On 6/27/24 12:55, Agi Subagio via Mdaemon-L wrote:
Sudah 2 jam lebih saya aktifkan dynamic screening dengan opsi berikut
dan domain mail server belum ada yg terblok. Apakah Pak Syafril punya
saran lain mengenai seting Dynamic Screening yang lebih efektif jika
nantinya bug di bagian exclusions sudah teratasi?
Kalau menurut saya dynamic screening di SG tidak terlalu bermanfaat,
karena itulah DS baru ada di SG di versi 10.x.
Dynamic Screening lebih bermanfaat untuk office server (server dimana
ada/terdaftar user database dan menyimpan user mailbox).
SG hampir tidak bisa digunakan sebagai relay server dari luar/internet,
khususnya di server mx.bms.co.id karena relay SG di set berbasis IP
(private IP) bukan SMTPAuthentication.
https://help.mdaemon.com/SecurityGateway/en/dynamic_screening.html
Using the Dynamic Screening feature, SecurityGateway can track the
behavior of sending servers to identify suspicious activity and then
respond accordingly. For example, with Dynamic Screening you can ban an
IP address from future connections to your server once a specified
number of "unknown recipient" errors occur during a mail session with
that IP address. You can ban senders that connect to your server more
than a specified number of times in a specified number of minutes, and
you can also ban senders that fail authentication attempts more than a
designated number of times. However, a Dynamic Screening ban is not
permanent. The IP address is banned only for the number of minutes that
you specify on this page, and each IP address and the amount of time
that has passed since its ban is listed in the Blocked IP List at the
bottom of the page.
bandingkan dengan
http://mdaemon.dutaint.co.id/mdaemon/24.0.0/dynamic-screening_options.html
Using Dynamic Screening, MDaemon can track the behavior of incoming
connections to identify suspicious activity and then respond
accordingly. You can block an IP address (or range of addresses) from
connecting when it fails authentication a specified number times within
a specified amount of time. You can also freeze the accounts attempting
to authenticate when they fail too many times too quickly. Also, when an
IP address is blocked or an account is frozen, it is not permanent. The
connecting IP address will be blocked for the number of minutes, hours,
or days that you specify, and frozen accounts can be "thawed"
automatically after a specified amount of time, or manually by the admin.
--
syafril
--------
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 24.0.1
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.
There are three kinds of men. The ones that learn by readin’. The few
who learn by observation.
The rest of them have to pee on the electric fence for themselves.
--- Will Rogers
--
--[mdaemon-l]----------------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia
Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.com
Berlangganan: Kirim mail ke [email protected]
Henti Langgan: Kirim mail ke [email protected]
Versi terakhir: MDaemon 24.0.1, SecurityGateway 10.0.2
