131ndan s\u00fcrekli fail olan ama g\u00f6rece y\u00fcksek hacimli kaynaklar var m\u0131<\/li>\n<li>Yeni ortaya \u00e7\u0131kan, daha \u00f6nce hi\u00e7 g\u00f6rmedi\u011finiz IP\u2019ler veya servisler var m\u0131<\/li>\n<\/ol>\n<p>Bu analiz sonunda elinizde tipik olarak \u015f\u00f6yle bir liste olu\u015fur:<\/p>\n<ul>\n<li>SPF kayd\u0131na eklenmesi gereken yeni servisler<\/li>\n<li>DKIM anahtar\u0131 olu\u015fturulmas\u0131 ve DNS\u2019e eklenmesi gereken platformlar<\/li>\n<li>Kapat\u0131lmas\u0131 veya s\u0131n\u0131rland\u0131r\u0131lmas\u0131 gereken eski SMTP servisleri<\/li>\n<li>Muhtemel kimlik av\u0131 denemesi olan IP bloklar\u0131<\/li>\n<\/ul>\n<p>DCHost \u00fczerinde \u00e7al\u0131\u015fan kendi posta sunucunuzu veya <a href=\"https:\/\/www.dchost.com\/tr\/vps\">VPS<\/a>\u2019inizi kullan\u0131yorsan\u0131z, bu listeyi do\u011frudan g\u00fcvenlik ekibiniz ve sistem y\u00f6neticilerinizle payla\u015farak firewall kurallar\u0131, reverse DNS ve g\u00f6nderim politikalar\u0131n\u0131z\u0131 netle\u015ftirebilirsiniz. \u00d6rne\u011fin IP itibar\u0131 taraf\u0131n\u0131 g\u00fc\u00e7lendirmek i\u00e7in <a href='https:\/\/www.dchost.com\/blog\/dedicated-ip-isitma-ve-e-posta-itibari-yonetimi\/'>dedicated IP \u0131s\u0131tma ve e-posta itibar\u0131 y\u00f6netimi rehberimizdeki<\/a> ad\u0131mlar\u0131 DMARC verileri ile birle\u015ftirmek \u00e7ok etkili olur.<\/p>\n<h2><span id=\"Forensic_RUF_DMARC_raporlari_Ne_zaman_ve_nasil_kullanmali\">Forensic (RUF) DMARC raporlar\u0131: Ne zaman ve nas\u0131l kullanmal\u0131<\/span><\/h2>\n<p>Forensic raporlar, DMARC ba\u015far\u0131s\u0131z oldu\u011funda tek tek mesaj bazl\u0131 olarak g\u00f6nderilen detayl\u0131 raporlard\u0131r. Genellikle:<\/p>\n<ul>\n<li>Mesaj ba\u015fl\u0131klar\u0131n\u0131n tamam\u0131n\u0131<\/li>\n<li>Bazen g\u00f6vde \u00f6zetini veya s\u0131n\u0131rl\u0131 bir k\u0131sm\u0131n\u0131<\/li>\n<li>SPF, DKIM ve DMARC de\u011ferlendirme sonu\u00e7lar\u0131n\u0131<\/li>\n<\/ul>\n<p>i\u00e7erir. Bu sayede \u00f6zellikle:<\/p>\n<ul>\n<li>Ger\u00e7ek kimlik av\u0131 kampanyalar\u0131n\u0131<\/li>\n<li>Belirli bir kullan\u0131c\u0131y\u0131 hedef alan sald\u0131r\u0131lar\u0131<\/li>\n<li>Yanl\u0131\u015f yap\u0131land\u0131r\u0131lm\u0131\u015f ama \u00f6nemli bir sistemin \u00fcretti\u011fi hatal\u0131 trafi\u011fi<\/li>\n<\/ul>\n<p>\u00e7ok h\u0131zl\u0131 \u015fekilde te\u015fhis edebilirsiniz.