[Mdaemon-L] email terkadang tidak masuk

[Syafril Hermansyah via Mdaemon-L]

On 29/07/21 16.42, ir...@mandau.id wrote:
Kalau semua recipient ini tidak melihatnya di inbox folder dan mereka
pakai POP3 client maka saya perlu lihat POP3 lognya atau Anda bisa cari
sendiri di POP3 log dengan katakunci pencarian "md50000000695.msg
" (nama file yang tersimpan di user mailbox folder)

Saya cek di worldclient juga tidak ada pak emailnya di user yang tidak menerima 
email tersebut


Checknya ke POP3 log.
Disitu akan diketahui IP mana yang sudah mengunduh message tersebut dan 
apakah melalukan penghapusan (DELETE) terhadap file *.msg tersebut.
Kirimkan POP3 log 2021-07-22 ke supp...@dutaint.co.id kalau kesulitan 
melakukan check log sendiri.

Saya dapat info dari pengirim bahwa pesan error yang mereka terima seperti 
berikut:

<da...@mandau.id>: host mail.mandau.id[117.102.89.155] said: 501 Domain must
    resolve (in reply to MAIL FROM command)


Memang ada koneksi dari sender host itu yang ditolak, karena dikirim 
melalui server yang identitas IP nya tidak terdaftar.
Mungkin mail hosternya (trendmicro.com) baru menambahkan IP/server 
tetapi terlupa mendaftarkan di Reverse DNS zone.
Dengan adanya notification to original sender bahwa delivery failure 
menunjukkan bahwa mail hosternya (trendmicro.com) mengikuti kaidah 
internet mail dengan baik, yang jika dilaporkan ke mail hoseernya akan 
menjadi masukkan untuk perbaikkan.

Tetapi di tanggal 2021-07-26, saat saya check, sudah ditambahkan 
sehingga tidak saya daftarkan di

http://ftp.dutaint.com/altn-mdaemon/miscl/ReverseXcpt.dat

Dan itu bukti bahwa mail hosternya memonitor DSN of failure (atau 
menerima laporan dari clientnya) dan melakukan tindakkan perbaikkan.


dan info dari pihak Three MX mereka berubah menjadi:

mx : three.in.tmes.trendmicro.com
IP address : 18.208.22.77

Dengan IP MTA:
18.208.22.128 - 18.208.22.143
18.208.22.183
18.208.22.184
18.208.22.187
18.208.22.188


MX host adalah server yang digunakan untuk terima mail, yang tidak 
selalu digunakan untuk kirim mail.

IP tersebut sudah saya masukkan ke Trusted Host pak

Jangan pernah memasukkan Sender IP atau sender host kedalam trusted IP 
atau trusted host, karena trusted itu artinya membolehkan sender IP/host 
untuk kirim mail (relay) melalui server  mail.mandau.id tanpa perlu 
authentication;  sangat riskan (vulnerable) server mail.mandau.id masuk 
dalam DNSBlacklist atau punya Bad IP Reputation.
Server tmes.trendmicro.com digunakan oleh banyak domain, tidak dedicated 
untuk domain @three.co.id

Dalam hal sender server gagal dari legalitas check maka masukkan kedalam 
reverselook whitelist (di MDaemon lama hanya ada 1 macam whitelist itu 
saja).

http://mdaemon.dutaint.co.id/mdaemon/21.0.1/security--reverse_lookup.html

Dari smtp-in tanggal 2021-07-22 ada 190 koneksi server 
*.tmes.trendmicro.com, 153 diantaranya dari server 
repost01.tmes.trendmicro.com.
Dari 153 koneksi repost01.tmes.trendmicro.com, 33 (21,57%) ditolak 
dengan error "501 Domain must resolve" yang artinya server 
mail.mandau.id tidak bisa resolve host/A record 
repost01.tmes.trendmicro.com.

Awalnya saya menduga masalahnya ada di mail hoster trendmicro.com yang 
lupa membuatkan Host record yang sesuai dengan IP identity (PTR record), 
lihat diatas.
Tetapi setelah investigasi/analisis lebih jauh, masalahnya ada di DNS 
query yang dilakukan mail.mandau.id.

