Dear pak Syafril dan rekan2 Belakangan ini saya menerima spam mail dari alamat email internal,
Apakah ini indikasi perangkat user ada yang terkena Trojan / spam dari luar, mengingat alamat email from nya menggunakan alamat email internal, Dan tetapi dari lognya sepertinya dari gmail.com Mohon masukannya Isinya dan Log nya sbb : -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Monday, November 05, 2012 8:43 AM To: [email protected]; [email protected] Subject: Gibraltar based business seeking out representatives based in EU. Company offering services in the e-commerce and IT fields is hiring representatives in Europe 5,000 Euro a month salary for just several hours invested each day plus a five-percent bonus What we must have from you: - Power of Attorney or ownership of a company or similar - Responding to e-mail communications from us, daily - Remain up to date with all the tasks If this sounds right for you, please forward these following details to our company e-mail: - Your Name - Your Telephone Number in International Format - E-mail Address - Age Please reply to:[email protected]. Do not use the reply feature. With Regards, Division of Human Resources Mon 2012-11-05 08:35:58: <-- EHLO 190-51-254-209.speedy.com.ar Mon 2012-11-05 08:35:58: --> 250-terminix.co.id Hello 190-51-254-209.speedy.com.ar, pleased to meet you Mon 2012-11-05 08:35:58: --> 250-EXPN Mon 2012-11-05 08:35:58: --> 250-ETRN Mon 2012-11-05 08:35:58: --> 250-AUTH LOGIN CRAM-MD5 PLAIN Mon 2012-11-05 08:35:58: --> 250-8BITMIME Mon 2012-11-05 08:35:58: --> 250 SIZE 6000000 Mon 2012-11-05 08:35:58: <-- MAIL FROM: <[email protected]> Mon 2012-11-05 08:35:58: Performing PTR lookup (209.254.51.190.IN-ADDR.ARPA) Mon 2012-11-05 08:35:59: * D=209.254.51.190.IN-ADDR.ARPA TTL=(1440) PTR=[190-51-254-209.speedy.com.ar] Mon 2012-11-05 08:35:59: * Gathering A records... Mon 2012-11-05 08:36:00: * No A records found Mon 2012-11-05 08:36:00: ---- End PTR results Mon 2012-11-05 08:36:00: Performing IP lookup (190-51-254-209.speedy.com.ar) Mon 2012-11-05 08:36:00: * Error: * Name server reports domain name unknown Mon 2012-11-05 08:36:00: ---- End IP lookup results Mon 2012-11-05 08:36:00: Performing IP lookup (gmail.com) Mon 2012-11-05 08:36:00: * D=gmail.com TTL=(3) A=[173.194.38.181] Mon 2012-11-05 08:36:00: * D=gmail.com TTL=(3) A=[173.194.38.182] Mon 2012-11-05 08:36:00: * P=005 S=003 D=gmail.com TTL=(32) MX=[gmail-smtp-in.l.google.com] {173.194.79.26} Mon 2012-11-05 08:36:00: * P=010 S=004 D=gmail.com TTL=(32) MX=[alt1.gmail-smtp-in.l.google.com] {74.125.133.26} Mon 2012-11-05 08:36:00: * P=020 S=000 D=gmail.com TTL=(32) MX=[alt2.gmail-smtp-in.l.google.com] {74.125.137.27} Mon 2012-11-05 08:36:00: * P=030 S=001 D=gmail.com TTL=(32) MX=[alt3.gmail-smtp-in.l.google.com] Mon 2012-11-05 08:36:00: * P=040 S=002 D=gmail.com TTL=(32) MX=[alt4.gmail-smtp-in.l.google.com] Mon 2012-11-05 08:36:00: * D=gmail.com TTL=(3) A=[173.194.38.182] Mon 2012-11-05 08:36:00: * D=gmail.com TTL=(3) A=[173.194.38.181] Mon 2012-11-05 08:36:00: ---- End IP lookup results Mon 2012-11-05 08:36:00: Performing SPF lookup (gmail.com / 190.51.254.209) Mon 2012-11-05 08:36:00: * Policy: v=spf1 redirect=_spf.google.com Mon 2012-11-05 08:36:00: * Evaluating redirect=_spf.google.com: Mon 2012-11-05 08:36:00: * Evaluating redirect=_spf.google.com: performing lookup Mon 2012-11-05 08:36:01: * Policy: v=spf1 ip4:216.239.32.0/19 ip4:64.233.160.0/19 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:209.85.128.0/17 ip4:66.102.0.0/20 ip4:74.125.0.0/16 ip4:64.18.0.0/20 ip4:207.126.144.0/20 ip4:173.194.0.0/16 ?all Mon 2012-11-05 08:36:01: * Evaluating ip4:216.239.32.0/19: no match Mon 2012-11-05 08:36:01: * Evaluating ip4:64.233.160.0/19: no match Mon 2012-11-05 08:36:01: * Evaluating ip4:66.249.80.0/20: no match Mon 2012-11-05 08:36:01: * Evaluating ip4:72.14.192.0/18: no match Mon 2012-11-05 08:36:01: * Evaluating ip4:209.85.128.0/17: no match Mon 2012-11-05 08:36:01: * Evaluating