Siang Pa Syafril, Hari ini ada beberapa user saya yang terima email spam spt dibawah ini,
************************************************************* From: Administrator [mailto:[email protected]] Sent: Friday, September 12, 2014 11:27 AM To: [email protected] Subject: To All Employee's - Important Address UPDATE To All Employee's: The end of the year is approaching and we want to ensure every employee receives their W-9 to the correct address. Verify that the address is correct - https://local.asmaraindo.co.id/details.aspx?id=6003140143 If changes need to be made, contact HR at https://hr.asmaraindo.co.id/update.aspx?id=6003140143. Administrator, http://asmaraindo.co.id ************************************************************ Padahal di log nya sudah ada result nya sbg spam, Fri 2014-09-12 11:28:29: * Spam result: 3 - Spam (bulk) Mungkin ada settingan yang terlewat pa? Berikut LOG nya: Fri 2014-09-12 11:28:16: Session 104913; child 0003 Fri 2014-09-12 11:28:16: Accepting SMTP connection from [113.184.220.244:26901] to [192.0.0.4:25] Fri 2014-09-12 11:28:16: Performing PTR lookup (244.220.184.113.IN-ADDR.ARPA) Fri 2014-09-12 11:28:17: * D=244.220.184.113.IN-ADDR.ARPA TTL=(359) PTR=[localhost] Fri 2014-09-12 11:28:17: * Gathering A records... Fri 2014-09-12 11:28:17: * D=localhost TTL=(1440) A=[127.0.0.1] Fri 2014-09-12 11:28:17: ---- End PTR results Fri 2014-09-12 11:28:17: --> 220-mail.asmaraindo.co.id ESMTP MDaemon 14.0.2; Fri, 12 Sep 2014 11:28:17 +0700 Fri 2014-09-12 11:28:17: --> 220-***Asmara Karya Abadi Mail Server*** Fri 2014-09-12 11:28:17: --> 220-**Unauthorized RELAYING / SPAMMING will** Fri 2014-09-12 11:28:17: --> 220-*cause PERMANENT BAN of the DOMAIN/IP* Fri 2014-09-12 11:28:17: --> 220 * Fri 2014-09-12 11:28:18: <-- EHLO localhost Fri 2014-09-12 11:28:18: --> 250-mail.asmaraindo.co.id Hello localhost, pleased to meet you Fri 2014-09-12 11:28:18: --> 250-ETRN Fri 2014-09-12 11:28:18: --> 250-AUTH LOGIN CRAM-MD5 PLAIN Fri 2014-09-12 11:28:18: --> 250-8BITMIME Fri 2014-09-12 11:28:18: --> 250-STARTTLS Fri 2014-09-12 11:28:18: --> 250 SIZE Fri 2014-09-12 11:28:19: <-- MAIL FROM: <[email protected]> BODY=7BIT Fri 2014-09-12 11:28:19: Performing IP lookup (localhost) Fri 2014-09-12 11:28:19: * D=localhost TTL=(1440) A=[127.0.0.1] Fri 2014-09-12 11:28:19: ---- End IP lookup results Fri 2014-09-12 11:28:19: Performing IP lookup (pedersens.com) Fri 2014-09-12 11:28:19: * D=pedersens.com TTL=(359) A=[64.40.114.18] Fri 2014-09-12 11:28:20: * P=010 S=000 D=pedersens.com TTL=(359) MX=[mail.pedersens.com] Fri 2014-09-12 11:28:20: * P=020 S=001 D=pedersens.com TTL=(359) MX=[pedersens.com] Fri 2014-09-12 11:28:20: * D=pedersens.com TTL=(359) A=[64.40.114.18] Fri 2014-09-12 11:28:20: * D=pedersens.com TTL=(359) A=[64.40.114.18] Fri 2014-09-12 11:28:20: ---- End IP lookup results Fri 2014-09-12 11:28:20: Performing SPF lookup (pedersens.com / 113.184.220.244) Fri 2014-09-12 11:28:22: * Result: none; no SPF record in DNS Fri 2014-09-12 11:28:22: ---- End SPF results Fri 2014-09-12 11:28:22: --> 250 <[email protected]>, Sender ok Fri 2014-09-12 11:28:22: <-- RCPT TO:<[email protected]> Fri 2014-09-12 11:28:22: Performing DNS-BL lookup (113.184.220.244 - connecting IP) Fri 2014-09-12 11:28:22: * bl.spamcop.net - passed Fri 2014-09-12 11:28:23: * zen.spamhaus.org - passed Fri 2014-09-12 11:28:23: ---- End DNS-BL results Fri 2014-09-12 11:28:23: --> 250 <[email protected]>, Recipient ok Fri 2014-09-12 11:28:24: <-- DATA Fri 2014-09-12 11:28:24: Creating temp file (SMTP): c:\mdaemon\queues\temp\md50000156434.tmp Fri 2014-09-12 11:28:24: --> 354 Enter mail, end with <CRLF>.