[MDaemon-L] Block spam email

Yudis Wed, 25 Mar 2015 02:55:26 -0700

On 3/25/2015 3:40 PM, Syafril Hermansyah wrote:

On 2015-03-25 14:46, Yudis wrote:

Selain itu, untuk benar2 memastikan kita tidak salah memasukkan ke
bagian hostscreening, IP Screening, atau sender blacklist dalam sebuah
log spam email, bisa dilihat/dicek di log tsb dibagian mana ya Pak ?

Di smtp-in log.

Maksud saya dari log dibawah ini, bagaimana kita bisa mengetahui bagianmana dari email spam tsb yang harus kita daftarkan untuk diblok di MD ?


Wed 2015-03-25 07:30:16: Session 103495; child 0001

Wed 2015-03-25 07:30:16: Accepting SMTP connection from[80.86.123.9:57496] to [113.11.130.172:25]Wed 2015-03-25 07:30:16: --> 220 mx.saranainstrument.com ESMTP MDaemon13.6.2; Wed, 25 Mar 2015 07:30:16 +0700

Wed 2015-03-25 07:30:17: <-- EHLO mail.ravmanagement.ro

Wed 2015-03-25 07:30:17: --> 250-mx.saranainstrument.com Hellomail.ravmanagement.ro, pleased to meet you

Wed 2015-03-25 07:30:17: --> 250-ETRN
Wed 2015-03-25 07:30:17: --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Wed 2015-03-25 07:30:17: --> 250-8BITMIME
Wed 2015-03-25 07:30:17: --> 250-STARTTLS
Wed 2015-03-25 07:30:17: --> 250 SIZE 15360000
Wed 2015-03-25 07:30:17: <-- STARTTLS
Wed 2015-03-25 07:30:17: --> 220 Begin TLS negotiation

Wed 2015-03-25 07:30:18: SSL negotiation successful (TLS 1.0, 521 bitkey exchange, 256 bit AES encryption)

Wed 2015-03-25 07:30:18: <-- EHLO mail.ravmanagement.ro

Wed 2015-03-25 07:30:18: --> 250-mx.saranainstrument.com Hellomail.ravmanagement.ro, pleased to meet you

Wed 2015-03-25 07:30:18: --> 250-ETRN
Wed 2015-03-25 07:30:18: --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Wed 2015-03-25 07:30:18: --> 250-8BITMIME
Wed 2015-03-25 07:30:18: --> 250 SIZE 15360000

Wed 2015-03-25 07:30:19: <-- MAIL FROM:<[email protected]>SIZE=497390 BODY=8BITMIME

Wed 2015-03-25 07:30:19: Performing PTR lookup (9.123.86.80.IN-ADDR.ARPA)

Wed 2015-03-25 07:31:19: * DNS: 60 second wait for DNS responseexceeded (DNS Server: 209.244.0.3)Wed 2015-03-25 07:31:19: * D=9.123.86.80.IN-ADDR.ARPA TTL=(342)PTR=[relay1.totaladvertising.ro]

Wed 2015-03-25 07:31:19: *  Gathering A records...

Wed 2015-03-25 07:31:19: * D=relay1.totaladvertising.ro TTL=(30)A=[80.86.123.9]