<\/p>\n<h3><span id=\"Forensic_rapor_acarken_dikkat_edilmesi_gerekenler\">Forensic rapor a\u00e7arken dikkat edilmesi gerekenler<\/span><\/h3>\n<p>RUF raporlar\u0131 \u00e7ok de\u011ferli olmakla birlikte baz\u0131 riskler bar\u0131nd\u0131r\u0131r:<\/p>\n<ul>\n<li><strong>Gizlilik<\/strong>: Baz\u0131 sa\u011flay\u0131c\u0131lar mesaj g\u00f6vdesinin bir k\u0131sm\u0131n\u0131 da ekler. Bu nedenle RUF posta kutusunu sadece yetkili g\u00fcvenlik ve sistem ekiplerinin eri\u015febilece\u011fi \u015fekilde tasarlay\u0131n.<\/li>\n<li><strong>Hacim<\/strong>: \u00d6zellikle b\u00fcy\u00fck hacimli alan adlar\u0131nda, yanl\u0131\u015f yap\u0131land\u0131r\u0131lm\u0131\u015f bir sistem bir anda binlerce forensic rapor \u00fcretip gelen kutusunu doldurabilir.<\/li>\n<li><strong>Depolama<\/strong>: Mesaj ba\u015fl\u0131klar\u0131 zamanla ciddi disk alan\u0131 t\u00fcketebilir. Bu nedenle iyi bir ar\u015fiv ve rotasyon politikas\u0131 belirleyin.<\/li>\n<\/ul>\n<p>DCHost taraf\u0131nda, RUF raporlar\u0131n\u0131 ayr\u0131 bir posta kutusunda toplamak i\u00e7in ister payla\u015f\u0131ml\u0131 e-posta hosting, ister VPS \u00fczerinde kendi Postfix\/Dovecot kurulumunuzu kullanabilirsiniz. B\u00fcy\u00fck hacimli yap\u0131larda bu posta kutusunu ayr\u0131 bir disk havuzunda veya object storage \u00fczerinde ar\u015fivlemek, b\u00fcy\u00fcyen log hacmini y\u00f6netmeyi kolayla\u015ft\u0131r\u0131r.<\/p>\n<h2><span id=\"pnonedan_prejecte_gecis_icin_adim_adim_yol_haritasi\">p=none\u2019dan p=reject\u2019e ge\u00e7i\u015f i\u00e7in ad\u0131m ad\u0131m yol haritas\u0131<\/span><\/h2>\n<p>DMARC politikas\u0131n\u0131 do\u011frudan p=reject yapmak genellikle iyi bir fikir de\u011fildir; \u00e7\u00fcnk\u00fc yanl\u0131\u015f yap\u0131land\u0131r\u0131lm\u0131\u015f me\u015fru sistemlerin mail\u2019leri de bir anda reddedilebilir. Sa\u011fl\u0131kl\u0131 yakla\u015f\u0131m, DMARC raporlar\u0131n\u0131 kullanarak kademeli ve \u00f6l\u00e7\u00fclebilir bir ge\u00e7i\u015f plan\u0131 izlemektir.<\/p>\n<h3><span id=\"Asama_0_Altyapiyi_hazirlama\">A\u015fama 0: Altyap\u0131y\u0131 haz\u0131rlama<\/span><\/h3>\n<p>Ba\u015flang\u0131\u00e7ta \u015fu ad\u0131mlar\u0131n tamamlanm\u0131\u015f olmas\u0131 gerekir:<\/p>\n<ul>\n<li>SPF kayd\u0131 g\u00fcncel, 10 DNS lookup s\u0131n\u0131r\u0131 a\u015f\u0131lmayacak \u015fekilde tasarlanm\u0131\u015f<\/li>\n<li>Aktif t\u00fcm g\u00f6nderim servisleri i\u00e7in DKIM anahtarlar\u0131 \u00fcretilmi\u015f ve DNS\u2019e eklenmi\u015f<\/li>\n<li>Temel DMARC kayd\u0131 \u015fu tarzda yay\u0131nlanm\u0131\u015f: v=DMARC1; p=none; rua=mailto:dmarc-rua@alanadiniz.com;<\/li>\n<li>RUA posta kutusuna eri\u015fen teknik ekipler