On 19/09/16 19:18, Andy Sujoto wrote: >> Beda prosedur pemasukkan antar keduanya, juga beda cara request > removalnya. > Maksudnya server pengirim dikategorikan spammer? > Dan kenapa untuk IP yang sama, 203.125.80.26, cuma beda sekitar sejam, > hasilnya berbeda, dari tadinya pass, jadi failed.
Itu salah DNS resolver yang kasih informasi yang salah. Baca tambahan komentar saya yang tadi http://www.mail-archive.com/mdaemon-l@dutaint.com/msg40159.html > IP 36.86.63.180 itu ip apa ya? Itu IP milik Telkom.net.id, yang bisa jadi ciri bahwa resolvenya salah. istilah teknis resminya terjadi "DNS hijacking" https://www.spamhaus.org/faq/section/DNSBL%20Usage#202 |--quote --> Your DNSBL blocks the whole Internet! Another problem we have seen is where ISPs "hijack" some DNS replies. This is done to monetize website traffic. Rather than returning an NXDOMAIN ("not found") answer for a DNS request that cannot be found (resolved), a pointer to an advertising page or search page is given. Many public or "open" resolvers, as well as some secure resolvers on cloud-based or wide area networks, use NXDOMAIN hijacking. As Spamhaus' "not listed in our zone" replies are the same as a "webpage not found" reply, users behind this sort of DNS monetization schemes will always see an IP address returned rather than the correct NXDOMAIN DNS answer. If this is the issue, there are three possible ways to resolve it: (1) instruct your mail server to ignore all response codes that are not in 127.0.0.0/8 as they come from a "man in the middle" hijacking, not from us; (2) contact your ISP or DNS provider to see if you can opt out, otherwise change DNS resolvers; or (3) set up your own DNS resolver (technically the best). A second form of DNS hijacking has been seen, where an ISP cuts off DNS traffic to DNS servers it feels are being queried too often. That may also return an IP value, which will cause all email to be flagged as spam. They may even null the value of the DNSBL's name. That can cause unpredictable results and you will need to contact your ISP. <--| Tetapi bisa juga terjadi sebaliknya. |-- quote --> Your DNSBL blocks nothing at all! First, check our FAQ answer for "Your DNSBL blocks the whole Internet!" and make sure you've not made a spelling mistake in your mailserver configuration. Check what DNS resolvers you are using: If you are using a free "open DNS resolver" service such as the Google Public DNS or large cloud/outsourced public DNS servers, such as Level3's or Verizon's, to resolve your DNSBL requests, in most cases you will receive a "not listed" (NXDOMAIN) reply from Spamhaus' public DNSBL servers. We recommend using your own DNS servers when doing DNSBL queries to Spamhaus. <--| Masalahnya spamhaus.org mengenakan kriteria "free and non free". https://www.spamhaus.org/organization/dnsblusage/ |--quote --> Spamhaus DNSBL Usage Terms Datafeed Service If you are using the Spamhaus DNSBLs (SBL, XBL, PBL, DBL or ZEN) to filter your mail you need to know whether you qualify for free use or not. This is especially important in a corporate environment. Too often staff set their company's mail server to use the Spamhaus DNSBLs without checking these Usage Terms to see if their company qualifies for free use. Some weeks or months down the line this then causes problems when Spamhaus's public servers detect a high query volume from a particular source and firewall it from the public DNSBL network. Free Use is satisfactory for private mail systems with low traffic, but mail server administrators are responsible for ensuring their servers remain constantly below the free use limits. Professional Use (known as the Datafeed Service) provides a completely different and dependable level of service, using your choice of either Free Use Spamhaus serves billions of DNSBL queries to the world every day, free of charge, from its public DNSBL servers. This free public DNSBL service is sustained thanks to donations of equipment and bandwidth and is backed financially by an autonomous commercial service that delivers Spamhaus data to ISPs, commercial networks and spam filter services. To qualify for free Spamhaus DNSBL query service, mail server operators must ensure they meet the criteria for free use. Use of the Spamhaus DNSBLs via DNS queries to our public DNSBL servers is free of charge if you meet all three of the following criteria: 1) Your use of the Spamhaus DNSBLs is non-commercial*, and 2) Your email traffic is less than 100,000 SMTP connections per day, and 3) Your DNSBL query volume is less than 300,000 queries per day. If you do not fit all three of these criteria then please do not use our public DNSBL servers, instead see 'Professional Use'. <--| >> - yang pertama, hanya check connecting IP saja, tidak melakukan deep > header check (seluruh IP flow dicheck). > Saya belum paham, tolong dijelaskan, harus setting dimana? baca tautan yang tadi diberikan, baca semua thread s/d baris terbawah. http://www.mail-archive.com/mdaemon-l@dutaint.com/msg20483.html http://www.mail-archive.com/mdaemon-l@dutaint.com/msg20484.html http://www.mail-archive.com/mdaemon-l@dutaint.com/msg20485.html http://www.mail-archive.com/mdaemon-l@dutaint.com/msg20486.html >> - yang keempat gunakan DNS-BL yang paling tinggi akurasinya, terendah > kesalahannya dan punya fasilitas removal yang tidak aneh-2x. > Saran bapak pakai yang mana? Berhubung list tersebut beberapa yang teratas, > walaupun akurasi tinggi namun inakurasi juga tinggi. http://www.intra2net.com/en/support/antispam/index.php_sort=inaccuracy_order=asc.html diurutkan berdasar inaccuracy, lalu lihat dikolom accuracy mana yang tertinggi. -- syafril ------- Syafril Hermansyah MDaemon-L Moderators, MDaemon 16.5-64, SP 5.0.1-64 Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. Mengalah terhadap orang yang salah adalah dua kali benar -- John Petit Senn, 1799-1870 -- --MDaemon-L---------------------------------------------------------- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com Versi terakhir MD 16.5.0, SP 5.0.1, OC 4.0, SG 4.0.1
