2017-09-25 13:49 GMT+07:00 Syafril Hermansyah <syaf...@dutaint.co.id>:

> On 25/09/17 13:38, Sanrio Wylie wrote:
> > saya selalu mandapat email spam
> > dari domain qq.com <http://qq.com>, dengan alamat berbeda-beda dan
> subjek
> > berbeda-beda, mungkin akan mudah jika langsung blok untuk domain qq.com
> > <http://qq.com>, yang jadi permasalahan kadang kami memang ada beberapa
> email
> > yang dikirim dari alamat qq.com <http://qq.com> yang kami butuhkan,
> jadi tidak
> > bisa blok berdasarkan domain qq.com <http://qq.com>
>
>
> Perlihatkan message header dari spam mail tersebut kesini.
>
>
>
> From - Mon Sep 25 07:01:35 2017
> X-Account-Key: account4
> X-UIDL: MD50000165019:MSG:7316:30618885:869367098
> X-Mozilla-Status: 0001
> X-Mozilla-Status2: 00000000
> X-Mozilla-Keys:
> X-MDAV-Result: clean
> X-MDAV-Processed: mail.geosinindo.co.id, Sun, 24 Sep 2017 14:17:38 +0700
> X-Spam-Processed: mail.geosinindo.co.id, Sun, 24 Sep 2017 14:17:38 +0700
> Return-path: <1213606...@qq.com>
> X-Spam-Level: ***
> X-Spam-Status: No, score=3.0 required=5.0 tests=HTML_MESSAGE,
>       HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,RDNS_NONE,TVD_SPACE_RATIO_MINFP,
>       UNPARSEABLE_RELAY,USER_IN_BLACKLIST,USER_IN_WHITELIST_TO shortcircuit=no
>       autolearn=disabled version=3.4.0
> X-Spam-Report:
>       *  100 USER_IN_BLACKLIST From: address is in the blacklist
>       * -100 USER_IN_WHITELIST_TO address is listed in 'whitelist_to'
>       *  0.0 HTML_MESSAGE BODY: HTML included in message
>       *  1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
>       *  0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag
>       *  1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
>       *  0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay 
> lines
>       *  0.0 TVD_SPACE_RATIO_MINFP Space ratio
> X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07)
> Received: from mail.geosinindo.co.id ([163.53.192.59])
>       by mail.geosinindo.co.id ([192.168.0.200])
>       (MDaemon PRO v15.0.1)
>       with MultiPOP id 28-md50000005052.msg for <sia...@geosinindo.co.id>;
>       Sun, 24 Sep 2017 14:17:05 +0700
> X-MDRemoteIP: 163.53.192.59
> X-MDHelo:
> X-MDArrival-Date: Sun, 24 Sep 2017 14:17:05 +0700
> X-MDMultiPOP: sia...@geosinindo.co.id@mail.geosinindo.co.id
> X-Rcpt-To: sia...@geosinindo.co.id
> X-MDRcpt-To: sia...@geosinindo.co.id
> X-Return-Path: 1213606...@qq.com
> X-Envelope-From: 1213606...@qq.com
> X-MDaemon-Deliver-To: adm...@geosinindo.co.id
> Delivered-To: geosinindo.co.id-sia...@geosinindo.co.id
> Received: (qmail 6629 invoked by uid 360); 24 Sep 2017 05:29:38 +0000
> X-HELO: eee.hku.hk
> Authentication-Results: incoming.canopus.idgx.net; auth=none; spf=fail 
> smtp.mailfrom=qq.com; dkim=none; dmarc=fail (p=none) d=qq.com
> Received: from Unknown (HELO eee.hku.hk) (60.175.236.215)
>  by incoming.canopus.idgx.net (qpsmtpd/0.96) with SMTP ; Sun, 24 Sep 2017 
> 05:29:38 +0000
> Received-SPF: fail (qq.com: Sender is not authorized by default to use 
> '1213606...@qq.com' in 'mfrom' identity (mechanism '-all' matched)) 
> receiver=canopus.idgx.net; identity=mailfrom; 
> envelope-from="1213606...@qq.com"; helo=eee.hku.hk; client-ip=60.175.236.215
> Received: from eee.hku.hk (unknown (33.151.125.51])
>        by eee.hku.hk with SMTP id 27bc0544-5970-4ae6-b193-2c01802cd299;
>        for <1213606...@qq.com>;Sun, 24 Sep 2017 13:29:24 +08:00
> Message-ID: <3d65d179293c2d642921a1a511144...@qq.com>
> From: "=?utf-8?B?5p2t5Z2H54G1?=" <1213606...@qq.com>
> To: <sia...@geosinindo.co.id>
> Subject: =?utf-8?B?OWxObU5xTlBoeSAgICAgICAgIOa+s+iPm+awuOWIqTMzMjQ3?=
>       
> =?utf-8?B?OOeCuUMwTemCgOaCqOe0uOWGiuaLv+KRpDjnm4g14pKPMOaPkCzkuJPlkZhRMjA5?=
>       =?utf-8?B?MTU5Mzc45ou/?=
> Date: Sun, 24 Sep 2017 13:29:24 +0800
> MIME-Version: 1.0
> Content-Type: text/html;
>       charset="utf-8"
> Content-Transfer-Encoding: quoted-printable
> Disposition-Notification-To: 1213606...@qq.com
> X-AZmanage-Transaction-ID: e4ddd6c2-f08b-b746-7726-4a4e80239038
> X-POP3-Rcpt: sia...@geosinindo.co.id
> X-AntiVirus: checked (incoming) by Avira MailGuard (Version: 14.0.24.26; 
> AVE:8.3.48.30; VDF:8.14.28.120)
>
>
>
>
>
>

--
--MDaemon-L----------------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 17.0.3, SP 5.1.0, OC 4.5.1, SG 4.5.1

Kirim email ke