belirlenmi\u015f, raporlar\u0131n i\u015flenmesi i\u00e7in en az\u0131ndan temel bir otomasyon ya da inceleme rutini kurulmu\u015f<\/li>\n<\/ul>\n<p>SPF tasar\u0131m\u0131nda \u00e7oklu servis kullan\u0131yorsan\u0131z, lookup limitine tak\u0131lmamak i\u00e7in <a href='https:\/\/www.dchost.com\/blog\/gelismis-spf-yonetimi-10-dns-lookup-limitine-takilmadan-coklu-e-posta-servisi-kullanmak\/'>geli\u015fmi\u015f SPF y\u00f6netimi rehberindeki<\/a> prensipleri uygulaman\u0131z, DMARC s\u00fcrecini daha sorunsuz hale getirecektir.<\/p>\n<h3><span id=\"Asama_1_pnone_ile_gorunurluk_donemi_en_az_24_hafta\">A\u015fama 1: p=none ile g\u00f6r\u00fcn\u00fcrl\u00fck d\u00f6nemi (en az 2\u20134 hafta)<\/span><\/h3>\n<p>Bu a\u015famada ama\u00e7, hi\u00e7bir mesaj\u0131 fiilen etkilemeden <strong>t\u00fcm trafi\u011fi net bi\u00e7imde haritalamak<\/strong> ve hizalama sorunlar\u0131n\u0131 d\u00fczeltmektir. Yapman\u0131z gerekenler:<\/p>\n<ul>\n<li>RUA raporlar\u0131n\u0131 haftal\u0131k olarak inceleyip g\u00f6nderen envanterinizi netle\u015ftirmek<\/li>\n<li>Her yetkili g\u00f6nderici i\u00e7in en az bir mekanizman\u0131n (SPF veya DKIM) hizal\u0131 \u015fekilde pass oldu\u011funu do\u011frulamak<\/li>\n<li>DMARC taraf\u0131nda s\u00fcrekli fail olan kaynaklar\u0131 tespit edip ya yap\u0131land\u0131rmas\u0131n\u0131 d\u00fczeltmek ya da tamamen devre d\u0131\u015f\u0131 b\u0131rakmak<\/li>\n<\/ul>\n<p>Bu d\u00f6nemde raporlardan \u00e7\u0131kan sorunlar\u0131 \u00e7\u00f6zerken, teslim edilebilirlik taraf\u0131n\u0131 da g\u00f6zlemlemeniz faydal\u0131. \u00d6rne\u011fin, spam klas\u00f6r\u00fcne giden me\u015fru e-postalar i\u00e7in <a href='https:\/\/www.dchost.com\/blog\/e-postalar-neden-spam-klasorune-dusuyor-paylasimli-hosting-ve-vps-icin-teslim-edilebilirlik-kontrol-listesi\/'>teslim edilebilirlik kontrol listemizdeki<\/a> ad\u0131mlar\u0131 DMARC verileriyle birlikte de\u011ferlendirmek, sorunun DNS kaynakl\u0131 m\u0131, i\u00e7erik kaynakl\u0131 m\u0131 oldu\u011funu daha net ortaya koyar.<\/p>\n<h3><span id=\"Asama_2_pquarantinee_ve_pct_parametresine_gecis\">A\u015fama 2: p=quarantine\u2019e ve pct parametresine ge\u00e7i\u015f<\/span><\/h3>\n<p>G\u00f6r\u00fcn\u00fcrl\u00fck a\u015famas\u0131nda yeterince veri toplad\u0131ysan\u0131z ve yetkili t\u00fcm g\u00f6nderenlerde hizalamay\u0131 sa\u011flad\u0131ysan\u0131z, art\u0131k daha s\u0131k\u0131 bir politika uygulamaya ba\u015flayabilirsiniz. Pratik bir ara ad\u0131m:<\/p>\n<ul>\n<li>p=quarantine; pct=10 ile ba\u015flay\u0131n. Yani DMARC fail olan mesajlar\u0131n sadece y\u00fczde 10\u2019u karantinaya (spam klas\u00f6r\u00fcne) d\u00fc\u015fs\u00fcn.