> > Authentication-Results: mail.aio.co.id; > > spf=pass smtp.mailfrom=bounces-51598306- > [email protected]; > > dkim=pass (good signature) header.d=sendinblue.com > header.b=ji10YOiWwx; > > iprev=pass policy.iprev=185.41.28.128 (PTR aa.d.sender-sib.com); > > iprev=pass policy.iprev=185.41.28.128 (HELO aa.d.sender-sib.com); > > iprev=pass policy.iprev=185.41.28.128 (MAIL > > [email protected]) > > > Bisa dicarikan log transaksinya di smtp-in log.
Ini Pak : ========= Fri 2021-07-16 14:03:19.059: 05: [675466] Session 675466; child 0003 Fri 2021-07-16 14:03:19.059: 05: [675466] Accepting SMTP connection from 185.41.28.128:57136 to 192.168.1.19:25 Fri 2021-07-16 14:03:19.060: 03: [675466] --> 220 mail.aio.co.id ESMTP Fri, 16 Jul 2021 14:03:19 +0700 Fri 2021-07-16 14:03:19.381: 02: [675466] <-- EHLO aa.d.sender-sib.com Fri 2021-07-16 14:03:19.382: 03: [675466] --> 250-mail.aio.co.id Hello aa.d.sender-sib.com [185.41.28.128], pleased to meet you Fri 2021-07-16 14:03:19.382: 03: [675466] --> 250-ETRN Fri 2021-07-16 14:03:19.382: 03: [675466] --> 250-AUTH LOGIN CRAM-MD5 PLAIN Fri 2021-07-16 14:03:19.382: 03: [675466] --> 250-8BITMIME Fri 2021-07-16 14:03:19.382: 03: [675466] --> 250-ENHANCEDSTATUSCODES Fri 2021-07-16 14:03:19.382: 03: [675466] --> 250 SIZE 52428800 Fri 2021-07-16 14:03:19.721: 02: [675466] <-- MAIL FROM:<[email protected]> Fri 2021-07-16 14:03:19.722: 05: [675466] Performing PTR lookup (128.28.41.185.IN-ADDR.ARPA) Fri 2021-07-16 14:03:19.744: 05: [675466] * D=128.28.41.185.IN-ADDR.ARPA TTL=(14) PTR=[aa.d.sender-sib.com] Fri 2021-07-16 14:03:20.079: 05: [675466] * D=aa.d.sender-sib.com TTL=(59) A=[185.41.28.128] Fri 2021-07-16 14:03:20.079: 05: [675466] ---- End PTR results Fri 2021-07-16 14:03:20.082: 05: [675466] Performing IP lookup (aa.d.sender-sib.com) Fri 2021-07-16 14:03:20.083: 05: [675466] * D=aa.d.sender-sib.com TTL=(59) A=[185.41.28.128] Fri 2021-07-16 14:03:20.083: 05: [675466] ---- End IP lookup results Fri 2021-07-16 14:03:20.085: 05: [675466] Performing IP lookup (aa.d.sender-sib.com) Fri 2021-07-16 14:03:20.087: 05: [675466] * D=aa.d.sender-sib.com TTL=(59) A=[185.41.28.128] Fri 2021-07-16 14:03:20.087: 05: [675466] ---- End IP lookup results Fri 2021-07-16 14:03:20.090: 09: [675466] Performing SPF lookup (aa.d.sender-sib.com / 185.41.28.128) Fri 2021-07-16 14:03:20.112: 09: [675466] * Policy: v=spf1 include:spf.sendinblue.com mx ~all Fri 2021-07-16 14:03:20.113: 09: [675466] * Evaluating include:spf.sendinblue.com: performing lookup Fri 2021-07-16 14:03:20.133: 09: [675466] * Policy: v=spf1 ip4:185.41.28.0/22 ip4:94.143.16.0/21 ip4:185.24.144.0/22 ip4:153.92.224.0/19 ip4:213.32.128.0/18 ip4:185.107.232.0/22 ip4:77.32.128.0/18 ip4:77.32.192.0/19 ip4:212.146.192.0/18 ip4:172.246.0.0/18 ~all Fri 2021-07-16 14:03:20.133: 09: [675466] * Evaluating ip4:185.41.28.0/22: match Fri 2021-07-16 14:03:20.133: 09: [675466] * Evaluating include:spf.sendinblue.com: match Fri 2021-07-16 14:03:20.133: 09: [675466] * Result: pass Fri 2021-07-16 14:03:20.133: 09: [675466] ---- End SPF results Fri 2021-07-16 14:03:20.133: 03: [675466] --> 250 2.1.0 Sender OK Fri 2021-07-16 14:03:20.455: 02: [675466] <-- RCPT TO:<[email protected]> Fri 2021-07-16 14:03:20.464: 05: [675466] Performing DNS-BL lookup (185.41.28.128 - connecting IP) Fri 2021-07-16 14:03:20.483: 05: [675466] * zen.spamhaus.org - passed Fri 2021-07-16 14:03:20.483: 05: [675466] ---- End DNS-BL results Fri 2021-07-16 14:03:20.488: 03: [675466] --> 250 2.1.5 Recipient OK Fri 2021-07-16 14:03:20.800: 02: [675466] <-- DATA Fri 2021-07-16 14:03:20.802: 01: [675466] Creating temp file (SMTP): c:\mdaemon\temp\md50000101101.tmp Fri 2021-07-16 14:03:20.802: 03: [675466] --> 354 Enter mail, end with <CRLF>.