Wed 2015-03-25 07:31:19: ---- End PTR results
Wed 2015-03-25 07:31:19: Performing IP lookup (mail.ravmanagement.ro)
Wed 2015-03-25 07:31:19: *  D=mail.ravmanagement.ro TTL=(18) A=[80.86.123.9]
Wed 2015-03-25 07:31:19: ---- End IP lookup results
Wed 2015-03-25 07:31:19: Performing IP lookup (outlook.com)
Wed 2015-03-25 07:31:20: *  D=outlook.com TTL=(3) A=[157.56.242.98]
Wed 2015-03-25 07:31:20: *  D=outlook.com TTL=(3) A=[132.245.17.34]
Wed 2015-03-25 07:31:20: *  D=outlook.com TTL=(3) A=[132.245.81.130]
Wed 2015-03-25 07:31:20: *  D=outlook.com TTL=(3) A=[157.56.237.242]
Wed 2015-03-25 07:31:20: *  D=outlook.com TTL=(3) A=[132.245.13.210]
Wed 2015-03-25 07:31:20: *  D=outlook.com TTL=(3) A=[132.245.113.194]
Wed 2015-03-25 07:31:20: *  D=outlook.com TTL=(3) A=[132.245.23.242]
Wed 2015-03-25 07:31:20: *  D=outlook.com TTL=(3) A=[132.245.21.82]
Wed 2015-03-25 07:31:20: *  D=outlook.com TTL=(3) A=[132.245.92.194]

Wed 2015-03-25 07:31:20: * P=010 S=000 D=outlook.com TTL=(1438)MX=[mx3.hotmail.com]Wed 2015-03-25 07:31:20: * P=010 S=001 D=outlook.com TTL=(1438)MX=[mx2.hotmail.com]Wed 2015-03-25 07:31:20: * P=010 S=002 D=outlook.com TTL=(1438)MX=[mx1.hotmail.com]Wed 2015-03-25 07:31:20: * P=010 S=003 D=outlook.com TTL=(1438)MX=[mx4.hotmail.com]

Wed 2015-03-25 07:31:20: *  D=outlook.com TTL=(3) A=[157.56.242.98]
Wed 2015-03-25 07:31:20: *  D=outlook.com TTL=(3) A=[157.56.242.98]
Wed 2015-03-25 07:31:20: *  D=outlook.com TTL=(3) A=[157.56.242.98]
Wed 2015-03-25 07:31:21: *  D=outlook.com TTL=(3) A=[157.56.242.98]
Wed 2015-03-25 07:31:21: ---- End IP lookup results
Wed 2015-03-25 07:31:21: Performing SPF lookup (outlook.com / 80.86.123.9)

Wed 2015-03-25 07:31:21: * Policy: v=spf1 include:spf-a.outlook.cominclude:spf-b.outlook.com ip4:157.55.9.128/25include:spf.protection.outlook.com include:spf-a.hotmail.cominclude:_spf-ssg-b.microsoft.com include:_spf-ssg-c.microsoft.com ~allWed 2015-03-25 07:31:21: * Evaluating include:spf-a.outlook.com:performing lookupWed 2015-03-25 07:31:21: * Policy: v=spf1 ip4:157.56.232.0/21ip4:157.56.240.0/20 ip4:207.46.198.0/25 ip4:207.46.4.128/25ip4:157.56.24.0/25 ip4:157.55.157.128/25 ip4:157.55.61.0/24ip4:157.55.49.0/25 ip4:65.55.174.0/25 ip4:65.55.126.0/25ip4:65.55.113.64/26 ip4:65.55.94.0/25 -

Wed 2015-03-25 07:31:21: *    Evaluating ip4:157.56.232.0/21: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:157.56.240.0/20: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:207.46.198.0/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:207.46.4.128/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:157.56.24.0/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:157.55.157.128/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:157.55.61.0/24: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:157.55.49.0/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:65.55.174.0/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:65.55.126.0/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:65.55.113.64/26: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:65.55.94.0/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating -all: match
Wed 2015-03-25 07:31:21: *  Evaluating include:spf-a.outlook.com: no match

Wed 2015-03-25 07:31:21: * Evaluating include:spf-b.outlook.com:performing lookupWed 2015-03-25 07:31:21: * Policy: v=spf1 ip4:65.55.78.128/25ip4:111.221.112.0/21 ip4:207.46.58.128/25 ip4:111.221.69.128/25ip4:111.221.66.0/25 ip4:111.221.23.128/25 ip4:70.37.151.128/25ip4:157.56.248.0/21 ip4:213.199.177.0/26 ip4:157.55.225.0/25ip4:157.55.11.0/25 -all

