On 19/09/16 19:18, Andy Sujoto wrote:
>> Beda prosedur pemasukkan antar keduanya, juga beda cara request
> removalnya.
> Maksudnya server pengirim dikategorikan spammer?
> Dan kenapa untuk IP yang sama,, cuma beda sekitar sejam,
> hasilnya berbeda, dari tadinya pass, jadi failed.

Itu salah DNS resolver yang kasih informasi yang salah.
Baca tambahan komentar saya yang tadi


> IP itu ip apa ya?

Itu IP milik Telkom.net.id, yang bisa jadi ciri bahwa resolvenya salah.

istilah teknis resminya terjadi "DNS hijacking"


|--quote -->
Your DNSBL blocks the whole Internet!

Another problem we have seen is where ISPs "hijack" some DNS replies.
This is done to monetize website traffic. Rather than returning an
NXDOMAIN ("not found") answer for a DNS request that cannot be found
(resolved), a pointer to an advertising page or search page is given.
Many public or "open" resolvers, as well as some secure resolvers on
cloud-based or wide area networks, use NXDOMAIN hijacking. As Spamhaus'
"not listed in our zone" replies are the same as a "webpage not found"
reply, users behind this sort of DNS monetization schemes will always
see an IP address returned rather than the correct NXDOMAIN DNS answer.
If this is the issue, there are three possible ways to resolve it: (1)
instruct your mail server to ignore all response codes that are not in as they come from a "man in the middle" hijacking, not from
us; (2) contact your ISP or DNS provider to see if you can opt out,
otherwise change DNS resolvers; or (3) set up your own DNS resolver
(technically the best).

A second form of DNS hijacking has been seen, where an ISP cuts off DNS
traffic to DNS servers it feels are being queried too often. That may
also return an IP value, which will cause all email to be flagged as
spam. They may even null the value of the DNSBL's name. That can cause
unpredictable results and you will need to contact your ISP.

Tetapi bisa juga terjadi sebaliknya.

|-- quote -->
Your DNSBL blocks nothing at all!

First, check our FAQ answer for "Your DNSBL blocks the whole Internet!"
and make sure you've not made a spelling mistake in your mailserver

Check what DNS resolvers you are using: If you are using a free "open
DNS resolver" service such as the Google Public DNS or large
cloud/outsourced public DNS servers, such as Level3's or Verizon's, to
resolve your DNSBL requests, in most cases you will receive a "not
listed" (NXDOMAIN) reply from Spamhaus' public DNSBL servers. We
recommend using your own DNS servers when doing DNSBL queries to Spamhaus.

Masalahnya spamhaus.org mengenakan kriteria "free and non free".


|--quote -->
Spamhaus DNSBL Usage Terms      

Datafeed Service

        If you are using the Spamhaus DNSBLs (SBL, XBL, PBL, DBL or ZEN) to
filter your mail you need to know whether you qualify for free use or
not. This is especially important in a corporate environment.

Too often staff set their company's mail server to use the Spamhaus
DNSBLs without checking these Usage Terms to see if their company
qualifies for free use. Some weeks or months down the line this then
causes problems when Spamhaus's public servers detect a high query
volume from a particular source and firewall it from the public DNSBL

Free Use is satisfactory for private mail systems with low traffic, but
mail server administrators are responsible for ensuring their servers
remain constantly below the free use limits. Professional Use (known as
the Datafeed Service) provides a completely different and dependable
level of service, using your choice of either

Free Use

Spamhaus serves billions of DNSBL queries to the world every day, free
of charge, from its public DNSBL servers. This free public DNSBL service
is sustained thanks to donations of equipment and bandwidth and is
backed financially by an autonomous commercial service that delivers
Spamhaus data to ISPs, commercial networks and spam filter services. To
qualify for free Spamhaus DNSBL query service, mail server operators
must ensure they meet the criteria for free use.

Use of the Spamhaus DNSBLs via DNS queries to our public DNSBL servers
is free of charge if you meet all three of the following criteria:

1) Your use of the Spamhaus DNSBLs is non-commercial*,
2) Your email traffic is less than 100,000 SMTP connections
    per day, and
3) Your DNSBL query volume is less than 300,000 queries
    per day.

If you do not fit all three of these criteria then please do not use our
public DNSBL servers, instead see 'Professional Use'.

>> - yang pertama, hanya check connecting IP saja, tidak melakukan deep
> header check (seluruh IP flow dicheck).
> Saya belum paham, tolong dijelaskan, harus setting dimana?

baca tautan yang tadi diberikan, baca semua thread s/d baris terbawah.


>> - yang keempat gunakan DNS-BL yang paling tinggi akurasinya, terendah
> kesalahannya dan punya fasilitas removal yang tidak aneh-2x.
> Saran bapak pakai yang mana? Berhubung list tersebut beberapa yang teratas,
> walaupun akurasi tinggi namun inakurasi juga tinggi.


diurutkan berdasar inaccuracy, lalu lihat dikolom accuracy mana yang

Syafril Hermansyah
MDaemon-L Moderators, MDaemon 16.5-64, SP 5.0.1-64
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

Mengalah terhadap orang yang salah adalah dua kali benar
        -- John Petit Senn, 1799-1870

Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 16.5.0, SP 5.0.1, OC 4.0, SG 4.0.1

Kirim email ke