<\/li>\n<li>RUA ve gerekirse RUF raporlar\u0131n\u0131 birka\u00e7 g\u00fcn yak\u0131ndan takip edin. Beklemedi\u011finiz me\u015fru trafi\u011fin karantinaya girdi\u011fini g\u00f6r\u00fcrseniz ilgili sistemi d\u00fczeltin.<\/li>\n<li>Sorunlar\u0131 giderdik\u00e7e pct de\u011ferini kademeli olarak 25, 50, 75 ve sonunda 100\u2019e \u00e7\u0131kar\u0131n.<\/li>\n<\/ul>\n<p>Bu a\u015famada \u00f6zellikle iki nokta kritiktir:<\/p>\n<ul>\n<li><strong>Alt alan ad\u0131 politikas\u0131 (sp=)<\/strong>: Sadece ana alan ad\u0131n\u0131z i\u00e7in mi, t\u00fcm alt alan adlar\u0131 i\u00e7in mi s\u0131k\u0131 politika uygulayaca\u011f\u0131n\u0131z\u0131 netle\u015ftirin. \u00d6rne\u011fin sp=none ile alt alan adlar\u0131n\u0131 ge\u00e7ici olarak d\u0131\u015far\u0131da b\u0131rakabilirsiniz.<\/li>\n<li><strong>\u0130\u00e7 sistemler ve gateway\u2019ler<\/strong>: Baz\u0131 kurumlarda i\u00e7 SMTP relay sunucular\u0131 From alan\u0131n\u0131 yeniden yazar veya DKIM imzas\u0131n\u0131 bozar. Raporlarda bu t\u00fcr vakalar tespit ederseniz, gateway yap\u0131land\u0131rmas\u0131n\u0131 da DMARC uyumlu hale getirmeniz gerekir.<\/li>\n<\/ul>\n<h3><span id=\"Asama_3_prejecte_kademeli_gecis\">A\u015fama 3: p=reject\u2019e kademeli ge\u00e7i\u015f<\/span><\/h3>\n<p>Quarantine a\u015famas\u0131nda hem teslim edilebilirlik hem de rapor verisi a\u00e7\u0131s\u0131ndan tablo stabil hale geldiyse, art\u0131k hedef politikaya ge\u00e7ebilirsiniz. Yine pct parametresi ile kademeli ilerlemek en sa\u011fl\u0131kl\u0131s\u0131d\u0131r:<\/p>\n<ul>\n<li>\u00d6nce p=reject; pct=25 ile ba\u015flay\u0131n.<\/li>\n<li>RUA ve RUF raporlar\u0131n\u0131 en az 1\u20132 hafta yak\u0131ndan takip edin. \u00d6zellikle \u00f6nemli i\u015f s\u00fcre\u00e7lerine ait e-postalarda beklenmedik reddedilme var m\u0131 kontrol edin.<\/li>\n<li>Her \u015fey yolundaysa pct\u2019yi 50, sonra 75 ve sonunda 100\u2019e ta\u015f\u0131y\u0131n.<\/li>\n<\/ul>\n<p>Bu noktadan sonra DMARC, hizalamay\u0131 ge\u00e7emeyen mesajlar\u0131 al\u0131c\u0131lara \u015fu sinyali verir: Bu alan ad\u0131 ad\u0131na gelen bu mesajlar\u0131n reddedilmesini istiyorum. Bir\u00e7ok b\u00fcy\u00fck al\u0131c\u0131 bu talebe uydu\u011fundan, sahtecilik ve kimlik av\u0131 giri\u015fimlerinin \u00f6nemli bir k\u0131sm\u0131 daha sunucu a\u015famas\u0131nda elenir.