Selamat sore Pak Syafril, Penanggulangan yang tepat bagi spam yang lolos dari Reverse Lookup Mdaemon ? Apakah saya blacklist domain / IP
Saya perhatikan smtp-log sebelumnya, spam yang menggunakan alamat email, contoh [email protected] berhasil di drop oleh mdaemon, namun untuk yang satu ini lolos dari [email protected] Thu 2014-02-13 14:28:49: [688459] Session 688459; child 0001 Thu 2014-02-13 14:28:49: [688459] Accepting SMTP connection from [88.69.22.100:52678] to [202.159.14.34:25] Thu 2014-02-13 14:28:49: [688459] --> 220 mail.victoriabank.co.id ESMTP MDaemon 13.6.1; Thu, 13 Feb 2014 14:28:49 +0700 Thu 2014-02-13 14:28:49: [688459] <-- EHLO dslb-088-069-022-100.pools.arcor-ip.net Thu 2014-02-13 14:28:49: [688459] --> 250-mail.victoriabank.co.id Hello dslb-088-069-022-100.pools.arcor-ip.net, pleased to meet you Thu 2014-02-13 14:28:49: [688459] --> 250-ETRN Thu 2014-02-13 14:28:49: [688459] --> 250-AUTH LOGIN CRAM-MD5 PLAIN Thu 2014-02-13 14:28:49: [688459] --> 250-8BITMIME Thu 2014-02-13 14:28:49: [688459] --> 250-STARTTLS Thu 2014-02-13 14:28:49: [688459] --> 250 SIZE Thu 2014-02-13 14:28:50: [688459] <-- MAIL FROM:<[email protected]> Thu 2014-02-13 14:28:50: [688459] Performing PTR lookup (100.22.69.88.IN-ADDR.ARPA) Thu 2014-02-13 14:28:50: [688459] * D=100.22.69.88.IN-ADDR.ARPA TTL=(359) PTR=[dslb-088-069-022-100.pools.arcor-ip.net] Thu 2014-02-13 14:28:50: [688459] * Gathering A records... Thu 2014-02-13 14:28:51: [688459] * D=dslb-088-069-022-100.pools.arcor-ip.net TTL=(359) A=[88.69.22.100] Thu 2014-02-13 14:28:51: [688459] ---- End PTR results Thu 2014-02-13 14:28:51: [688459] Performing IP lookup (dslb-088-069-022-100.pools.arcor-ip.net) Thu 2014-02-13 14:28:51: [688459] * D=dslb-088-069-022-100.pools.arcor-ip.net TTL=(359) A=[88.69.22.100] Thu 2014-02-13 14:28:51: [688459] ---- End IP lookup results Thu 2014-02-13 14:28:51: [688459] Performing IP lookup (ketroy.co.uk) Thu 2014-02-13 14:28:51: [688459] * D=ketroy.co.uk TTL=(239) A=[50.87.69.110] Thu 2014-02-13 14:28:52: [688459] * P=000 S=000 D=ketroy.co.uk TTL=(239) MX=[ketroy.co.uk] Thu 2014-02-13 14:28:52: [688459] * D=ketroy.co.uk TTL=(239) A=[50.87.69.110] Thu 2014-02-13 14:28:52: [688459] ---- End IP lookup results Thu 2014-02-13 14:28:52: [688459] Performing SPF lookup (ketroy.co.uk / 88.69.22.100) Thu 2014-02-13 14:28:52: [688459] * Policy: v=spf1 +a +mx +ip4:173.254.28.50 ?all Thu 2014-02-13 14:28:52: [688459] * Evaluating +a: no match Thu 2014-02-13 14:28:52: [688459] * Evaluating +mx: no match Thu 2014-02-13 14:28:52: [688459] * Evaluating +ip4:173.254.28.50: no match Thu 2014-02-13 14:28:52: [688459] * Evaluating ?all: match Thu 2014-02-13 14:28:52: [688459] * Result: neutral Thu 2014-02-13 14:28:52: [688459] ---- End SPF results Thu 2014-02-13 14:28:52: [688459] --> 250 <[email protected]>, Sender ok Thu 2014-02-13 14:28:52: [688459] <-- RCPT TO:<[email protected]> Thu 2014-02-13 14:28:52: [688459] Performing DNS-BL lookup (88.69.22.100 - connecting IP) Thu 2014-02-13 14:28:53: [688459] * zen.spamhaus.org - passed Thu 2014-02-13 14:28:53: [688459] ---- End DNS-BL results Thu 2014-02-13 14:28:53: [688459] --> 250 <[email protected]>, Recipient ok Thu 2014-02-13 14:28:53: [688459] <-- DATA Thu 2014-02-13 14:28:53: [688459] Creating temp file (SMTP): d:\mdaemon\queues\temp\47\md50000000484.tmp Thu 2014-02-13 14:28:53: [688459] --> 354 Enter mail, end with <CRLF>.<CRLF> Thu 2014-02-13 14:28:53: [688459] Message size: 2547 bytes Thu 2014-02-13 14:28:53: [688459] Performing DKIM lookup Thu 2014-02-13 14:28:53: [688459] * File: d:\mdaemon\queues\temp\47\md50000000484.tmp Thu 2014-02-13 14:28:53: [688459] * Message-ID: 2790f96ca3a20493601caa6e95e216c-46c0bbcfd55ad8f58b7e61c5dcc85...@dslb-088-069-022-100.pools.arcor-ip.net Thu 2014-02-13 14:28:54: [688459] * Result: neutral Thu 2014-02-13 14:28:54: [688459] ---- End DKIM results Thu 2014-02-13 14:28:54: [688459] Passing message through AntiVirus (Size: 2547)... Thu 2014-02-13 14:28:54: [688459] * AntiVirus is disabled for recipient's domain or gateway Thu 2014-02-13 14:28:54: [688459] ---- End AntiVirus results Thu 2014-02-13 14:28:54: [688459] Message creation successful: d:\mdaemon\queues\inbound\27\md50000000465.msg Thu 2014-02-13 14:28:54: [688459] --> 250 Ok, message saved <Message-ID: <2790f96ca3a20493601caa6e95e216c-46c0bbcfd55ad8f58b7e61c5dcc85...@dslb-088-069-022-100.pools.arcor-ip.net>> Thu 2014-02-13 14:28:54: [688459] <-- QUIT Thu 2014-02-13 14:28:54: [688459] --> 221 See ya in cyberspace Thu 2014-02-13 14:28:54: [688459] SMTP session successful (Bytes in/out: 2678/553) -- --[MDaemon-L]------------------------------------------------ Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. Netiket: http://www.netmeister.org/news/learn2quote Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com Versi terakhir MD 13.6.2, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 2.1.2, PP 2.0.1
