[MDaemon-L] email ditolak karena terdeteksi spam

[Yarohim]

Pak Syafril,

Ada korespondensi kami yang mengirim email ke user , namun selalu mental 

Setelah saya cek di log ada indikasi SPAM , namun saya coba cek lebih detil
ke SPAM Log tidak ada detilnya

Kira kira penyebab email dari korespondesi kami yang ditolak tersebut apa
yah pak ?

Berikut saya sertakan log dari server kami

Wed 2013-12-11 10:52:06: --

Wed 2013-12-11 10:52:10: Session 263070; child 0002

Wed 2013-12-11 10:52:10: Accepting SMTP connection from
[119.82.226.22:59274] to [192.168.1.254:25]

Wed 2013-12-11 10:52:10: -- 220 mail.pttms.co.id ESMTP MDaemon 13.5.2; Wed,
11 Dec 2013 10:52:10 +0700

Wed 2013-12-11 10:52:10: -- EHLO server43036x.masterweb.net

Wed 2013-12-11 10:52:10: -- 250-mail.pttms.co.id Hello
server43036x.masterweb.net, pleased to meet you

Wed 2013-12-11 10:52:10: -- 250-ETRN

Wed 2013-12-11 10:52:10: -- 250-AUTH LOGIN CRAM-MD5 PLAIN

Wed 2013-12-11 10:52:10: -- 250-8BITMIME

Wed 2013-12-11 10:52:10: -- 250 SIZE

Wed 2013-12-11 10:52:10: -- MAIL FROM:ed...@ecsi-indonesia.com
SIZE=136671

Wed 2013-12-11 10:52:10: Performing PTR lookup (22.226.82.119.IN-ADDR.ARPA)

Wed 2013-12-11 10:52:10: *  D=22.226.82.119.IN-ADDR.ARPA TTL=(354)
PTR=[ip-host.226.22]

Wed 2013-12-11 10:52:10: *  Gathering A records...

Wed 2013-12-11 10:52:10: *  No A records found

Wed 2013-12-11 10:52:10:  End PTR results

Wed 2013-12-11 10:52:10: Performing IP lookup (server43036x.masterweb.net)

Wed 2013-12-11 10:52:10: *  D=server43036x.masterweb.net TTL=(0)
A=[119.82.226.22]

Wed 2013-12-11 10:52:10:  End IP lookup results

Wed 2013-12-11 10:52:10: Performing IP lookup (ecsi-indonesia.com)

Wed 2013-12-11 10:52:10: *  D=ecsi-indonesia.com TTL=(235) A=[119.82.226.22]

Wed 2013-12-11 10:52:10:  End IP lookup results

Wed 2013-12-11 10:52:10: Performing SPF lookup (ecsi-indonesia.com /
119.82.226.22)

Wed 2013-12-11 10:52:12: *  Result: none; no SPF record in DNS

Wed 2013-12-11 10:52:12:  End SPF results

Wed 2013-12-11 10:52:12: -- 250 ed...@ecsi-indonesia.com, Sender ok

Wed 2013-12-11 10:52:12: -- RCPT TO:jum...@pttms.co.id

Wed 2013-12-11 10:52:12: Performing DNS-BL lookup (119.82.226.22 -
connecting IP)

Wed 2013-12-11 10:52:12: *  bl.spamcop.net - passed

Wed 2013-12-11 10:52:12: *  zen.spamhaus.org - passed

Wed 2013-12-11 10:52:12:  End DNS-BL results

Wed 2013-12-11 10:52:12: -- 250 jum...@pttms.co.id, Recipient ok

Wed 2013-12-11 10:52:12: -- DATA

Wed 2013-12-11 10:52:12: Creating temp file (SMTP):
d:\mdaemon\queues\temp\md5393513.tmp

Wed 2013-12-11 10:52:12: -- 354 Enter mail, end with CRLF.CRLF

Wed 2013-12-11 10:52:13: Message size: 136104 bytes

Wed 2013-12-11 10:52:13: Performing DKIM lookup

Wed 2013-12-11 10:52:13: *  File: d:\mdaemon\queues\temp\md5393513.tmp

Wed 2013-12-11 10:52:13: *  Message-ID: 007501cef625$0d2cb660$27862320$@com

Wed 2013-12-11 10:52:13: *  Result: neutral

Wed 2013-12-11 10:52:13:  End DKIM results

Wed 2013-12-11 10:52:13: Performing DomainKeys lookup (Sender:
ed...@ecsi-indonesia.com)

Wed 2013-12-11 10:52:13: *  File: d:\mdaemon\queues\temp\md5393513.tmp

Wed 2013-12-11 10:52:13: *  Message-ID: 007501cef625$0d2cb660$27862320$@com

Wed 2013-12-11 10:52:13: *  Querying for policy: ecsi-indonesia.com

Wed 2013-12-11 10:52:13: *Querying: _domainkey.ecsi-indonesia.com ...