<\/p>\n<h3><span id=\"Yonlendirme_alias_ve_ucuncu_taraf_sistemler_icin_ozel_durumlar\">Y\u00f6nlendirme, alias ve \u00fc\u00e7\u00fcnc\u00fc taraf sistemler i\u00e7in \u00f6zel durumlar<\/span><\/h3>\n<p>DMARC ge\u00e7i\u015finin en zorlu k\u0131s\u0131mlar\u0131ndan biri, <strong>e-posta y\u00f6nlendirme<\/strong> senaryolar\u0131d\u0131r. Bir\u00e7ok durumda:<\/p>\n<ul>\n<li>Kullan\u0131c\u0131lar\u0131n ki\u015fisel adreslerine tan\u0131ml\u0131 y\u00f6nlendirmeler<\/li>\n<li>Mailing list yaz\u0131l\u0131mlar\u0131<\/li>\n<li>Eski alias mekanizmalar\u0131<\/li>\n<\/ul>\n<p>SPF hizalamas\u0131n\u0131 bozar. \u00c7\u00fcnk\u00fc mesaj, orijinal sunucudan de\u011fil, aradaki y\u00f6nlendirme sunucusundan \u00e7\u0131km\u0131\u015f gibi g\u00f6r\u00fcn\u00fcr. Bu durumda DKIM hizalamas\u0131n\u0131 g\u00fc\u00e7lendirmek ve m\u00fcmk\u00fcnse ARC gibi mekanizmalar\u0131 destekleyen modern altyap\u0131lar\u0131 tercih etmek daha kritik hale gelir.<\/p>\n<p>Y\u00f6nlendirme kaynakl\u0131 SPF k\u0131r\u0131lmalar\u0131n\u0131 ve olas\u0131 \u00e7\u00f6z\u00fcmleri detayl\u0131 \u015fekilde anlatt\u0131\u011f\u0131m\u0131z <a href='https:\/\/www.dchost.com\/blog\/e-posta-yonlendirmede-spf-dmarc-neden-kiriliyor-srs-ve-arc-ile-nasil-tatli-tatli-onarirsin\/'>e-posta y\u00f6nlendirmede SPF ve DMARC neden k\u0131r\u0131l\u0131yor rehberine<\/a> mutlaka g\u00f6z atman\u0131z\u0131 \u00f6neririz. DMARC raporlar\u0131n\u0131zda forward eden sistemleri do\u011fru yorumlayabilmek, p=reject\u2019e ge\u00e7ti\u011finizde beklenmedik teslimat sorunlar\u0131n\u0131n \u00f6n\u00fcne ge\u00e7er.<\/p>\n<h2><span id=\"Rapor_okurken_sik_gorulen_hatalar\">Rapor okurken s\u0131k g\u00f6r\u00fclen hatalar<\/span><\/h2>\n<p>DMARC raporlar\u0131yla \u00e7al\u0131\u015fan ekiplerde s\u0131k g\u00f6rd\u00fc\u011f\u00fcm\u00fcz baz\u0131 tuzaklar var:<\/p>\n<ul>\n<li><strong>Sadece SPF\u2019e odaklanmak<\/strong>: Modern ekosistemde y\u00f6nlendirme ve gateway\u2019ler nedeniyle tek ba\u015f\u0131na SPF\u2019e g\u00fcvenmek sa\u011fl\u0131kl\u0131 de\u011fildir. Raporlarda mutlaka DKIM hizalamas\u0131n\u0131 da inceleyin.<\/li>\n<li><strong>Alignment s\u00fctunlar\u0131n\u0131 g\u00f6zden ka\u00e7\u0131rmak<\/strong>: auth_results\u2019taki pass sonucunu g\u00f6r\u00fcp policy_evaluated align s\u00fctunlar\u0131na bakmamak, ger\u00e7ekte hizalama ba\u015far\u0131s\u0131zken her \u015fey yolundaym\u0131\u015f gibi alg\u0131lanmas\u0131na yol a\u00e7ar.<\/li>\n<li><strong>Forward trafi\u011fini sald\u0131r\u0131 sanmak<\/strong>: Baz\u0131 \u00fcniversite ve kurumsal a\u011flarda yo\u011fun y\u00f6nlendirme kullan\u0131ld\u0131\u011f\u0131ndan, DMARC fail g\u00f6r\u00fcnen ama asl\u0131nda me\u015fru olan trafik olu\u015fabilir. RUF raporlar\u0131 ve ba\u015fl\u0131k analizi ile bunlar\u0131 ay\u0131rmak gerekir.