<CRLF> Fri 2014-09-12 11:28:29: Message size: 2762 bytes Fri 2014-09-12 11:28:29: Performing DKIM lookup Fri 2014-09-12 11:28:29: * File: c:\mdaemon\queues\temp\md50000156434.tmp Fri 2014-09-12 11:28:29: * Message-ID: [email protected] Fri 2014-09-12 11:28:29: * Result: neutral Fri 2014-09-12 11:28:29: ---- End DKIM results Fri 2014-09-12 11:28:29: Performing DomainKeys lookup (Sender: [email protected]) Fri 2014-09-12 11:28:29: * File: c:\mdaemon\queues\temp\md50000156434.tmp Fri 2014-09-12 11:28:29: * Message-ID: [email protected] Fri 2014-09-12 11:28:29: * Querying for policy: asmaraindo.co.id Fri 2014-09-12 11:28:29: * Querying: _domainkey.asmaraindo.co.id ... Fri 2014-09-12 11:28:29: * DNS: * Name server reports domain name unknown Fri 2014-09-12 11:28:29: * Result: neutral Fri 2014-09-12 11:28:29: ---- End DomainKeys results Fri 2014-09-12 11:28:29: Passing message through AntiVirus (Size: 2762)... Fri 2014-09-12 11:28:29: * Message is clean (no viruses found) Fri 2014-09-12 11:28:29: ---- End AntiVirus results Fri 2014-09-12 11:28:29: Passing message through Outbreak Protection... Fri 2014-09-12 11:28:29: * Message-ID: <[email protected]> Fri 2014-09-12 11:28:29: * Reference-ID: str=0001.0A150201.54127603.0091,ss=3,re=0.000,fgs=0 Fri 2014-09-12 11:28:29: * Virus result: 0 - Clean Fri 2014-09-12 11:28:29: * Spam result: 3 - Spam (bulk) Fri 2014-09-12 11:28:29: * IWF result: 0 - Clean Fri 2014-09-12 11:28:29: ---- End Outbreak Protection results Fri 2014-09-12 11:28:29: Passing message through Spam Filter (Size: 2762)... Fri 2014-09-12 11:28:30: * 0.0 FSL_HELO_NON_FQDN_1 FSL_HELO_NON_FQDN_1 Fri 2014-09-12 11:28:30: * 0.0 RDNS_LOCALHOST Sender's public rDNS is "localhost" Fri 2014-09-12 11:28:30: * 3.8 HELO_LOCALHOST HELO_LOCALHOST Fri 2014-09-12 11:28:30: * 2.5 MDAEMON_OP_SPAM_HIGH MDaemon: spam/phish Fri 2014-09-12 11:28:30: * 2.0 HTTPS_HTTP_MISMATCH BODY: HTTPS_HTTP_MISMATCH Fri 2014-09-12 11:28:30: * -4.7 BAYES_00 BODY: Bayes spam probability is 0 to 1% Fri 2014-09-12 11:28:30: * [score: 0.0000] Fri 2014-09-12 11:28:30: * 0.0 HTML_MESSAGE BODY: HTML included in message Fri 2014-09-12 11:28:30: ---- End SpamAssassin results Fri 2014-09-12 11:28:30: Spam Filter score/req: 3.60/9.0 Fri 2014-09-12 11:28:30: Message creation successful: c:\mdaemon\queues\inbound\md50011133967.msg Fri 2014-09-12 11:28:30: --> 250 Ok, message saved <Message-ID: <[email protected]>> Fri 2014-09-12 11:28:30: <-- QUIT Fri 2014-09-12 11:28:30: --> 221 See ya in cyberspace Fri 2014-09-12 11:28:30: SMTP session successful (Bytes in/out: 2876/613) Sandi -- --[MDaemon-L]------------------------------------------------ Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. Netiket: http://www.netmeister.org/news/learn2quote Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com Versi terakhir MD 14.0.3, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 3.0.1
