On 6/21/24 09:36, Agi Subagio via Mdaemon-L wrote:
Carikan transaksi banned nya di Inbound Log.
inbound log ada di attachment - truncate
Wed 2024-06-19 18:14:09: **** ALERT **** Sender has reached RSET dynamic
screening threshold
Wed 2024-06-19 18:14:09: --> 421 Too many RSET commands
Wed 2024-06-19 18:14:09: **** ALERT **** Connection from 172.16.50.16 refused
by dynamic screening; 604800 second(s) remain
Ini benar dynamic screening yang memblock.
Blocking terjadi akibat adanya mail loop antara SG dengan office
(backend) server.
Wed 2024-06-19 18:14:08: --> 250 <>, Sender ok
Wed 2024-06-19 18:14:08: <-- RCPT TO:<[email protected]>
Wed 2024-06-19 18:14:08: User <[email protected]> is not local
Wed 2024-06-19 18:14:08: ========== Processing RCPT scripts for recipient:
[email protected]
Wed 2024-06-19 18:14:08: -- Executing: Blocklist --
Wed 2024-06-19 18:14:08: -- Executing: Tarpitting --
Wed 2024-06-19 18:14:08: -- Executing: Relaying Denied --
Wed 2024-06-19 18:14:08: -- Executing: Invalid Recipient --
Wed 2024-06-19 18:14:08: -- Executing: Validate Local Sender --
Wed 2024-06-19 18:14:08: -- Executing: DNS Blocklists (Client IP) --
Wed 2024-06-19 18:14:08: -- Executing: SPF --
Wed 2024-06-19 18:14:08: -- Executing: Callback Verification --
Wed 2024-06-19 18:14:08: --> 250 <[email protected]>, Recipient ok
Wed 2024-06-19 18:14:08: <-- DATA
Wed 2024-06-19 18:14:08: --> 354 Enter mail, end with <CRLF>.<CRLF>
Wed 2024-06-19 18:14:08: NULL return path, parsing message headers for sender
address
Wed 2024-06-19 18:14:08: Sender = [email protected]
Wed 2024-06-19 18:14:08: Found DISABLED user
Wed 2024-06-19 18:14:08: User is disabled: <[email protected]>
Wed 2024-06-19 18:14:08: Message size: 3789 bytes
Wed 2024-06-19 18:14:08: Message-ID: <[email protected]>
Wed 2024-06-19 18:14:08: Accepting SMTP connection from [172.16.50.16 : 41020]
on port 25
Wed 2024-06-19 18:14:08: # Sender is a local domain mail server (MBS Mail
Server)
Wed 2024-06-19 18:14:08: # Sender is on allowlist (IP global : 173878)
Wed 2024-06-19 18:14:08: --> 250-mx.mbs.co.id Hello mbs.co.id, pleased to meet
you
Ini bug, karena sender IP [172.16.50.16] masuk dalam allowlist global.
Saya akan laporkan ke MDaemon Security Gateway Developer.
Untuk sementara coba masukkan host backend server [mbs.co.id] kedalam
allowlists_hosts atau disable "Ban IPs that send this many RSET command.
https://help.mdaemon.com/SecurityGateway/en/allowlists_hosts.html
https://help.mdaemon.com/SecurityGateway/en/dynamic_screening.html
Itu kenapa [email protected] statusnya bisa disable?
Akun MAILER-DAEMON@ (<>, Null Reverse Path) umum dipakai sebagai system
account untuk meresponse autoresponder, Return-Receive Confirmation dls.
Coba diubah statusnya dari userlist menjadi enable/normal.
https://help.mdaemon.com/SecurityGateway/en/user_list.html
--
syafril
--------
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 24.0.1 Beta B
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.
There are three kinds of men. The ones that learn by readin’. The few
who learn by observation.
The rest of them have to pee on the electric fence for themselves.
--- Will Rogers
--
--[mdaemon-l]----------------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia
Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.com
Berlangganan: Kirim mail ke [email protected]
Henti Langgan: Kirim mail ke [email protected]
Versi terakhir: MDaemon 24.0.0, SecurityGateway 10.0.1