<\/li>\n<li><strong>Raporlar\u0131 sadece bir sa\u011flay\u0131c\u0131n\u0131n verisine g\u00f6re de\u011ferlendirmek<\/strong>: Farkl\u0131 al\u0131c\u0131lar DMARC\u2019i farkl\u0131 \u015fekillerde uygular. M\u00fcmk\u00fcn oldu\u011funca \u00e7ok b\u00fcy\u00fck sa\u011flay\u0131c\u0131dan gelen raporlar\u0131 birlikte de\u011ferlendirmek daha ger\u00e7ek\u00e7i bir tablo sunar.<\/li>\n<li><strong>Raporlar\u0131 bir seferlik kampanya gibi g\u00f6rmek<\/strong>: DMARC rapor analizi, sadece ge\u00e7i\u015f s\u00fcrecinde de\u011fil, s\u00fcrekli yap\u0131lmas\u0131 gereken bir g\u00fcvenlik ve teslim edilebilirlik prati\u011fidir.<\/li>\n<\/ul>\n<p>DMARC rapor analizi olgunla\u015ft\u0131k\u00e7a, bu veriyi BIMI gibi marka g\u00f6r\u00fcn\u00fcrl\u00fc\u011f\u00fc \u00f6zellikleriyle de birle\u015ftirmek m\u00fcmk\u00fcn. Bu konuda daha ileri seviye bir yol haritas\u0131 ar\u0131yorsan\u0131z, <a href='https:\/\/www.dchost.com\/blog\/gelismis-dmarc-ve-bimi-rua-ruf-raporlarindan-marka-gostergesine-nasil-yol-alinir\/'>geli\u015fmi\u015f DMARC ve BIMI rehberimizde<\/a> RUA\/RUF raporlar\u0131ndan marka g\u00f6stergesine giden s\u00fcreci detayl\u0131 anlatt\u0131k.<\/p>\n<h2><span id=\"DCHost_altyapisinda_DMARC_verisini_kullanmaya_dair_ornek_senaryo\">DCHost altyap\u0131s\u0131nda DMARC verisini kullanmaya dair \u00f6rnek senaryo<\/span><\/h2>\n<p>Somut bir \u00f6rnek \u00fczerinden gidelim. Orta \u00f6l\u00e7ekli bir e-ticaret firmas\u0131, DCHost \u00fczerinde hem kurumsal web sitesini hem de transactional e-postalar\u0131n\u0131 bar\u0131nd\u0131r\u0131yor. Bir s\u00fcre sonra m\u00fc\u015fteri hizmetleri, sipari\u015f onay ve \u015fifre s\u0131f\u0131rlama e-postalar\u0131n\u0131n baz\u0131 kullan\u0131c\u0131larda spam klas\u00f6r\u00fcne d\u00fc\u015ft\u00fc\u011f\u00fcn\u00fc fark ediyor. G\u00fcvenlik ekibi ayr\u0131ca marka ad\u0131na sahte kampanya mailleri g\u00f6nderildi\u011fine dair geri bildirimler al\u0131yor.<\/p>\n<p>Al\u0131nan aksiyonlar \u015fu \u015fekilde olabilir:<\/p>\n<ol>\n<li>Alan ad\u0131na SPF, DKIM ve p=none DMARC kayd\u0131 ekleniyor; RUA raporlar\u0131 DCHost \u00fczerindeki \u00f6zel bir posta kutusunda toplan\u0131yor.