Wed 2015-03-25 07:31:21: *    Evaluating ip4:65.55.78.128/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:111.221.112.0/21: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:207.46.58.128/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:111.221.69.128/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:111.221.66.0/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:111.221.23.128/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:70.37.151.128/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:157.56.248.0/21: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:213.199.177.0/26: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:157.55.225.0/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating ip4:157.55.11.0/25: no match
Wed 2015-03-25 07:31:21: *    Evaluating -all: match
Wed 2015-03-25 07:31:21: *  Evaluating include:spf-b.outlook.com: no match
Wed 2015-03-25 07:31:21: *  Evaluating ip4:157.55.9.128/25: no match

Wed 2015-03-25 07:31:21: * Evaluatinginclude:spf.protection.outlook.com: performing lookupWed 2015-03-25 07:31:22: * Policy: v=spf1 ip4:207.46.101.128/26ip4:207.46.108.0/25 ip4:207.46.100.0/24 ip4:207.46.163.0/24ip4:65.55.169.0/24 ip4:157.55.133.0/25 ip4:157.56.110.0/23ip4:157.55.234.0/24 ip4:213.199.154.0/24 ip4:213.199.180.0/24include:spfa.protection.outlook.c

Wed 2015-03-25 07:31:22: *    Evaluating ip4:207.46.101.128/26: no match
Wed 2015-03-25 07:31:22: *    Evaluating ip4:207.46.108.0/25: no match
Wed 2015-03-25 07:31:22: *    Evaluating ip4:207.46.100.0/24: no match
Wed 2015-03-25 07:31:22: *    Evaluating ip4:207.46.163.0/24: no match
Wed 2015-03-25 07:31:22: *    Evaluating ip4:65.55.169.0/24: no match
Wed 2015-03-25 07:31:22: *    Evaluating ip4:157.55.133.0/25: no match
Wed 2015-03-25 07:31:22: *    Evaluating ip4:157.56.110.0/23: no match
Wed 2015-03-25 07:31:22: *    Evaluating ip4:157.55.234.0/24: no match
Wed 2015-03-25 07:31:22: *    Evaluating ip4:213.199.154.0/24: no match
Wed 2015-03-25 07:31:22: *    Evaluating ip4:213.199.180.0/24: no match

Wed 2015-03-25 07:31:22: * Evaluatinginclude:spfa.protection.outlook.com: performing lookupWed 2015-03-25 07:31:22: * Policy: v=spf1 ip4:157.56.120.0/25ip4:157.56.116.0/25 ip4:157.56.112.0/24 ip4:134.170.140.0/24ip4:134.170.132.0/24 ip4:207.46.51.64/26 ip4:157.55.158.0/23ip4:157.56.87.192/26 ip4:64.4.22.64/26include:spfb.protection.outlook.com -all

Wed 2015-03-25 07:31:22: *      Evaluating ip4:157.56.120.0/25: no match
Wed 2015-03-25 07:31:22: *      Evaluating ip4:157.56.116.0/25: no match
Wed 2015-03-25 07:31:22: *      Evaluating ip4:157.56.112.0/24: no match
Wed 2015-03-25 07:31:22: *      Evaluating ip4:134.170.140.0/24: no match
Wed 2015-03-25 07:31:22: *      Evaluating ip4:134.170.132.0/24: no match
Wed 2015-03-25 07:31:22: *      Evaluating ip4:207.46.51.64/26: no match
Wed 2015-03-25 07:31:22: *      Evaluating ip4:157.55.158.0/23: no match
Wed 2015-03-25 07:31:22: *      Evaluating ip4:157.56.87.192/26: no match
Wed 2015-03-25 07:31:22: *      Evaluating ip4:64.4.22.64/26: no match

