dear pak Syafril, kami mendapatkan email-email SPAM berikut lognya:
Wed 2020-04-22 10:39:40: ---------- Wed 2020-04-22 10:39:34: Session 602608; child 0005 Wed 2020-04-22 10:39:34: Accepting SMTP connection from [160.226.224.112:49050] to [117.102.89.155:25] Wed 2020-04-22 10:39:34: --> 220 mail.mandau.id ESMTP MDaemon 14.0.0; Wed, 22 Apr 2020 10:39:34 +0700 Wed 2020-04-22 10:39:34: <-- EHLO [160.226.224.112] Wed 2020-04-22 10:39:34: --> 250-mail.mandau.id Hello [160.226.224.112], pleased to meet you Wed 2020-04-22 10:39:34: --> 250-ETRN Wed 2020-04-22 10:39:34: --> 250-AUTH LOGIN CRAM-MD5 PLAIN Wed 2020-04-22 10:39:34: --> 250-8BITMIME Wed 2020-04-22 10:39:34: --> 250 SIZE Wed 2020-04-22 10:39:35: <-- MAIL From:<ghjghj...@sdfsf.com> Wed 2020-04-22 10:39:35: Performing IP lookup (sdfsf.com) Wed 2020-04-22 10:39:35: * D=sdfsf.com TTL=(60) A=[69.172.201.153] Wed 2020-04-22 10:39:35: * P=001 S=000 D=sdfsf.com TTL=(60) MX=[mx247.in-mx.net] Wed 2020-04-22 10:39:35: * P=001 S=001 D=sdfsf.com TTL=(60) MX=[mx247.in-mx.com] Wed 2020-04-22 10:39:35: * D=sdfsf.com TTL=(60) A=[69.172.201.153] Wed 2020-04-22 10:39:35: * D=sdfsf.com TTL=(60) A=[69.172.201.153] Wed 2020-04-22 10:39:35: ---- End IP lookup results Wed 2020-04-22 10:39:35: Performing SPF lookup (sdfsf.com / 160.226.224.112) Wed 2020-04-22 10:39:36: * Result: none; no SPF record in DNS Wed 2020-04-22 10:39:36: ---- End SPF results Wed 2020-04-22 10:39:36: --> 250 <ghjghj...@sdfsf.com>, Sender ok Wed 2020-04-22 10:39:36: <-- RCPT To:<hendra...@mandau.id> Wed 2020-04-22 10:39:36: --> 250 <hendra...@mandau.id>, Recipient ok Wed 2020-04-22 10:39:37: <-- DATA Wed 2020-04-22 10:39:37: Creating temp file (SMTP): c:\mdaemon\queues\temp\md50000501270.tmp Wed 2020-04-22 10:39:37: --> 354 Enter mail, end with <CRLF>.<CRLF> Wed 2020-04-22 10:39:38: Message size: 7106 bytes Wed 2020-04-22 10:39:38: Performing DKIM lookup Wed 2020-04-22 10:39:38: * File: c:\mdaemon\queues\temp\md50000501270.tmp Wed 2020-04-22 10:39:38: * Message-ID: 5e9fcafd.6689.756...@ghjghjjhg.sdfsf.com Wed 2020-04-22 10:39:38: * Result: neutral Wed 2020-04-22 10:39:38: ---- End DKIM results Wed 2020-04-22 10:39:38: Performing DomainKeys lookup (Sender: ghjghj...@sdfsf.com) Wed 2020-04-22 10:39:38: * File: c:\mdaemon\queues\temp\md50000501270.tmp Wed 2020-04-22 10:39:38: * Message-ID: 5e9fcafd.6689.756...@ghjghjjhg.sdfsf.com Wed 2020-04-22 10:39:38: * Querying for policy: sdfsf.com Wed 2020-04-22 10:39:38: * Querying: _domainkey.sdfsf.com ... Wed 2020-04-22 10:39:38: * DNS: * Name server has no valid records of the requested type for that domain Wed 2020-04-22 10:39:38: * Result: neutral Wed 2020-04-22 10:39:38: ---- End DomainKeys results Wed 2020-04-22 10:39:38: Passing message through Spam Filter (Size: 7106)... Wed 2020-04-22 10:39:41: * 3.4 FH_DATE_PAST_20XX The date is grossly in the future. Wed 2020-04-22 10:39:41: * 0.0 HTML_MESSAGE BODY: HTML included in message Wed 2020-04-22 10:39:41: * 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS Wed 2020-04-22 10:39:41: * 0.5 PDS_BTC_ID FP reduced Bitcoin ID Wed 2020-04-22 10:39:41: * 1.6 BITCOIN_EXTORT_01 Extortion spam, pay via BitCoin Wed 2020-04-22 10:39:41: * 0.0 HELO_MISC_IP Looking for more Dynamic IP Relays Wed 2020-04-22 10:39:41: * 1.8 NO_FM_NAME_IP_HOSTN No From name + hostname using IP address Wed 2020-04-22 10:39:41: ---- End SpamAssassin results Wed 2020-04-22 10:39:41: Spam Filter score/req: 8.60/15.0 Wed 2020-04-22 10:39:41: Message creation successful: c:\mdaemon\queues\inbound\md50001590338.msg Wed 2020-04-22 10:39:41: --> 250 Ok, message saved <Message-ID: <5e9fcafd.6689.756...