Selamat sore Dear Pak Syafril Mohon bantuunya log error di bawah ini, dari email kami m365 ke email kami Mdaemon BMI Terbaca virus, kira2 problemnya apa ya Pak ? dan solusinya bagaimana ?
Terima Kasih Rievo Mon 2024-03-25 10:33:31.689: [16401982] Session 16401982; child 0031 Mon 2024-03-25 10:33:31.689: [16401982] Accepting SMTP connection from 104.47.110.40:55985 to 172.16.0.6:25 Mon 2024-03-25 10:33:31.689: [16401982] Location Screen says connection is from Japan, Asia Mon 2024-03-25 10:33:31.690: [16401982] --> 220 bb.ptbmi.com ESMTP MDaemon 23.5.3; Mon, 25 Mar 2024 10:33:31 +0700 Mon 2024-03-25 10:33:31.790: [16401982] <-- EHLO APC01-TYZ-obe.outbound.protection.outlook.com Mon 2024-03-25 10:33:31.790: [16401982] --> 250-bb.ptbmi.com Hello APC01-TYZ-obe.outbound.protection.outlook.com [104.47.110.40], pleased to meet you Mon 2024-03-25 10:33:31.790: [16401982] --> 250-ETRN Mon 2024-03-25 10:33:31.790: [16401982] Location Screening hiding AUTH from country Japan, Asia Mon 2024-03-25 10:33:31.790: [16401982] --> 250-8BITMIME Mon 2024-03-25 10:33:31.790: [16401982] --> 250-ENHANCEDSTATUSCODES Mon 2024-03-25 10:33:31.790: [16401982] --> 250-PIPELINING Mon 2024-03-25 10:33:31.790: [16401982] --> 250-CHUNKING Mon 2024-03-25 10:33:31.790: [16401982] --> 250-STARTTLS Mon 2024-03-25 10:33:31.790: [16401982] --> 250 SIZE Mon 2024-03-25 10:33:31.891: [16401982] <-- STARTTLS Mon 2024-03-25 10:33:31.891: [16401982] --> 220 2.7.0 Ready to start TLS Mon 2024-03-25 10:33:32.109: [16401982] SSL negotiation successful (TLS 1.2, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) Mon 2024-03-25 10:33:32.209: [16401982] <-- EHLO APC01-TYZ-obe.outbound.protection.outlook.com Mon 2024-03-25 10:33:32.209: [16401982] --> 250-bb.ptbmi.com Hello APC01-TYZ-obe.outbound.protection.outlook.com [104.47.110.40], pleased to meet you Mon 2024-03-25 10:33:32.209: [16401982] --> 250-ETRN Mon 2024-03-25 10:33:32.209: [16401982] Location Screening hiding AUTH from country Japan, Asia Mon 2024-03-25 10:33:32.209: [16401982] --> 250-8BITMIME Mon 2024-03-25 10:33:32.209: [16401982] --> 250-ENHANCEDSTATUSCODES Mon 2024-03-25 10:33:32.209: [16401982] --> 250-PIPELINING Mon 2024-03-25 10:33:32.209: [16401982] --> 250-CHUNKING Mon 2024-03-25 10:33:32.209: [16401982] --> 250-REQUIRETLS Mon 2024-03-25 10:33:32.209: [16401982] --> 250 SIZE Mon 2024-03-25 10:33:32.381: [16401982] <-- MAIL FROM:<[email protected]> SIZE=287407 Mon 2024-03-25 10:33:32.387: [16401982] Performing PTR lookup (40.110.47.104.IN-ADDR.ARPA) Mon 2024-03-25 10:33:32.415: [16401982] * D=40.110.47.104.IN-ADDR.ARPA TTL=(47) PTR=[mail-tyzapc01lp2040.outbound.protection.outlook.com] Mon 2024-03-25 10:33:32.441: [16401982] * D=mail-tyzapc01lp2040.outbound.protection.outlook.com TTL=(0) A=[104.47.110.40] Mon 2024-03-25 10:33:32.441: [16401982] ---- End PTR results Mon 2024-03-25 10:33:32.443: [16401982] Performing IP lookup (APC01-TYZ-obe.outbound.protection.outlook.com) Mon 2024-03-25 10:33:32.469: [16401982] * D=APC01-TYZ-obe.outbound.protection.outlook.com TTL=(3) A=[104.47.110.40] Mon 2024-03-25 10:33:32.469: [16401982] ---- End IP lookup results Mon 2024-03-25 10:33:32.479: [16401982] Performing IP lookup (ptbmi.com) Mon 2024-03-25 10:33:32.509: [16401982] * D=ptbmi.com TTL=(11) A=[202.148.6.47] Mon 2024-03-25 10:33:32.545: [16401982] * P=005 S=000 D=ptbmi.com TTL=(11) MX=[bb.ptbmi.com] Mon 2024-03-25 10:33:32.571: [16401982] * D=bb.ptbmi.com TTL=(9) A=[202.148.25.131] Mon 2024-03-25 10:33:32.571: [16401982] ---- End IP lookup results Mon 2024-03-25 10:33:32.571: [16401982] [email protected] is an alias for [email protected] Mon 2024-03-25 10:33:32.572: [16401982] Performing SPF lookup (APC01-TYZ-obe.outbound.protection.outlook.com / 104.47.110.40) Mon 