Dear Pak Syafril,
Belakangan ini kami ada menerima seperti email spam / virus yg ingin kami
tanya kan bagaimana cara melakukan blocking nya . berikut kami lampirkan
email header nya. Terima Kasih.
X-MDAV-Processed: mail.dima.co.id, Wed, 16 May 2018 04:39:54 +0700
Authentication-Results: mail.dima.co.id;
spf=neutral [email protected];
dkim=fail (DKIM_SELECTOR_DNS_PERM_FAILURE)
header.d=orientindia.net header.b=U3N68XxLub;
dmarc=none header.from=orientindia.net (no DMARC record);
iprev=pass policy.iprev=113.193.176.213 (PTR
mail.orientindia.net);
iprev=fail policy.iprev=113.193.176.213 reason="does not
match" (HELO otmumhomail01.orient.com);
iprev=fail policy.iprev=113.193.176.213 reason="does not
match" (MAIL [email protected])
Received-SPF: neutral (mail.dima.co.id: 113.193.176.213 is neither permitted
nor denied by domain orientindia.net)
receiver=mail.dima.co.id; client-ip=113.193.176.213;
mechanism=default;
envelope-from="[email protected]";
helo=otmumhomail01.orient.com;
Received: from otmumhomail01.orient.com (mail.orientindia.net
[113.193.176.213])
by mail.dima.co.id with ESMTPS id md50011002654.msg; Wed, 16
May 2018 04:39:54 +0700
X-Spam-Level: ****
X-Spam-Status: No, score=4.70 required=6.0
X-Spam-Report:
* 3.0 MDAEMON_DNSBL MDaemon: marked by MDaemon's DNSBL
* 1.6 BAYES_50 BODY: Bayes spam probability is 40 to 60%
* [score: 0.5000]
* 0.0 T_DKIM_INVALID DKIM-Signature header exists but is
not valid
X-Spam-Processed: mail.dima.co.id, Wed, 16 May 2018 04:39:54 +0700
(processed during SMTP session)
X-MDOP-RefID:
str=0001.0A150205.5AFB52F6.00A3,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld
=1,fgs=0 (_st=1 _vt=0 _iwf=0)
X-MDSPF-Result: neutral (mail.dima.co.id)
X-MDDNSBL-Result: mail.dima.co.id, Wed, 16 May 2018 04:39:54 +0700
bl.csma.biz returned result of 72.52.4.122
X-MDRemoteIP: 113.193.176.213
X-MDHelo: otmumhomail01.orient.com
X-MDArrival-Date: Wed, 16 May 2018 04:39:54 +0700
X-Rcpt-To: [email protected]
X-MDRcpt-To: [email protected]
X-Envelope-From: [email protected]
X-CAV-Result: clean
Received: from otmumhomail01.orient.com (localhost [127.0.0.1])
by otmumhomail01.orient.com (Postfix) with ESMTP id
B8A324254AE7
for <[email protected]>; Wed, 16 May 2018
03:06:45 +0530 (IST)
Authentication-Results: otmumhomail01.orient.com (amavisd-new); dkim=pass
reason="pass (just generated, assumed good)"
header.d=orientindia.net
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=orientindia.net;
h=content-type:content-type:mime-version:subject:subject
:message-id:to:from:from:date:date; s=dkim; t=1526420200; x=
1527284201; bh=ZqhPM4BqIVCKmcmmwflI0WGXTjK8JpE71UFmAmZLC9M=;
b=U
3N68XxLubJR1ye408F2lRlLscR4h+IHKDldnd61yqOj9zwMDb4wU3c0aj2b26zGR
DPpQVsegqYvTHgGDjtSFVLxhdh50d5dSpDtTVWWVHDuNqdMn//wjnh1uXl3i9XLK
NeTVSAmsjhugC3H5w4FDTSOGXW0EPCSxxS/SacnPv4=
X-Virus-Scanned: amavisd-new at otmumhomail01.orient.com
Received: from otmumhomail01.orient.com ([127.0.0.1])
by otmumhomail01.orient.com (otmumhomail01.orient.com
[127.0.0.1]) (amavisd-new, port 10026)
with ESMTP id QYZB_GAqAxN5 for
<[email protected]>;
Wed, 16 May 2018 03:06:40 +0530 (IST)
Received: from 10.0.0.58 (lns_global2.embc.uk.com [92.43.67.254])
by otmumhomail01.orient.com (Postfix) with ESMTPSA id
0E50E4292678
for <[email protected]>; Wed, 16 May 2018
01:44:43 +0530 (IST)
Date: Tue, 15 May 2018 21:14:44 +0000
From: Dimas Rama <[email protected]>
To: [email protected]
Message-ID: <[email protected]>
Subject: Payment Receipt 81997901228
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_001A_A0B89F46.B67F6181"
X-MDRedirect: 1
