[Mdaemon-L] Dianggap Spam
On 26/02/22 09.21, Seno H via Mdaemon-L wrote: Berikut log session nya pak: Fri 2022-02-25 13:58:10.556: 05: [248695] Accepting SMTP connection from 10.100.120.1:43710 to 10.100.101.10:25 Fri 2022-02-25 13:58:10.563: 03: [248695] --> 250-mail.clipan.co.id Hello EmailSecurity.clipan.co.id [10.100.120.1], pleased to meet you Ini salah setting Firewall yang pakai NAT (atau S-NAT, Source Network Address Translation) sehingga semua koneksi dari Internet terlihat oleh MDaemon berasal dari IP 10.100.120.1 (= gateway address dari server mail.clipan.co.id). Dampaknya semua setting antirelay, antispam berbasis IP (SPF check, Dynamic Screening, ReverseLooup, DNSBL check, DMARC check, Greylistiing check dls) tidak berfungsi. S-NAT itu peruntukkannya untuk proxy (IP masquerading) user LAN akses ke Internet, share single public IP. Kalau menempatkan Internet Mail Server di LAN (private IP) pakainya Port Address Translation (PAT) alias D-NAT (Destination-Network Address Translation) alias Port Mapping. Jika MDaemon pakai run di private cloud (VM, Virtual Machine) pakai konfigurasi Bridge. https://www.ciscozine.com/nat-and-pat-a-complete-explanation/ https://www.hacktress.com/what-is-nat-vs-bridged-vs-host-only/ Lihat juga ke arsip berikut https://www.mail-archive.com/mdaemon-l@dutaint.com/msg41741.html https://www.mail-archive.com/mdaemon-l@dutaint.com/msg41343.html https://www.mail-archive.com/mdaemon-l@dutaint.com/msg40540.html -- syafril Syafril Hermansyah MDaemon-L Moderator, run MDaemon 21.5.2 64bit Mohon tidak kirim private mail (atau cc:) untuk masalah MDaemon. The more I read, the more I acquire, the more certain I am that I know nothing. --- Voltaire -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 21.5.2, SecurityGateway 8.5.0
[Mdaemon-L] Dianggap Spam
> Berikan transkrip lognya lengkap 1 session-ID [248695]. > Berikut log session nya pak: Fri 2022-02-25 13:58:10.556: 05: [248695] Session 248695; child 0004 Fri 2022-02-25 13:58:10.556: 05: [248695] Accepting SMTP connection from 10.100.120.1:43710 to 10.100.101.10:25 Fri 2022-02-25 13:58:10.558: 03: [248695] --> 220 mail.clipan.co.id ESMTP MDaemon 19.0.3; Fri, 25 Feb 2022 13:58:10 +0700 Fri 2022-02-25 13:58:10.563: 02: [248695] <-- EHLO EmailSecurity.clipan.co.id Fri 2022-02-25 13:58:10.563: 03: [248695] --> 250-mail.clipan.co.id Hello EmailSecurity.clipan.co.id [10.100.120.1], pleased to meet you Fri 2022-02-25 13:58:10.563: 03: [248695] --> 250-ETRN Fri 2022-02-25 13:58:10.563: 03: [248695] --> 250-AUTH LOGIN CRAM-MD5 PLAIN Fri 2022-02-25 13:58:10.563: 03: [248695] --> 250-8BITMIME Fri 2022-02-25 13:58:10.563: 03: [248695] --> 250-ENHANCEDSTATUSCODES Fri 2022-02-25 13:58:10.563: 03: [248695] --> 250-STARTTLS Fri 2022-02-25 13:58:10.563: 03: [248695] --> 250 SIZE 3072 Fri 2022-02-25 13:58:10.564: 02: [248695] <-- MAIL FROM: SIZE=24913 Fri 2022-02-25 13:58:10.566: 09: [248695] Performing SPF lookup (EmailSecurity.clipan.co.id / 10.100.120.1) Fri 2022-02-25 13:58:10.577: 09: [248695] * Result: none; no SPF record in DNS Fri 2022-02-25 13:58:10.577: 09: [248695] End SPF results Fri 2022-02-25 13:58:10.577: 09: [248695] Performing SPF lookup (lintasarta.co.id / 10.100.120.1) Fri 2022-02-25 13:58:10.584: 09: [248695] * Policy: v=spf1 ip4:202.152.0.5 ip4:202.152.0.12 ip4:61.8.78.238 ip4:182.23.102.150 ip4:202.152.1.148 ip4:183.91.64.135 ip4:183.91.64.141 include:spf.protection.outlook.com include:idola.net.id a:mail.lintasarta.co.id -all Fri 2022-02-25 13:58:10.584: 09: [248695] * Evaluating ip4:202.152.0.5: no match Fri 2022-02-25 13:58:10.584: 09: [248695] * Evaluating ip4:202.152.0.12: no match Fri 