2024-03-25 10:33:32.572: [16401982] * Policy (cache): v=spf1 include:spf.protection.outlook.com -all Mon 2024-03-25 10:33:32.572: [16401982] * Evaluating include:spf.protection.outlook.com: performing lookup Mon 2024-03-25 10:33:32.572: [16401982] * Policy (cache): v=spf1 ip4:40.92.0.0/15 ip4:40.107.0.0/16 ip4:52.100.0.0/14 ip4:104.47.0.0/17 ip6:2a01:111:f400::/48 ip6:2a01:111:f403::/49 ip6:2a01:111:f403:8000::/51 ip6:2a01:111:f403:c000::/51 ip6:2a01:111:f403:f000::/52 -all Mon 2024-03-25 10:33:32.572: [16401982] * Evaluating ip4:40.92.0.0/15: no match Mon 2024-03-25 10:33:32.572: [16401982] * Evaluating ip4:40.107.0.0/16: no match Mon 2024-03-25 10:33:32.572: [16401982] * Evaluating ip4:52.100.0.0/14: no match Mon 2024-03-25 10:33:32.572: [16401982] * Evaluating ip4:104.47.0.0/17: match Mon 2024-03-25 10:33:32.572: [16401982] * Evaluating include:spf.protection.outlook.com: match Mon 2024-03-25 10:33:32.572: [16401982] * Result: pass Mon 2024-03-25 10:33:32.572: [16401982] ---- End SPF results Mon 2024-03-25 10:33:32.572: [16401982] --> 250 2.1.0 Sender OK Mon 2024-03-25 10:33:32.572: [16401982] <-- RCPT TO:<[email protected]> Mon 2024-03-25 10:33:32.573: [16401982] Performing DNS-BL lookup (104.47.110.40 - connecting IP) Mon 2024-03-25 10:33:32.603: [16401982] * b.barracudacentral.org - passed Mon 2024-03-25 10:33:32.625: [16401982] * zen.spamhaus.org - passed Mon 2024-03-25 10:33:32.625: [16401982] ---- End DNS-BL results Mon 2024-03-25 10:33:32.627: [16401982] --> 250 2.1.5 Recipient OK Mon 2024-03-25 10:33:32.862: [16401982] <-- BDAT 262808 LAST Mon 2024-03-25 10:33:33.421: [16401982] Message size: 262808 bytes Mon 2024-03-25 10:33:33.424: [16401982] Performing DKIM verification Mon 2024-03-25 10:33:33.424: [16401982] * File: d:\mdaemon\queues\temp\49\md5001000000166.tmp Mon 2024-03-25 10:33:33.424: [16401982] * Message-ID: <jh0pr01mb55578894cd4fee82a1fae73ce4...@jh0pr01mb5557.apcprd01.prod.exchangelabs.com> Mon 2024-03-25 10:33:33.427: [16401982] * DKIM-Signature 1: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ptbmi.com; s=selector2; <some tags are not logged> Mon 2024-03-25 10:33:33.427: [16401982] * Verification result: good signature Mon 2024-03-25 10:33:33.427: [16401982] * Result: pass Mon 2024-03-25 10:33:33.427: [16401982] ---- End DKIM results Mon 2024-03-25 10:33:33.428: [16401982] Passing message through AntiVirus (Size: 262808)... Mon 2024-03-25 10:33:33.449: [16401982] * Message is clean (no viruses found) scanned by (IKARUS: clean (0.00714s)) Mon 2024-03-25 10:33:33.449: [16401982] ---- End AntiVirus results Mon 2024-03-25 10:33:34.487: [16401982] Passing message through Outbreak Protection... Mon 2024-03-25 10:33:34.487: [16401982] * Message-ID: <jh0pr01mb55578894cd4fee82a1fae73ce4...@jh0pr01mb5557.apcprd01.prod.exchangelabs.com> Mon 2024-03-25 10:33:34.487: [16401982] * Reference-ID: str=0001.0A702F1E.6600F0B3.0010,ss=4,re=0.000,recu=0.000,reip=0.000,cl=4,cld=1,fgs=8 Mon 2024-03-25 10:33:34.487: [16401982] * Virus result: 0 - Clean Mon 2024-03-25 10:33:34.487: [16401982] * Spam result: 4 - Spam (confirmed) Mon 2024-03-25 10:33:34.487: [16401982] * IWF result: 0 - Clean Mon 2024-03-25 10:33:34.487: [16401982] ---- End Outbreak Protection results Mon 2024-03-25 10:33:34.490: [16401982] --> 550 5.7.1 Sorry, message looks like spam or phish to me (OP) Mon 2024-03-25 10:33:34.491: [16401982] SMTP session terminated (Bytes in/out: 265033/4135) Mon 2024-03-25 10:33:34.493: ---------- -- --[mdaemon-l]---------------------------------------------------------- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.com Berlangganan: Kirim mail ke [email protected] Henti Langgan: Kirim mail ke [email protected] Versi terakhir: MDaemon 23.5.3, SecurityGateway 9.5.3
