On 7/29/24 09:57, Rievo Niemrod Efraim via Mdaemon-L wrote:
Ini spammer dari Jeddah Arab Saudi yang ngaku-ngaku pakai [email protected],
abaikan saja.
Baik pak
Cara agar menanggulangi spam seperti ini gimana pak ?
Apakah ini sudah ckup ?
Aktifkan Location Screening dan Dynamic Screening.
http://mdaemon.dutaint.co.id/mdaemon/24.0.0/screening_location-screening.html
Location Screening
Location Screening is a geographically based blocking system that you
can use to block incoming SMTP, POP, IMAP, Webmail, ActiveSync,
AutoDiscovery, XML API, Remote Administration, CalDAV/CardDAV, XMPP, and
Minger connections from unauthorized regions of the world. MDaemon
determines the country associated with the connecting IP address and
then blocks that connection if it is from a restricted location, and
adds a line to the Screening log. For SMTP, Location Screening can
optionally block only connections using AUTH. This is useful, for
example, if you have no users in a specific country but still wish to be
able to receive mail from there. That way you would only block those
attempting to log in to your server.
Filter semua country kecuali Indonesia.
http://mdaemon.dutaint.co.id/mdaemon/24.0.0/dynamic-screening_options.html
Using Dynamic Screening, MDaemon can track the behavior of incoming
connections to identify suspicious activity and then respond
accordingly. You can block an IP address (or range of addresses) from
connecting when it fails authentication a specified number times within
a specified amount of time. You can also freeze the accounts attempting
to authenticate when they fail too many times too quickly. Also, when an
IP address is blocked or an account is frozen, it is not permanent. The
connecting IP address will be blocked for the number of minutes, hours,
or days that you specify, and frozen accounts can be "thawed"
automatically after a specified amount of time, or manually by the admin.
Kalau semua user sudah diajarkan cara pakai Webmail atau IMAP/SMTP
client yang benar maka aktifkan juga blocking port 25 untuk
authentication dan plain authentication
http://mdaemon.dutaint.co.id/mdaemon/24.0.0/security--smtp_authentication.html
Do not allow authentication on the SMTP port
This option disables AUTH support over the SMTP port. AUTH will not be
offered in the EHLO response, and will be treated as an unknown command
if provided by the SMTP client. This setting and the "...add their IP to
the Dynamic Screen" option below are useful in configurations where all
legitimate accounts are using the MSA or other port to submit
authenticated mail. In such configurations the assumption is that any
attempt to authenticate on the SMTP port must be from an attacker.
...add their IP to the Dynamic Screen if they attempt it anyway
When using the Do not allow authentication on the SMTP port option
above, this option will add to the Dynamic Screen any IP address of any
client that attempts to authenticate on the SMTP port anyway. The
connection will also be immediately terminated.
http://mdaemon.dutaint.co.id/mdaemon/24.0.0/default-domain-and-servers_servers.html
Allow plain text passwords
This option governs whether or not MDaemon will accept passwords sent in
plain text to the SMTP, IMAP, or POP3 servers. If disabled, the POP3
USER, POP3 PASS, IMAP LOGIN, IMAP AUTH LOGIN, and SMTP AUTH LOGIN
commands will return an error unless the connection is using SSL.
--
syafril
--------
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 24.0.1
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.
Education is the power to think clearly, the power to act well in the
world's work, and the power to appreciate life.
--- Brigham Young
--
--[mdaemon-l]----------------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia
Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.com
Berlangganan: Kirim mail ke [email protected]
Henti Langgan: Kirim mail ke [email protected]
Versi terakhir: MDaemon 24.0.1, SecurityGateway 10.0.2