Wed 2013-12-11 10:52:13: *DNS: *  Name server reports domain name
unknown

Wed 2013-12-11 10:52:13: *  Result: neutral

Wed 2013-12-11 10:52:13:  End DomainKeys results

Wed 2013-12-11 10:52:13: Passing message through AntiVirus (Size: 136104)...

Wed 2013-12-11 10:52:13: *  Message is clean (no viruses found)

Wed 2013-12-11 10:52:13:  End AntiVirus results

Wed 2013-12-11 10:52:15: Passing message through Outbreak Protection...

Wed 2013-12-11 10:52:15: *  Message-ID:
007501cef625$0d2cb660$27862320$@com

Wed 2013-12-11 10:52:15: *  Reference-ID:
str=0001.0A150205.52A7E297.014F,ss=4,re=0.000,fgs=12

Wed 2013-12-11 10:52:15: *  Virus result: 0 - Clean

Wed 2013-12-11 10:52:15: *  Spam result: 4 - Spam (confirmed)

Wed 2013-12-11 10:52:15: *  IWF result: 0 - Clean

Wed 2013-12-11 10:52:15:  End Outbreak Protection results

Wed 2013-12-11 10:52:15: -- 554 Sorry, message looks like spam or phish to
me (OP)

Wed 2013-12-11 10:52:15: SMTP session terminated (Bytes in/out: 136228/396)

 

Thanks

Regards,

Yarohim

PT. Tembaga Mulia Semanan ,Tbk | (TMS)

Office (+62 21 6190128 ext. 123 | mobile ( +62 857 69  99 | fax +62 21
5452567

Jl. Daan Mogot KM.16 | Semanan | Kalideres | Jakarta Barat - 11850,
Indonesia

Email * :  mailto:yaro...@pttms.co.id yaro...@pttms.co.id | Website :
http://www.pttms.co.id/ http://www.pttms.co.id

Description: Description: tms

P Please consider the environment - Do you really need to print this email?

 



image001.jpg

[MDaemon-L] email ditolak karena terdeteksi spam

[Syafril Hermansyah]

On 2013-12-11 11:22, Yarohim wrote:
 Kira kira penyebab email dari korespondesi kami yang ditolak tersebut
 apa yah pak ?

 Wed 2013-12-11 10:52:10: Accepting SMTP connection from [119.82.226.22:59274] 
 to [192.168.1.254:25]

 Wed 2013-12-11 10:52:10: -- EHLO server43036x.masterweb.net
...

 Wed 2013-12-11 10:52:15: Passing message through Outbreak Protection...
 
 Wed 2013-12-11 10:52:15: *  Message-ID: 007501cef625$0d2cb660$27862320$@com
 
 Wed 2013-12-11 10:52:15: *  Reference-ID: 
 str=0001.0A150205.52A7E297.014F,ss=4,re=0.000,fgs=12
 
 Wed 2013-12-11 10:52:15: *  Virus result: 0 - Clean
 
 Wed 2013-12-11 10:52:15: *  Spam result: 4 - Spam (confirmed)
 
 Wed 2013-12-11 10:52:15: *  IWF result: 0 - Clean
 
 Wed 2013-12-11 10:52:15:  End Outbreak Protection results
 
 Wed 2013-12-11 10:52:15: -- 554 Sorry, message looks like spam or phish to 
 me (OP)

Mail ditolak karena dikirim melalui sender host/IP yang punya reputasi
buruk (banyak kirim spam ke internet).

http://www.commtouch.com/check-ip-reputation/

IP Query Result:
IP Address: 119.82.226.22
Risk Level: High Risk
Description:This IP address is used for sending Spam on a regular basis

Kalau memang sender itu rekan korespondensi user Anda, masukan sender
domain kedalam spam filter whitelist.

http://mdaemon.dutaint.co.id/13.6/index.html?sf_white_list_from.htm

*@ecsi-indonesia.com

klik apply


-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 13.6.1 Beta b SecurityPlus 4.1.5
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.


-- 
--[MDaemon-L]
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: http://www.netmeister.org/news/learn2quote
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 13.6.0, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 2.1.2, PP 2.0.1