DNS A record (host record) yang dimiliki server 
repost01.tmes.trendmicro.com ada 36, tetapi mail.mandau.id setiap kali 
hanya bisa resolve 29.
Dan karena A record itu urutannya selalu berubah (round robin) maka mail 
dari IP tertentu terkadang ditolak tetapi saat lain diterima.

Analisis lebih lanjut, sumber masalahnya bukan di DNS resolver tetapi 
dari Operating System yang digunakan mail.mandau.id, disamping versi 
MDaemon yang digunakan.
Operating System windows lama (dibawah Win7 untuk Workstation atau 
dibawah Windows2008R2 untuk server) belum mendukung DNS over TCP, 
sehingga terbatas dalam terima data DNS (hasil query) yang besar (DNS 
query over UDP punya limit 512 byte).
MDaemon dibawah versi 19.0.3 belum mendukung DNS over TCP, walau sudah 
mendukung DNS over UDP sampai dengan 1024 byte (OS dibawah W2K8R2 perlu 
tuning agar mendukung DNS over UDP more than 512 byte).

https://www.mail-archive.com/mdaemon-l@dutaint.com/msg44983.html

Singkatnya, saran saya berikutnya adalah upgrade atau ganti Operating 
System yang digunakan MDaemon ke W7Pro atau W2K82; atau lebih bagus 
pakai W10Pro atau W10Workstation.
W10 bisa pakai License Key dari W7Pro atau W8.x Pro, akan langsung jalan 
saat diaktivasi.
Kalau tidak punya license W7/W8.x yang ngganggur, bisa beli branded 
versi lama yang dijual di toko online dengan harga yang bersahabat.

Mendapatkan W7Pro license tidak harus terburu-buru, karena bisa pakai 
demo/trial key W10Pro yang lamanya 180 hari.
Dimasa pandemi/pangebluk Covid-19 saat ini, Microsoft mengijinkan untuk 
perpanjang (extend) trial key W10Pro sampai dengan 6 kali, asalkan 
request to extend dilakukan paling lambat 10 hari sebelum tanggal expired.
Katakanlah sebagai tindakan pengaman request to extend trial key 
dilakukan pada hari ke 150 (5 bulan), maka kita bisa pakai W10Pro trial 
selama 5x150 hari (750 hari = 25 bulan = 2 tahun 1 bulan).

W10Pro/W10Wst butuh perangkat keras dengan CPU-64 bit single atau dual 
core (W10WST mendukung 4 core) dan RAM 12 GB (atau lebih).
Jika tidak/belum punya perangkat keras yang mendukung saat ini maka bisa 
sewa dulu ke cloud hosting, biasanya sewa itu boleh kelipatan 3 bulan 
kalau tanpa OS (jika sewa dengan paket OS perlu minimal 1 tahun).


Thu 2021-07-22 11:12:35: ----------
Thu 2021-07-22 11:12:35: Session 371443; child 0001
Thu 2021-07-22 11:12:35: Accepting SMTP connection from [18.208.22.143:60563] 
to [117.102.89.155:25]
Thu 2021-07-22 11:12:35: --> 220 mail.mandau.id ESMTP MDaemon 14.0.0; Thu, 22 
Jul 2021 11:12:35 +0700
Thu 2021-07-22 11:12:35: <-- EHLO repost01.tmes.trendmicro.com
Thu 2021-07-22 11:12:35: --> 250-mail.mandau.id Hello 
repost01.tmes.trendmicro.com, pleased to meet you
Thu 2021-07-22 11:12:35: --> 250-ETRN
Thu 2021-07-22 11:12:35: --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Thu 2021-07-22 11:12:35: --> 250-8BITMIME
Thu 2021-07-22 11:12:35: --> 250 SIZE
Thu 2021-07-22 11:12:35: <-- MAIL FROM:<norman...@three.co.id> SIZE=69821
Thu 2021-07-22 11:12:35: Performing PTR lookup (143.22.208.18.IN-ADDR.ARPA)
Thu 2021-07-22 11:12:35: *  D=143.22.208.18.IN-ADDR.ARPA TTL=(5) 
PTR=[repost01.tmes.trendmicro.com]
Thu 2021-07-22 11:12:35: *  Gathering A records...
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.133]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.190]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.153]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.137]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.146]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.134]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.145]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.142]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.192]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.148]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.151]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.139]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.144]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.152]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.138]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.191]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.193]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.128]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.132]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.154]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.135]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.150]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.158]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.129]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.147]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.149]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.159]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.157]
Thu 2021-07-22 11:12:35: *  D=repost01.tmes.trendmicro.com TTL=(0) 
A=[18.208.22.155]
Thu 2021-07-22 11:12:35: *  MDaemon configured to drop connection on PTR record 
miss-match
Thu 2021-07-22 11:12:35: ---- End PTR results
Thu 2021-07-22 11:12:35: --> 501 Domain must resolve
Thu 2021-07-22 11:12:35: SMTP session terminated (Bytes in/out: 81/240)
Thu 2021-07-22 11:12:35: ----------


