[mdaemon-l] email spam

Anjas Wahyu Nurhayanto Tue, 27 Nov 2018 23:46:08 -0800

selamat sore Pak Syafril,

salah satu user kami menerima email spam dengan log terlampir.
bagaimana cara melakukan block email yang seperti ini?


-- 
Warm Regards,

Anjas

-- 
--[mdaemon-l]----------------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke [email protected]
Henti Langgan: Kirim mail ke [email protected]
Versi terakhir MD 18.5.1, SG 5.5.0

Mon 2018-11-26 22:24:34.164: 01: ----------
Mon 2018-11-26 22:24:40.473: 05: Session 967652; child 0001
Mon 2018-11-26 22:24:40.473: 05: Accepting SMTP connection from 
208.117.55.132:1236 to 10.0.0.1:25
Mon 2018-11-26 22:24:40.477: 03: --> 220 aksball.co.id ESMTP Mon, 26 Nov 2018 
22:24:40 +0700
Mon 2018-11-26 22:24:40.726: 02: <-- EHLO o1.f.az.sendgrid.net
Mon 2018-11-26 22:24:40.727: 03: --> 250-aksball.co.id Hello 
o1.f.az.sendgrid.net [208.117.55.132], pleased to meet you
Mon 2018-11-26 22:24:40.727: 03: --> 250-ETRN
Mon 2018-11-26 22:24:40.727: 03: --> 250-AUTH LOGIN PLAIN
Mon 2018-11-26 22:24:40.727: 03: --> 250-8BITMIME
Mon 2018-11-26 22:24:40.727: 03: --> 250-ENHANCEDSTATUSCODES
Mon 2018-11-26 22:24:40.727: 03: --> 250 SIZE
Mon 2018-11-26 22:24:40.978: 02: <-- MAIL 
FROM:<[email protected]> 
BODY=8BITMIME
Mon 2018-11-26 22:24:40.980: 05: Performing PTR lookup 
(132.55.117.208.IN-ADDR.ARPA)
Mon 2018-11-26 22:24:41.052: 05: *  D=132.55.117.208.IN-ADDR.ARPA TTL=(0) 
PTR=[o1.f.az.sendgrid.net]
Mon 2018-11-26 22:24:41.071: 05: *  D=o1.f.az.sendgrid.net TTL=(0) 
A=[208.117.55.132]
Mon 2018-11-26 22:24:41.071: 05: ---- End PTR results
Mon 2018-11-26 22:24:41.073: 05: Performing IP lookup (o1.f.az.sendgrid.net)
Mon 2018-11-26 22:24:41.073: 05: *  D=o1.f.az.sendgrid.net TTL=(0) 
A=[208.117.55.132]
Mon 2018-11-26 22:24:41.073: 05: ---- End IP lookup results
Mon 2018-11-26 22:24:41.077: 05: Performing IP lookup (em8770.eastparchotel.com)
Mon 2018-11-26 22:24:41.186: 05: *  P=020 S=001 D=u8225129.wl130.sendgrid.net 
TTL=(0) MX=[mx.sendgrid.net] {167.89.118.48}
Mon 2018-11-26 22:24:41.186: 05: ---- End IP lookup results
Mon 2018-11-26 22:24:41.187: 09: Performing SPF lookup (o1.f.az.sendgrid.net / 
208.117.55.132)
Mon 2018-11-26 22:24:41.209: 09: *  Result: none; no SPF record in DNS
Mon 2018-11-26 22:24:41.209: 09: ---- End SPF results
Mon 2018-11-26 22:24:41.209: 09: Performing SPF lookup 
(em8770.eastparchotel.com / 208.117.55.132)
Mon 2018-11-26 22:24:41.232: 09: *  Policy: v=spf1 ip4:208.117.55.132 -all
Mon 2018-11-26 22:24:41.232: 09: *  Evaluating ip4:208.117.55.132: match
Mon 2018-11-26 22:24:41.232: 09: *  Result: pass
Mon 2018-11-26 22:24:41.232: 09: ---- End SPF results
Mon 2018-11-26 22:24:41.232: 03: --> 250 2.1.0 Sender OK
Mon 2018-11-26 22:24:41.482: 02: <-- RCPT TO:<[email protected]>
Mon 2018-11-26 22:24:41.503: 03: --> 250 2.1.5 Recipient OK
Mon 2018-11-26 22:24:41.752: 02: <-- DATA
Mon 2018-11-26 22:24:41.754: 01: Creating temp file (SMTP): 
d:\mdaemon\queues\temp\md50000096689.tmp
Mon 2018-11-26 22:24:41.754: 03: --> 354 Enter mail, end with <CRLF>.<CRLF>
Mon 2018-11-26 22:24:42.020: 01: Message size: 5399 bytes
Mon 2018-11-26 22:24:42.022: 10: Performing DKIM lookup
Mon 2018-11-26 22:24:42.022: 10: *  File: 