<\/li>\n<li>\u0130lk hafta sonunda RUA raporlar\u0131 incelendi\u011finde, beklenen DCHost SMTP IP\u2019lerine ek olarak eski bir \u00fc\u00e7\u00fcnc\u00fc taraf servis IP\u2019sinin h\u00e2l\u00e2 sipari\u015f maili atmaya \u00e7al\u0131\u015ft\u0131\u011f\u0131 g\u00f6r\u00fcl\u00fcyor. SPF kayd\u0131ndan bu IP \u00e7\u0131kar\u0131l\u0131yor, ilgili API anahtarlar\u0131 iptal ediliyor.<\/li>\n<li>CRM sisteminin kulland\u0131\u011f\u0131 alt alan ad\u0131nda DMARC tan\u0131ml\u0131 olmad\u0131\u011f\u0131 fark edilip sp=quarantine ile kapsam alt\u0131na al\u0131n\u0131yor.<\/li>\n<li>\u0130kinci hafta sonunda yetkili t\u00fcm sistemlerde DKIM hizalamas\u0131n\u0131n tam oldu\u011fu do\u011frulan\u0131yor ve p=quarantine; pct=25 ile devreye al\u0131n\u0131yor.<\/li>\n<li>Raporlarda beklenmedik bir etki g\u00f6r\u00fclmeyince pct kademeli olarak 100\u2019e \u00e7\u0131kar\u0131l\u0131yor, ard\u0131ndan p=reject\u2019e ge\u00e7iliyor.<\/li>\n<\/ol>\n<p>Bu s\u00fcre\u00e7 sonunda hem sahte kampanya maillerinin etkisi b\u00fcy\u00fck \u00f6l\u00e7\u00fcde azal\u0131yor hem de transactional e-postalar\u0131n teslim oran\u0131 belirgin \u015fekilde iyile\u015fiyor. DCHost altyap\u0131s\u0131nda \u00e7al\u0131\u015fan MTA loglar\u0131 ile DMARC raporlar\u0131n\u0131 birlikte analiz etmek, hatal\u0131 veya zay\u0131f yap\u0131land\u0131r\u0131lm\u0131\u015f IP\u2019lerin h\u0131zla iyile\u015ftirilmesini sa\u011fl\u0131yor.<\/p>\n<h2><span id=\"Sonuc_DMARC_raporlariyla_yasayan_bir_e-posta_guvenlik_kulturu_kurmak\">Sonu\u00e7: DMARC raporlar\u0131yla ya\u015fayan bir e-posta g\u00fcvenlik k\u00fclt\u00fcr\u00fc kurmak<\/span><\/h2>\n<p>DMARC \u00e7o\u011fu kurum i\u00e7in \u00f6nce DNS\u2019e eklenen bir TXT kayd\u0131ndan ibaret ba\u015fl\u0131yor. Ger\u00e7ek fark ise, bu kayd\u0131n ortaya \u00e7\u0131kard\u0131\u011f\u0131 RUA ve RUF raporlar\u0131n\u0131 d\u00fczenli olarak okuyup aksiyona d\u00f6n\u00fc\u015ft\u00fcrd\u00fc\u011f\u00fcn\u00fczde ortaya \u00e7\u0131k\u0131yor. Aggregate raporlarla g\u00f6nderen envanterinizi netle\u015ftirip SPF ve DKIM hizalamas\u0131n\u0131 olgunla\u015ft\u0131rd\u0131\u011f\u0131n\u0131zda; forensic raporlarla da ger\u00e7ek sald\u0131r\u0131lar\u0131 ve kritik hatalar\u0131 yakalamaya ba\u015flad\u0131\u011f\u0131n\u0131zda, p=none\u2019dan p=reject\u2019e ge\u00e7i\u015f korkulan bir ad\u0131m olmaktan \u00e7\u0131k\u0131yor.