Wed 2015-03-25 07:31:22: * Evaluatinginclude:spfb.protection.outlook.com: performing lookupWed 2015-03-25 07:31:22: * Policy: v=spf1 ip6:2a01:111:f400::/48ip4:23.103.132.0/20 ip4:23.103.198.0/23 ip4:65.55.88.0/24ip4:23.130.156.0/22 ip4:104.47.0.0/17 ip4:23.103.200.0/21ip4:23.103.208.0/21 ip4:23.103.144.0/19 ip4:23.103.191.0/24ip4:216.32.181.0/24 -allWed 2015-03-25 07:31:22: * Evaluating ip6:2a01:111:f400::/48:unknown mechanismWed 2015-03-25 07:31:22: * Evaluatinginclude:spfb.protection.outlook.com:Wed 2015-03-25 07:31:22: * Evaluatinginclude:spfa.protection.outlook.com: no matchWed 2015-03-25 07:31:22: * Evaluatinginclude:spf.protection.outlook.com: no match

Wed 2015-03-25 07:31:22: *  Result: neutral
Wed 2015-03-25 07:31:22: ---- End SPF results
Wed 2015-03-25 07:31:22: --> 250 <[email protected]>, Sender ok
Wed 2015-03-25 07:31:22: <-- RCPT TO:<[email protected]>
Wed 2015-03-25 07:31:22: --> 250 <[email protected]>, Recipient ok
Wed 2015-03-25 07:31:23: <-- DATA

Wed 2015-03-25 07:31:23: Creating temp file (SMTP):d:\mdaemon\queues\temp\md50000000184.tmp

Wed 2015-03-25 07:31:23: --> 354 Enter mail, end with <CRLF>.<CRLF>
Wed 2015-03-25 07:31:26: Message size: 497390 bytes
Wed 2015-03-25 07:31:26: Performing DKIM lookup
Wed 2015-03-25 07:31:26: *  File: d:\mdaemon\queues\temp\md50000000184.tmp

Wed 2015-03-25 07:31:26: * Message-ID:[email protected]

Wed 2015-03-25 07:31:26: *  Result: neutral
Wed 2015-03-25 07:31:26: ---- End DKIM results

Wed 2015-03-25 07:31:26: Performing DomainKeys lookup (Sender:[email protected])

Wed 2015-03-25 07:31:26: *  File: d:\mdaemon\queues\temp\md50000000184.tmp

Wed 2015-03-25 07:31:26: * Message-ID:[email protected]

Wed 2015-03-25 07:31:26: *  Querying for policy: outlook.com
Wed 2015-03-25 07:31:26: *    Querying: _domainkey.outlook.com ...

Wed 2015-03-25 07:31:27: * DNS: * Name server reports domain nameunknown

Wed 2015-03-25 07:31:27: *  Result: neutral
Wed 2015-03-25 07:31:27: ---- End DomainKeys results
Wed 2015-03-25 07:31:27: Passing message through AntiVirus (Size: 497390)...
Wed 2015-03-25 07:31:27: *  Message is clean (no viruses found)
Wed 2015-03-25 07:31:27: ---- End AntiVirus results

Wed 2015-03-25 07:31:27: Spam filter scan skipped; message size (497390)exceeds spam filter configured max size of (262144)Wed 2015-03-25 07:31:28: Message creation successful:d:\mdaemon\queues\inbound\md50000034006.msgWed 2015-03-25 07:31:28: --> 250 Ok, message saved <Message-ID:<[email protected]>>

Wed 2015-03-25 07:31:28: <-- QUIT
Wed 2015-03-25 07:31:28: --> 221 See ya in cyberspace
Wed 2015-03-25 07:31:28: SMTP session successful (Bytes in/out: 502803/2119)

Regards,
*Yudis*
*IT Officer*
+62-21-5347855
Ext.321


--
--[MDaemon-L]------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: http://www.netmeister.org/news/learn2quote
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 15.0, SP 4.5, BES 2.0.2, OC 3.0, SG 3.0.2

[MDaemon-L] Block spam email

Kirim email ke