X-MDRedirect_From: [email protected]
X-Return-Path: <[email protected]>
X-MDaemon-Deliver-To: [email protected] <mailto:[email protected]>
X-MDAV-Processed: mail.dima.co.id, Wed, 23 May 2018 01:19:35 +0700
Authentication-Results: mail.dima.co.id;spf=none
[email protected];dkim=pass (good signature)
header.d=hotelelpolo.com header.b=NxChxdBzd6;dmarc=none
header.from=hotelelpolo.com (no DMARC record);iprev=pass
policy.iprev=50.116.15.239 (PTR li485-239.members.linode.com);iprev=pass
policy.iprev=50.116.15.239 (HELO mailsrv.jclhg.com);iprev=pass
policy.iprev=50.116.15.239 (MAIL [email protected])
Received: from mailsrv.jclhg.com (li485-239.members.linode.com
[50.116.15.239]) by mail.dima.co.id with ESMTPS id md50011044465.msg; Wed,
23 May 2018 01:19:34 +0700
X-Spam-Processed: mail.dima.co.id, Wed, 23 May 2018 01:19:34 +0700(not
processed: message size (204314) exceeds spam filter configured max size of
(102400))
X-MDOP-RefID:
str=0001.0A150205.5B045E95.009A,ss=4,re=0.000,recu=0.000,reip=0.000,vtr=str,
vl=0,cl=4,cld=1,fgs=12 (_st=4 _vt=0 _iwf=0)
X-MDDKIM-Result: unapproved (mail.dima.co.id)
X-MDDNSBL-Result: mail.dima.co.id, Wed, 23 May 2018 01:19:34
+0700bl.csma.biz returned result of 72.52.4.122
X-MDRemoteIP: 50.116.15.239
X-MDHelo: mailsrv.jclhg.com
X-MimeOLE: Produced By Microsoft MimeOLE
X-MDArrival-Date: Wed, 23 May 2018 01:19:34 +0700
X-Rcpt-To: [email protected]
X-MDRcpt-To: [email protected]
X-Envelope-From: [email protected]
X-CAV-Result: clean
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt;
c=relaxed/relaxed;d=hotelelpolo.com; s=default;
h=Content-Type:MIME-Version:Subject:Message-ID:To:From:Date:Sender:Reply-To:
Cc:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Rese
nt-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:Refe
rences:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owne
r:List-Archive;bh=JE3BWwhUFoxb2Ko5zUUnFWksKQQWvyfwFKqiqNw73c0=;
b=NxChxdBzd672Y6KTvl7gDFTVH7FSWqWXy+J5SCCMjq4sgKtHgxNT8aNm3MCIIYArTWOdgyq2Xo
Uswg5Q1GN5mYGR6arm4XpocJb0BmD9a7EhlXWpjGCySaOiG0J0IRpg4gYSfjrvd3fTAb7cTi/cF/
PNagn971eucM/X1icbGGtqMxOAKb3LicZQZM6yVc5BhmTLo4nz0ikre2pHoZQUKfwlFz95pgcK0/
LZvXRmDl0na5+dSszxqRAEOF2CX1h/8HUZJYlU3Hop7bag5RQnb5qkuwu1cybGXxnpL8IeKR9ISH
eDja/fe2EZMzjytrgWR+rKkxOw7X2jbU9h7JzXwA==;
Received: from fixed-187-188-77-151.totalplay.net ([187.188.77.151]:25222
helo=10.0.0.36) by mailsrv.jclhg.com with esmtpsa
(TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.91) (envelope-from
<[email protected]>) id 1fLBpv-0002Gg-H5 for
[email protected]; Tue, 22 May 2018 18:16:39 +0000
Date: Tue, 22 May 2018 13:16:40 -0600
From: "Dimas Rama" <[email protected]>
To: <[email protected]>
Message-ID: <[email protected]>
Subject: Suspicious part has been deleted : ACCOUNT#213606-Dimas Rama
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_167B_01D3F42E.645CE980"
X-AntiAbuse: This header was added to track abuse, please include it with
any abuse report
X-AntiAbuse: Primary Hostname - mailsrv.jclhg.com
X-AntiAbuse: Original Domain - dima.co.id
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - hotelelpolo.com
X-Get-Message-Sender-Via: mailsrv.jclhg.com: authenticated_id:
[email protected]
X-MDRedirect: 1
X-MDRedirect_From: [email protected]
X-Return-Path: <[email protected]>
X-MDaemon-Deliver-To: <[email protected]>
Thank's
Heryanto
--
--[mdaemon-l]----------------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia
Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke [email protected]
Henti Langgan: Kirim mail ke [email protected]
Versi terakhir MD 18.0.1, SG 5.5.0