2022-02-25 13:58:10.584: 09: [248695] * Evaluating ip4:61.8.78.238: no match Fri 2022-02-25 13:58:10.584: 09: [248695] * Evaluating ip4:182.23.102.150: no match Fri 2022-02-25 13:58:10.584: 09: [248695] * Evaluating ip4:202.152.1.148: no match Fri 2022-02-25 13:58:10.584: 09: [248695] * Evaluating ip4:183.91.64.135: no match Fri 2022-02-25 13:58:10.584: 09: [248695] * Evaluating ip4:183.91.64.141: no match Fri 2022-02-25 13:58:10.584: 09: [248695] * Evaluating include:spf.protection.outlook.com: performing lookup Fri 2022-02-25 13:58:10.587: 09: [248695] *Policy: v=spf1 ip4:40.92.0.0/15 ip4:40.107.0.0/16 ip4:52.100.0.0/14 ip4:104.47.0.0/17 ip6:2a01:111:f400::/48 ip6:2a01:111:f403::/48 include:spfd.protection.outlook.com -all Fri 2022-02-25 13:58:10.587: 09: [248695] *Evaluating ip4:40.92.0.0/15: no match Fri 2022-02-25 13:58:10.587: 09: [248695] *Evaluating ip4:40.107.0.0/16: no match Fri 2022-02-25 13:58:10.587: 09: [248695] *Evaluating ip4:52.100.0.0/14: no match Fri 2022-02-25 13:58:10.587: 09: [248695] *Evaluating ip4:104.47.0.0/17: no match Fri 2022-02-25 13:58:10.587: 09: [248695] *Evaluating ip6:2a01:111:f400::/48: no match Fri 2022-02-25 13:58:10.587: 09: [248695] *Evaluating ip6:2a01:111:f403::/48: no match Fri 2022-02-25 13:58:10.587: 09: [248695] *Evaluating include:spfd.protection.outlook.com: performing lookup Fri 2022-02-25 13:58:10.590: 09: [248695] * Policy: v=spf1 ip4:51.4.72.0/24 ip4:51.5.72.0/24 ip4:51.5.80.0/27 ip4:20.47.149.138/32 ip4:51.4.80.0/27 ip6:2a01:4180:4051:0800::/64 ip6:2a01:4180:4050:0800::/64 ip6:2a01:4180:4051:0400::/64 ip6:2a01:4180:4050:0400::/64 -all Fri 2022-02-25 13:58:10.590: 09: [248695] * Evaluating ip4:51.4.72.0/24: no match Fri 2022-02-25 13:58:10.590: 09: [248695] * Evaluating ip4:51.5.72.0/24: no match Fri 2022-02-25 13:58:10.590: 09: [248695] * Evaluating ip4:51.5.80.0/27: no match Fri 2022-02-25 13:58:10.590: 09: [248695] * Evaluating ip4:20.47.149.138/32: no match Fri 2022-02-25 13:58:10.590: 09: [248695] * Evaluating ip4:51.4.80.0/27: no match Fri 2022-02-25 13:58:10.590: 09: [248695] * Evaluating ip6:2a01:4180:4051:0800::/64: no match Fri 2022-02-25 13:58:10.590: 09: [248695] * Evaluating ip6:2a01:4180:4050:0800::/64: no match Fri 2022-02-25 13:58:10.590: 09: [248695] * Evaluating ip6:2a01:4180:4051:0400::/64: no match Fri 2022-02-25 13:58:10.590: 09: [248695] * Evaluating ip6:2a01:4180:4050:0400::/64: no match Fri 2022-02-25 13:58:10.590: 09: [248695] * Evaluating -all: match Fri 2022-02-25 13:58:10.590: 09: [248695] *Evaluating include:spfd.protection.outlook.com: no match Fri 2022-02-25 13:58:10.590: 09: [248695] *Evaluating -all: match Fri 2022-02-25 13:58:10.590: 09: [248695] * Evaluating include:spf.protection.outlook.com: no match Fri 2022-02-25 13:58:10.590: 09: [248695] * Evaluating include:idola.net.id: performing lookup Fri 2022-02-25 13:58:10.595: 09: [248695] *Policy: v=spf1 +a +mx +ip4:202.152.0.0/28 +ip4:202.152.5.144/28 +ip4:202.152.4.64/28 +ip4:202.152.1.64/27 +ip4:202.152.1.40/29 +ip
[Mdaemon-L] Dianggap Spam
Pada 25/02/22 14.53, Seno H via Mdaemon-L menulis: Log smtp=in ada error sbb: Fri 2022-02-25 13:58:10.564: 02: [248695] <-- MAIL FROM: SIZE=24913 Berikan transkrip lognya lengkap 1 session-ID [248695]. -- syafril Syafril Hermansyah MDaemon-L Moderators, running MDaemon 21.5.2 64 bit Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. Anyone who stops learning is old, whether twenty or eighty. Anyone who keeps learning stays young. The greatest thing you can do is keep your mind young. --- Mark Twain (1835 - 1910) -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 21.5.2, SecurityGateway 8.5.0