$ host 18.208.22.143 1.1.1.1
Using domain server:
Name: 1.1.1.1
Address: 1.1.1.1#53
Aliases:

143.22.208.18.in-addr.arpa domain name pointer repost01.tmes.trendmicro.com.

$ telnet three.in.tmes.trendmicro.com 25
Trying 18.208.22.79...
Connected to three.in.tmes.trendmicro.com.
Escape character is '^]'.
220 inpre01.tmes.trendmicro.com ESMTP Trend Micro Email Security


$ host repost01.tmes.trendmicro.com 1.1.1.1
Using domain server:
Name: 1.1.1.1
Address: 1.1.1.1#53
Aliases: 

repost01.tmes.trendmicro.com has address 18.208.22.159
repost01.tmes.trendmicro.com has address 18.208.22.143
repost01.tmes.trendmicro.com has address 18.208.22.132
repost01.tmes.trendmicro.com has address 18.208.22.157
repost01.tmes.trendmicro.com has address 18.208.22.151
repost01.tmes.trendmicro.com has address 18.208.22.191
repost01.tmes.trendmicro.com has address 18.208.22.147
repost01.tmes.trendmicro.com has address 18.208.22.136
repost01.tmes.trendmicro.com has address 18.208.22.190
repost01.tmes.trendmicro.com has address 18.208.22.134
repost01.tmes.trendmicro.com has address 18.208.22.155
repost01.tmes.trendmicro.com has address 18.208.22.130
repost01.tmes.trendmicro.com has address 18.208.22.145
repost01.tmes.trendmicro.com has address 18.208.22.192
repost01.tmes.trendmicro.com has address 18.208.22.144
repost01.tmes.trendmicro.com has address 18.208.22.135
repost01.tmes.trendmicro.com has address 18.208.22.158
repost01.tmes.trendmicro.com has address 18.208.22.193
repost01.tmes.trendmicro.com has address 18.208.22.128
repost01.tmes.trendmicro.com has address 18.208.22.140
repost01.tmes.trendmicro.com has address 18.208.22.139
repost01.tmes.trendmicro.com has address 18.208.22.129
repost01.tmes.trendmicro.com has address 18.208.22.137
repost01.tmes.trendmicro.com has address 18.208.22.156
repost01.tmes.trendmicro.com has address 18.208.22.131
repost01.tmes.trendmicro.com has address 18.208.22.133
repost01.tmes.trendmicro.com has address 18.208.22.149
repost01.tmes.trendmicro.com has address 18.208.22.142
repost01.tmes.trendmicro.com has address 18.208.22.146
repost01.tmes.trendmicro.com has address 18.208.22.148
repost01.tmes.trendmicro.com has address 18.208.22.138
repost01.tmes.trendmicro.com has address 18.208.22.153
repost01.tmes.trendmicro.com has address 18.208.22.152
repost01.tmes.trendmicro.com has address 18.208.22.154
repost01.tmes.trendmicro.com has address 18.208.22.141
repost01.tmes.trendmicro.com has address 18.208.22.150