<CRLF> Fri 2021-07-16 14:03:21.117: 01: [675466] Message size: 8403 bytes Fri 2021-07-16 14:03:21.121: 10: [675466] Performing DKIM lookup Fri 2021-07-16 14:03:21.121: 10: [675466] * File: c:\mdaemon\temp\md50000101101.tmp Fri 2021-07-16 14:03:21.121: 10: [675466] * Message-ID: <[email protected]> Fri 2021-07-16 14:03:21.146: 10: [675466] * DKIM-Signature 1: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sendinblue.com; q=dns/txt; s=mail; b h=from:subject:date:mime-version:content-type:list-unsubscribe:x-csa-complaints:list-unsubscribe-post; <some tags are not logged> Fri 2021-07-16 14:03:21.146: 10: [675466] * Verification result: good signature Fri 2021-07-16 14:03:21.147: 10: [675466] * Result: pass Fri 2021-07-16 14:03:21.147: 10: [675466] ---- End DKIM results Fri 2021-07-16 14:03:21.153: 06: [675466] Passing message through AntiVirus (Size: 8403)... Fri 2021-07-16 14:03:21.201: 06: [675466] * Message is clean (no viruses found) scanned by (ClamAV) Fri 2021-07-16 14:03:21.201: 06: [675466] ---- End AntiVirus results Fri 2021-07-16 14:03:21.351: 11: [675466] Passing message through Outbreak Protection... Fri 2021-07-16 14:03:21.351: 11: [675466] * Message-ID: <[email protected]> Fri 2021-07-16 14:03:21.351: 11: [675466] * Reference-ID: str=0001.0A673442.60F12F39.002F:SCGMA2558282,ss=1,re=-4.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0 Fri 2021-07-16 14:03:21.351: 11: [675466] * Virus result: 0 - Clean Fri 2021-07-16 14:03:21.351: 11: [675466] * Spam result: 1 - Clean Fri 2021-07-16 14:03:21.351: 11: [675466] * IWF result: 0 - Clean Fri 2021-07-16 14:03:21.351: 11: [675466] ---- End Outbreak Protection results Fri 2021-07-16 14:03:21.351: 07: [675466] Passing message through Spam Filter (Size: 8403)... Fri 2021-07-16 14:03:21.814: 07: [675466] * 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was Fri 2021-07-16 14:03:21.814: 07: [675466] * blocked. See Fri 2021-07-16 14:03:21.814: 07: [675466] * http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block Fri 2021-07-16 14:03:21.814: 07: [675466] * for more information. Fri 2021-07-16 14:03:21.814: 07: [675466] * [URIs: dmarcanalyzer.com] Fri 2021-07-16 14:03:21.814: 07: [675466] * -4.0 BAYES_00 BODY: Bayes spam probability is 0 to 1% Fri 2021-07-16 14:03:21.814: 07: [675466] * [score: 0.0000] Fri 2021-07-16 14:03:21.814: 07: [675466] * 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level Fri 2021-07-16 14:03:21.814: 07: [675466] * mail domains are different Fri 2021-07-16 14:03:21.814: 07: [675466] * 0.1 HTTPS_HTTP_MISMATCH BODY: No description available. Fri 2021-07-16 14:03:21.814: 07: [675466] * 0.0 HTML_MESSAGE BODY: HTML included in message Fri 2021-07-16 14:03:21.814: 07: [675466] ---- End SpamAssassin results Fri 2021-07-16 14:03:21.814: 07: [675466] Spam Filter score/req: -3.60/12.0 Fri 2021-07-16 14:03:21.816: 01: [675466] Message creation successful: c:\mdaemon\inbound\md50027717694.msg