<\/p>\n<p>DCHost olarak, ister <a href=\"https:\/\/www.dchost.com\/tr\/web-hosting\">payla\u015f\u0131ml\u0131 hosting<\/a>, ister VPS, <a href=\"https:\/\/www.dchost.com\/tr\/fiziksel-sunucu\">dedicated sunucu<\/a> veya colocation altyap\u0131n\u0131zda kendi MTA\u2019n\u0131z\u0131 \u00e7al\u0131\u015ft\u0131r\u0131yor olun; DMARC, SPF ve DKIM \u00fc\u00e7l\u00fcs\u00fcn\u00fc do\u011fru kurgulad\u0131\u011f\u0131n\u0131zda e-posta altyap\u0131n\u0131z hem daha g\u00fcvenli hem de daha itibarl\u0131 hale gelir. Sonraki ad\u0131m olarak DMARC raporlar\u0131n\u0131 BIMI, MTA-STS ve TLS-RPT gibi geli\u015fmi\u015f mekanizmalarla birle\u015ftirmek i\u00e7in <a href='https:\/\/www.dchost.com\/blog\/mta-sts-tls-rpt-ve-bimi-nedir-e-posta-guvenligi-ve-marka-gorunurlugu-icin-gelismis-dns-ayarlari\/'>geli\u015fmi\u015f DNS ayarlar\u0131 rehberimize<\/a> ve DMARC odakl\u0131 <a href='https:\/\/www.dchost.com\/blog\/spf-dkim-ve-dmarc-ve-rdns-ile-e-posta-teslim-edilebilirligini-nasil-adim-adim-yukseltirsin\/'>teslim edilebilirlik stratejilerine<\/a> g\u00f6z atabilirsiniz.<\/p>\n<p>E\u011fer DMARC raporlar\u0131n\u0131 okumak ve p=reject\u2019e ge\u00e7i\u015f plan\u0131n\u0131 tasarlamak i\u00e7in deneyimli bir ekiple birlikte \u00e7al\u0131\u015fmak isterseniz, DCHost \u00fczerinden kulland\u0131\u011f\u0131n\u0131z bar\u0131nd\u0131rma hizmetiyle entegre, \u00f6l\u00e7\u00fclebilir ve s\u00fcrd\u00fcr\u00fclebilir bir e-posta g\u00fcvenlik mimarisini birlikte kurabiliriz.<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>\u0130&ccedil;indekiler1 DMARC raporlar\u0131n\u0131 ger\u00e7ekten okumak neden bu kadar \u00f6nemli2 K\u0131sa hat\u0131rlatma: DMARC, SPF, DKIM ve hizalama3 DMARC rapor t\u00fcrleri: Aggregate (RUA) ve Forensic (RUF)4 Aggregate (RUA) DMARC raporlar\u0131n\u0131 okumak4.1 Aggregate rapor yap\u0131s\u0131n\u0131 anlamak4.2 Analize pratik bir ba\u015flang\u0131\u00e7: Kaynak envanteri \u00e7\u0131karma4.3 SPF ve DKIM hizalamas\u0131n\u0131 rapor \u00fczerinden okumak4.4 Aggregate raporlardan aksiyon listesi \u00e7\u0131karmak5 Forensic (RUF) DMARC [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":4206,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-4205","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji"],"_links":{"self":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/4205","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/comments?post=4205"}],"version-history":[{"count":0,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/4205\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media\/4206"}],"wp:attachment":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media?parent=4205"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/categories?post=4205"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/tags?post=4205"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}