ip4:66.102.0.0/20: no match Mon 2012-11-05 08:36:01: * Evaluating ip4:74.125.0.0/16: no match Mon 2012-11-05 08:36:01: * Evaluating ip4:64.18.0.0/20: no match Mon 2012-11-05 08:36:01: * Evaluating ip4:207.126.144.0/20: no match Mon 2012-11-05 08:36:01: * Evaluating ip4:173.194.0.0/16: no match Mon 2012-11-05 08:36:01: * Evaluating ?all: match Mon 2012-11-05 08:36:01: * Result: neutral Mon 2012-11-05 08:36:01: ---- End SPF results Mon 2012-11-05 08:36:01: --> 250 <[email protected]>, Sender ok Mon 2012-11-05 08:36:01: <-- RCPT TO:<[email protected]> Mon 2012-11-05 08:36:01: --> 250 <[email protected]>, Recipient ok Mon 2012-11-05 08:36:01: <-- RCPT TO:<[email protected]> Mon 2012-11-05 08:36:01: --> 250 <[email protected]>, Recipient ok Mon 2012-11-05 08:36:02: <-- DATA Mon 2012-11-05 08:36:02: Creating temp file (SMTP): e:\mdaemon\queues\temp\md50000447410.tmp Mon 2012-11-05 08:36:02: --> 354 Enter mail, end with <CRLF>.<CRLF> Mon 2012-11-05 08:36:02: Message size: 1414 bytes Mon 2012-11-05 08:36:02: Performing DKIM lookup Mon 2012-11-05 08:36:02: * File: e:\mdaemon\queues\temp\md50000447410.tmp Mon 2012-11-05 08:36:02: * Message-ID: [email protected] Mon 2012-11-05 08:36:02: * Result: neutral Mon 2012-11-05 08:36:02: ---- End DKIM results Mon 2012-11-05 08:36:02: Performing DomainKeys lookup (Sender: [email protected]>, <[email protected]) Mon 2012-11-05 08:36:02: * File: e:\mdaemon\queues\temp\md50000447410.tmp Mon 2012-11-05 08:36:02: * Message-ID: [email protected] Mon 2012-11-05 08:36:02: * Querying for policy: terminix.co.id Mon 2012-11-05 08:36:02: * Querying: _domainkey.terminix.co.id ... Mon 2012-11-05 08:36:03: * DNS: * Name server reports domain name unknown Mon 2012-11-05 08:36:03: * Result: neutral Mon 2012-11-05 08:36:03: ---- End DomainKeys results Mon 2012-11-05 08:36:03: Passing message through AntiVirus (Size: 1414)... Mon 2012-11-05 08:36:03: * Message is clean (no viruses found) Mon 2012-11-05 08:36:03: ---- End AntiVirus results Mon 2012-11-05 08:36:03: Passing message through Spam Filter (Size: 1414)... Mon 2012-11-05 08:36:14: * -0.0 SHORTCIRCUIT Not all rules were run, due to a shortcircuited rule Mon 2012-11-05 08:36:14: * -100 USER_IN_WHITELIST From: address is in the whitelist Mon 2012-11-05 08:36:14: ---- End SpamAssassin results Mon 2012-11-05 08:36:14: Spam Filter score/req: -100.00/12.0 Mon 2012-11-05 08:36:14: Message creation successful: e:\mdaemon\queues\inbound\md50000564495.msg Mon 2012-11-05 08:36:14: --> 250 Ok, message saved <Message-ID: [email protected]> Mon 2012-11-05 08:36:14: <-- QUIT Mon 2012-11-05 08:36:14: --> 221 See ya in cyberspace Mon 2012-11-05 08:36:14: SMTP session successful (Bytes in/out: 1577/527) Terminix Kasih, Zhia Chandra | IT Dept M: +62 811 110 8790 - 8699953 | P: +62 251 8313 070 ext.236 | F: +62 251 8353 508 save forest and trees, Keep it on screen - think before you print - email dan informasi yang terkandung bersifat rahasia dan dimaksudkan semata-mata untuk penggunaan pribadi atau secara organisasi perusahaan untuk kegiatan yang berhubungan dengan kegiatan usaha PT. Agricon Putra Citra Optima. Jika anda bukan penerima email yang dimaksud harap langsung menghapus email ini dari sistem anda. Jika anda menerima email ini dalam keadaan rusak/error harap segera menghubungi kami dengan membalas/melanjutkan email tersebut ke [email protected] atau menghubungi IT Dept di +62251 8313070 - 236, kemudian hapus email tersebut bersama semua lampirannya. PT. Agricon Putra Citra Optima tidak bertanggung jawab terhadap kerusakan yang terjadi akibat email tersebut. -- --[MDaemon-L]------------------------------------------------ Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. Netiket: <http://www.netmeister.org/news/learn2quote> Arsip: <http://mdaemon-l.dutaint.com> Dokumentasi : <http://mdaemon.dutaint.co.id> Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com Versi terakhir MD 13.0.2, SP 4.1.5, BES 2.0.1, OC 2.3.0, SG 2.0.7, PP 2.0.0