Fri 2021-07-16 14:03:21.816: 03: [675466] --> 250 2.6.0 Ok, message saved <Message-ID: <[email protected]>> Fri 2021-07-16 14:04:52.135: 05: [675466] Connection closed Fri 2021-07-16 14:04:52.135: 01: [675466] SMTP session successful (Bytes in/out: 8540/433) Fri 2021-07-16 14:04:52.136: 01: ---------- ========== Kalau berdasarkan sendernya : [email protected] ketemu di all-log, sbb : Fri 2021-07-16 14:03:22.306: INBOUND message: md50027717694.msg Fri 2021-07-16 14:03:22.306: * From: "Test Doank" <[email protected]> Fri 2021-07-16 14:03:22.306: * To: <[email protected]> Fri 2021-07-16 14:03:22.306: * Subject: Is your brand domain protected by DMARC? Fri 2021-07-16 14:03:22.306: * Message-ID: <[email protected]> Fri 2021-07-16 14:03:22.306: * Size: 10661; c:\mdaemon\localq\md50065585795.msg Fri 2021-07-16 14:03:22.411: ---------- Fri 2021-07-16 14:03:23.599: MDaemon AntiVirus processing c:\mdaemon\localq\md50065585795.msg... Fri 2021-07-16 14:03:23.599: * Message return-path: [email protected] Fri 2021-07-16 14:03:23.599: * Message from: [email protected] Fri 2021-07-16 14:03:23.599: * Message to: [email protected] Fri 2021-07-16 14:03:23.599: * Message subject: Is your brand domain protected by DMARC? Fri 2021-07-16 14:03:23.599: * Message ID: <[email protected]> Fri 2021-07-16 14:03:23.599: Start MDaemon AntiVirus results (ClamAV) Fri 2021-07-16 14:03:23.646: * Total attachments scanned : 3 (including multipart/alternatives and message body) Fri 2021-07-16 14:03:23.646: * Total attachments infected : 0 Fri 2021-07-16 14:03:23.646: * Total attachments disinfected: 0 Fri 2021-07-16 14:03:23.646: * Total errors while scanning : 0 Fri 2021-07-16 14:03:23.646: * Total attachments removed : 0 Fri 2021-07-16 14:03:23.654: End of MDaemon AntiVirus results Fri 2021-07-16 14:03:23.654: ---------- Fri 2021-07-16 14:03:23.654: ---------- Fri 2021-07-16 14:03:23.648: Content Filter processing c:\mdaemon\localq\md50065585795.msg... Fri 2021-07-16 14:03:23.648: * Message return-path: [email protected] Fri 2021-07-16 14:03:23.648: * Message from: [email protected] Fri 2021-07-16 14:03:23.648: * Message to: [email protected] Fri 2021-07-16 14:03:23.648: * Message subject: Is your brand domain protected by DMARC? Fri 2021-07-16 14:03:23.648: * Message ID: <[email protected]> Fri 2021-07-16 14:03:23.648: Start Content Filter results Fri 2021-07-16 14:03:23.655: * Matched 0 of 15 active rules Fri 2021-07-16 14:03:23.655: End of Content Filter results Fri 2021-07-16 14:03:23.655: ---------- Fri 2021-07-16 14:03:25.691: ---------- Fri 2021-07-16 14:03:25.707: LOCAL message: pd50065585795.msg Fri 2021-07-16 14:03:25.707: * From: "Test Doank" <[email protected]> Fri 2021-07-16 14:03:25.707: * To: <[email protected]> Fri 2021-07-16 14:03:25.707: * Subject: Is your brand domain protected by DMARC? Fri 2021-07-16 14:03:25.707: * Message-ID: <[email protected]> Fri 2021-07-16 14:03:25.707: * Size: 10750; c:\mdaemon\users\aio.co.id\sraharjo\md50000356408.msg Fri 2021-07-16 14:03:25.708: ---------- Best Regards, Slamet Raharjo IT Dept. -- --[mdaemon-l]---------------------------------------------------------- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke [email protected] Henti Langgan: Kirim mail ke [email protected] Versi terakhir: MDaemon 21.0.2, SecurityGateway 8.0.1