Thu 2021-07-22 00:06:38: Accepting SMTP connection from [18.208.22.142:60251] 
to [117.102.89.155:25]
Thu 2021-07-22 00:06:38: Accepting SMTP connection from [18.208.22.140:33467] 
to [117.102.89.155:25]
Thu 2021-07-22 05:24:24: Accepting SMTP connection from [18.208.22.132:59177] 
to [117.102.89.155:25]
Thu 2021-07-22 09:14:24: Accepting SMTP connection from [18.208.22.129:50603] 
to [117.102.89.155:25]
Thu 2021-07-22 09:14:24: Accepting SMTP connection from [18.208.22.130:53015] 
to [117.102.89.155:25]
Thu 2021-07-22 09:14:24: Accepting SMTP connection from [18.208.22.129:50603] 
to [117.102.89.155:25]
Thu 2021-07-22 09:36:22: Accepting SMTP connection from [18.208.22.136:59457] 
to [117.102.89.155:25]
Thu 2021-07-22 09:36:30: Accepting SMTP connection from [18.208.22.133:60899] 
to [117.102.89.155:25]
Thu 2021-07-22 09:36:30: Accepting SMTP connection from [18.208.22.132:39833] 
to [117.102.89.155:25]
Thu 2021-07-22 09:36:35: Accepting SMTP connection from [18.208.22.134:43175] 
to [117.102.89.155:25]
Thu 2021-07-22 09:36:42: Accepting SMTP connection from [18.208.22.141:59115] 
to [117.102.89.155:25]
Thu 2021-07-22 09:47:55: Accepting SMTP connection from [18.208.22.133:37127] 
to [117.102.89.155:25]
Thu 2021-07-22 10:32:49: Accepting SMTP connection from [18.208.22.130:60775] 
to [117.102.89.155:25]
Thu 2021-07-22 10:45:13: Accepting SMTP connection from [18.208.22.143:37131] 
to [117.102.89.155:25]
Thu 2021-07-22 10:45:16: Accepting SMTP connection from [18.208.22.142:56425] 
to [117.102.89.155:25]
Thu 2021-07-22 10:47:54: Accepting SMTP connection from [18.208.22.131:50207] 
to [117.102.89.155:25]
Thu 2021-07-22 10:47:55: Accepting SMTP connection from [18.208.22.133:43399] 
to [117.102.89.155:25]
Thu 2021-07-22 11:12:34: Accepting SMTP connection from [18.208.22.128:52007] 
to [117.102.89.155:25]
Thu 2021-07-22 11:12:35: Accepting SMTP connection from [18.208.22.143:60563] 
to [117.102.89.155:25]
Thu 2021-07-22 11:46:06: Accepting SMTP connection from [18.208.22.141:52213] 
to [117.102.89.155:25]
Thu 2021-07-22 12:29:15: Accepting SMTP connection from [18.208.22.132:36931] 
to [117.102.89.155:25]
Thu 2021-07-22 13:44:25: Accepting SMTP connection from [18.208.22.131:36559] 
to [117.102.89.155:25]
Thu 2021-07-22 14:35:52: Accepting SMTP connection from [18.208.22.134:39657] 
to [117.102.89.155:25]
Thu 2021-07-22 14:46:23: Accepting SMTP connection from [18.208.22.131:55767] 
to [117.102.89.155:25]
Thu 2021-07-22 14:55:45: Accepting SMTP connection from [18.208.22.132:50227] 
to [117.102.89.155:25]
Thu 2021-07-22 15:50:46: Accepting SMTP connection from [18.208.22.141:45501] 
to [117.102.89.155:25]
Thu 2021-07-22 16:02:35: Accepting SMTP connection from [18.208.22.129:35271] 
to [117.102.89.155:25]
Thu 2021-07-22 16:07:15: Accepting SMTP connection from [18.208.22.130:46945] 
to [117.102.89.155:25]
Thu 2021-07-22 17:39:56: Accepting SMTP connection from [18.208.22.131:58641] 
to [117.102.89.155:25]
Thu 2021-07-22 18:26:55: Accepting SMTP connection from [18.208.22.131:54599] 
to [117.102.89.155:25]
Thu 2021-07-22 18:29:54: Accepting SMTP connection from [18.208.22.128:34875] 
to [117.102.89.155:25]
Thu 2021-07-22 19:18:00: Accepting SMTP connection from [18.208.22.137:51643] 
to [117.102.89.155:25]
Thu 2021-07-22 20:54:22: Accepting SMTP connection from [18.208.22.133:38967] 
to [117.102.89.155:25]




--
syafril
--------
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 21.0.3-64 bit Beta A
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

If your actions inspire others to dream more, learn more, do more and 
become more, you are a leader.
        --- John Quincy Adams



--
--[mdaemon-l]----------------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 21.0.2, SecurityGateway 8.0.1