@ghjghjjhg.sdfsf.com>> Wed 2020-04-22 10:39:41: <-- QUIT Wed 2020-04-22 10:39:41: --> 221 See ya in cyberspace Wed 2020-04-22 10:39:41: SMTP session successful (Bytes in/out: 7209/429) Wed 2020-04-22 10:39:41: ---------- Dan berikutnya: Wed 2020-04-22 06:13:14: ---------- Wed 2020-04-22 06:17:42: Session 599238; child 0001 Wed 2020-04-22 06:17:42: Accepting SMTP connection from [176.216.64.188:21990] to [117.102.89.155:25] Wed 2020-04-22 06:17:42: --> 220 mail.mandau.id ESMTP MDaemon 14.0.0; Wed, 22 Apr 2020 06:17:42 +0700 Wed 2020-04-22 06:17:42: <-- EHLO [176.216.64.188] Wed 2020-04-22 06:17:42: --> 250-mail.mandau.id Hello [176.216.64.188], pleased to meet you Wed 2020-04-22 06:17:42: --> 250-ETRN Wed 2020-04-22 06:17:42: --> 250-AUTH LOGIN CRAM-MD5 PLAIN Wed 2020-04-22 06:17:42: --> 250-8BITMIME Wed 2020-04-22 06:17:42: --> 250 SIZE Wed 2020-04-22 06:17:45: <-- MAIL From:<e2069...@rmqkr.net> Wed 2020-04-22 06:17:45: Performing IP lookup (rmqkr.net) Wed 2020-04-22 06:17:45: * D=rmqkr.net TTL=(60) A=[103.224.182.207] Wed 2020-04-22 06:17:46: * P=010 S=000 D=rmqkr.net TTL=(60) MX=[park-mx.above.com] Wed 2020-04-22 06:17:46: * D=rmqkr.net TTL=(60) A=[103.224.182.207] Wed 2020-04-22 06:17:46: ---- End IP lookup results Wed 2020-04-22 06:17:46: Performing SPF lookup (rmqkr.net / 176.216.64.188) Wed 2020-04-22 06:17:46: * Result: none; no SPF record in DNS Wed 2020-04-22 06:17:46: ---- End SPF results Wed 2020-04-22 06:17:46: --> 250 <e2069...@rmqkr.net>, Sender ok Wed 2020-04-22 06:17:46: <-- RCPT To:<fad...@mandau.id> Wed 2020-04-22 06:17:46: --> 250 <fad...@mandau.id>, Recipient ok Wed 2020-04-22 06:17:54: <-- DATA Wed 2020-04-22 06:17:54: Creating temp file (SMTP): c:\mdaemon\queues\temp\md50000497795.tmp Wed 2020-04-22 06:17:54: --> 354 Enter mail, end with <CRLF>.<CRLF> Wed 2020-04-22 06:17:59: Message size: 6802 bytes Wed 2020-04-22 06:17:59: Performing DKIM lookup Wed 2020-04-22 06:17:59: * File: c:\mdaemon\queues\temp\md50000497795.tmp Wed 2020-04-22 06:17:59: * Message-ID: 5e9fa953.6020...@rmqkr.net Wed 2020-04-22 06:17:59: * Result: neutral Wed 2020-04-22 06:17:59: ---- End DKIM results Wed 2020-04-22 06:17:59: Performing DomainKeys lookup (Sender: e2069...@rmqkr.net) Wed 2020-04-22 06:17:59: * File: c:\mdaemon\queues\temp\md50000497795.tmp Wed 2020-04-22 06:17:59: * Message-ID: 5e9fa953.6020...@rmqkr.net Wed 2020-04-22 06:17:59: * Querying for policy: rmqkr.net Wed 2020-04-22 06:17:59: * Querying: _domainkey.rmqkr.net ... Wed 2020-04-22 06:18:00: * DNS: * Name server has no valid records of the requested type for that domain Wed 2020-04-22 06:18:00: * Result: neutral Wed 2020-04-22 06:18:00: ---- End DomainKeys results Wed 2020-04-22 06:18:00: Passing message through Spam Filter (Size: 6802)... Wed 2020-04-22 06:18:02: * 3.4 FH_DATE_PAST_20XX The date is grossly in the future. Wed 2020-04-22 06:18:02: * 0.0 HTML_MESSAGE BODY: HTML included in message Wed 2020-04-22 06:18:02: * 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS Wed 2020-04-22 06:18:02: * 0.5 PDS_BTC_ID FP reduced Bitcoin ID Wed 2020-04-22 06:18:02: * 1.6 BITCOIN_EXTORT_01 Extortion spam, pay via BitCoin Wed 2020-04-22 06:18:02: * 2.5 BITCOIN_SPAM_02 BitCoin spam pattern 02 Wed 2020-04-22 06:18:02: * 0.0 HELO_MISC_IP Looking for more Dynamic IP Relays Wed 2020-04-22 06:18:02: * 1.8 NO_FM_NAME_IP_HOSTN No From name + hostname using IP address Wed 2020-04-22 06:18:02: ---- End SpamAssassin results Wed 2020-04-22 06:18:02: Spam Filter score/req: 11.10/15.0 Wed 2020-04-22 06:18:05: Message creation successful: c:\mdaemon\queues\inbound\md50001590122.msg Wed 2020-04-22 06:18:05: --> 250 Ok, message saved <Message-ID: <5e9fa953.6020...@rmqkr.net>> Wed 2020-04-22 06:18:05: <-- QUIT Wed 2020-04-22 06:18:05: --> 221 See ya in cyberspace Wed 2020-04-22 06:18:05: SMTP session successful (Bytes in/out: 6900/410) Wed 2020-04-22 06:18:05: ---------- Kalau saya block IP sender, IP nya dynamic mereka pakai pak. Apa saran yang terbaik pak Terima kasih Best Regards IRWAN R. JAZIR -- --[mdaemon-l]---------------------------------------------------------- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 19.5.5, SecurityGateway 6.5.2