d:\mdaemon\queues\temp\md50000096689.tmp
Mon 2018-11-26 22:24:42.022: 10: *  Message-ID: 
<042c745e-43430-0d0e902619919@desktop-rpujc63>
Mon 2018-11-26 22:24:42.056: 10: * DKIM-Signature 1: v=1; a=rsa-sha1; 
c=relaxed/relaxed; d=eastparchotel.com; s=s1; <some tags are not logged>
Mon 2018-11-26 22:24:42.056: 10: *    Verification result: good signature
Mon 2018-11-26 22:24:42.057: 10: *  Result: pass
Mon 2018-11-26 22:24:42.057: 10: ---- End DKIM results
Mon 2018-11-26 22:24:42.061: 19: Performing DMARC processing
Mon 2018-11-26 22:24:42.061: 19: *  File: 
d:\mdaemon\queues\temp\md50000096689.tmp
Mon 2018-11-26 22:24:42.061: 19: *  Message-ID: 
<042c745e-43430-0d0e902619919@desktop-rpujc63>
Mon 2018-11-26 22:24:42.061: 19: *  Author domain: eastparchotel.com
Mon 2018-11-26 22:24:42.061: 19: *  Organizational domain: eastparchotel.com
Mon 2018-11-26 22:24:42.061: 19: *  Query domain: _dmarc.eastparchotel.com
Mon 2018-11-26 22:24:42.086: 19: *    No DMARC policy record found
Mon 2018-11-26 22:24:42.086: 19: *  Action taken: none
Mon 2018-11-26 22:24:42.086: 19: *  Result: none
Mon 2018-11-26 22:24:42.086: 19: ---- End DMARC results
Mon 2018-11-26 22:24:42.090: 06: Passing message through AntiVirus (Size: 
5399)...
Mon 2018-11-26 22:24:42.090: 06: *  Recipient or sender in exclusion list
Mon 2018-11-26 22:24:42.090: 06: ---- End AntiVirus results
Mon 2018-11-26 22:24:42.230: 11: Passing message through Outbreak Protection...
Mon 2018-11-26 22:24:42.230: 11: *  Message-ID: 
<042c745e-43430-0d0e902619919@desktop-rpujc63>
Mon 2018-11-26 22:24:42.230: 11: *  Reference-ID: 
str=0001.0A150203.5BFC1043.0086,ss=3,re=0.000,recu=0.000,reip=0.000,cl=3,cld=1,fgs=0
Mon 2018-11-26 22:24:42.230: 11: *  Virus result: 0 - Clean
Mon 2018-11-26 22:24:42.230: 11: *  Spam result: 3 - Spam (bulk)
Mon 2018-11-26 22:24:42.230: 11: *  IWF result: 0 - Clean
Mon 2018-11-26 22:24:42.230: 11: ---- End Outbreak Protection results
Mon 2018-11-26 22:24:42.234: 07: Passing message through Spam Filter (Size: 
5399)...
Mon 2018-11-26 22:24:42.956: 07: *  2.5 MDAEMON_OP_SPAM_HIGH MDaemon: spam/phish
Mon 2018-11-26 22:24:42.956: 07: *  1.1 MIME_HTML_ONLY BODY: Message only has 
text/html MIME parts
Mon 2018-11-26 22:24:42.956: 07: *  0.0 HTML_IMAGE_ONLY_32 BODY: HTML: images 
with 2800-3200 bytes of words
Mon 2018-11-26 22:24:42.956: 07: *  0.0 HTML_MESSAGE BODY: HTML included in 
message
Mon 2018-11-26 22:24:42.956: 07: *  1.1 URIBL_GREY Contains an URL listed in 
the URIBL greylist
Mon 2018-11-26 22:24:42.956: 07: *      [URIs: sendgrid.net]
Mon 2018-11-26 22:24:42.956: 07: ---- End SpamAssassin results
Mon 2018-11-26 22:24:42.956: 07: Spam Filter score/req: 4.70/12.0
Mon 2018-11-26 22:24:43.211: 01: Message creation successful: 
d:\mdaemon\queues\inbound\md50000142478.msg
Mon 2018-11-26 22:24:43.211: 03: --> 250 2.6.0 Ok, message saved <Message-ID: 
<042c745e-43430-0d0e902619919@desktop-rpujc63>>
Mon 2018-11-26 22:24:43.211: 02: <-- QUIT
Mon 2018-11-26 22:24:43.211: 03: --> 221 2.0.0 See ya in cyberspace
Mon 2018-11-26 22:24:43.215: 01: SMTP session successful (Bytes in/out: 
5563/429)
Mon 2018-11-26 22:24:43.221: 01: ----------

[mdaemon-l] email spam

Kirim email ke