On 1/15/24 13:05, mauritz devis wrote:
mohon pencerahannya perihal email yg tidak dapat dikirim melalui port 25.
-berikut error log yg muncul:
Mon 2024-01-15 12:40:52.088: ----------
Mon 2024-01-15 12:42:01.140: [00339157] Session 00339157; child 0002
Mon 2024-01-15 12:42:01.140: [00339157] Accepting SMTP connection from
117.53.144.16:34515 to 103.4.165.123:25
Mon 2024-01-15 12:42:01.140: [00339157] Location Screen says connection is from
Indonesia, Asia
Mon 2024-01-15 12:42:01.140: [00339157] --> 220 mail.musica-studios.co.id ESMTP
MDaemon 23.5.1; Mon, 15 Jan 2024 12:42:01 +0700
Mon 2024-01-15 12:42:01.142: [00339157] <-- EHLO server.musica.id
Mon 2024-01-15 12:42:01.142: [00339157] Performing SPF lookup (server.musica.id
/ 117.53.144.16)
Mon 2024-01-15 12:42:01.247: [00339157] * Result: none; no SPF record in DNS
Mon 2024-01-15 12:42:01.247: [00339157] ---- End SPF results
Mon 2024-01-15 12:42:01.247: [00339157] Performing IP lookup (server.musica.id)
Mon 2024-01-15 12:42:01.251: [00339157] * DNS server reports domain name
unknown
Mon 2024-01-15 12:42:01.251: [00339157] ---- End IP lookup results
Mon 2024-01-15 12:42:01.251: [00339157] --> 501 5.7.0 server.musica.id host
can't be resolved
Mon 2024-01-15 12:42:01.252: [00339157] SMTP session terminated (Bytes in/out:
23/136)
Mon 2024-01-15 12:42:01.252: ----------
Itu karena koneksinya dari IP yang tidak punya valid PTR record.
Kalau koneksinya dari node/client yang punya valid PTR record akan
seperti dibawah ini.
SMTP port 25 itu adalah port khusus untuk koneksi antar Mail Server
untuk kirim/terima mail, tidak perlu authentication.
Kalau client kirim authentication hampir bisa dipastikan itu adalah
hacker yang sedang coba-coba cari tahu username/password untuk maksud
dihijack (account hijack detection).
-saya coba cek port 25 apakah terblokir atau tidak, hasilnya sbb:
designartwork@iMac ~ % host mail.musica-studios.co.id
mail.musica-studios.co.id has address 103.4.165.123
designartwork@iMac ~ % nc -vz mail.musica-studios.co.id 25
Connection to mail.musica-studios.co.id port 25 [tcp/smtp] succeeded!
Memang koneksinya bisa (accepted) tetapi tidak akan bisa authenticate,
karena port 25 di filter tidak bisa authenticate untuk mencegah hacker.
-saya coba ganti port smtp client menggunakan port 587, successful
Mon 2024-01-15 13:11:18.471: ----------
Mon 2024-01-15 13:11:25.039: [00339432] Session 00339432; child 0001
Mon 2024-01-15 13:11:25.039: [00339432] Accepting SMTP connection from
182.0.228.164:60930 to 103.4.165.123:587
Mon 2024-01-15 13:11:25.039: [00339432] Location Screen says connection is from
Indonesia, Asia
Mon 2024-01-15 13:11:25.040: [00339432] --> 220 mail.musica-studios.co.id ESMTP
MSA MDaemon 23.5.1; Mon, 15 Jan 2024 13:11:25 +0700
Mon 2024-01-15 13:11:25.116: [00339432] <-- EHLO localhost
Mon 2024-01-15 13:11:25.116: [00339432] --> 250-mail.musica-studios.co.id Hello
localhost [182.0.228.164], pleased to meet you
Mon 2024-01-15 13:11:25.116: [00339432] --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Mon 2024-01-15 13:11:25.116: [00339432] --> 250-8BITMIME
Mon 2024-01-15 13:11:25.116: [00339432] --> 250-ENHANCEDSTATUSCODES
Mon 2024-01-15 13:11:25.116: [00339432] --> 250-PIPELINING
Mon 2024-01-15 13:11:25.116: [00339432] --> 250-CHUNKING
Mon 2024-01-15 13:11:25.116: [00339432] --> 250-STARTTLS
Mon 2024-01-15 13:11:25.116: [00339432] --> 250 SIZE
Mon 2024-01-15 13:11:25.206: [00339432] <-- QUIT
Mon 2024-01-15 13:11:25.206: [00339432] --> 221 2.0.0 See ya in cyberspace
Mon 2024-01-15 13:11:25.206: [00339432] SMTP session terminated (Bytes in/out:
22/329)
Mon 2024-01-15 13:11:25.206: ----------
Sudah benar kalau valid user akses ke mail server milik sendiri pakai
port 587.
mohon petunjuk apakah yg membuat email client tidak bisa mengirimkan email
melalui port 25
Client/user koneksi ke mail server milik sendiri wajib pakai port 587
(atau 465) sesuai regulasi internet.
https://www.m3aawg.org/sites/default/files/managing_port_25_2023.pdf
Koneksi dari client pakai port 25, PTR valid
$ telnet mail.musica-studios.co.id 25
Trying 103.4.165.123...
Connected to mail.musica-studios.co.id.
Escape character is '^]'.
220 mail.musica-studios.co.id ESMTP MDaemon 23.5.1; Mon, 15 Jan 2024
14:39:30 +0700
ehlo dip18.dutaint.com
250-mail.musica-studios.co.id Hello dip18.dutaint.com [27.124.84.254],
pleased to meet you
250-ETRN
250-AUTH LOGIN CRAM-MD5 PLAIN
250-8BITMIME
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-CHUNKING
250-STARTTLS
250 SIZE
Koneksi dari client pakai port 25, PTR tidak valid
$ telnet mail.musica-studios.co.id 25
Trying 103.4.165.123...
Connected to mail.musica-studios.co.id.
Escape character is '^]'.
220 mail.musica-studios.co.id ESMTP MDaemon 23.5.1; Mon, 15 Jan 2024
14:48:15 +0700
ehlo office.dutaint.co.id
501 5.7.0 office.dutaint.co.id host can't be resolved
Connection closed by foreign host.
--
syafril
--------
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 23.5.2 Beta B
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.
%
Menularkan pesimisme cuma perlu modal gombal. Tapi membangun harapan
harus dengan kerja keras dan hasil nyata.
--- Dahlan Iskan
--
--[mdaemon-l]----------------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia
Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.com
Berlangganan: Kirim mail ke [email protected]
Henti Langgan: Kirim mail ke [email protected]
Versi terakhir: MDaemon 23.5.1, SecurityGateway 9.5.2
