[mdaemon-l] Cara Block Email Spam

2018-05-25 Terurut Topik Syafril Hermansyah 
On 2018-05-25 14:52, Heryanto (herya...@dima.co.id) wrote:
> Belakangan ini kami ada menerima seperti email spam / virus yg ingin
> kami tanya kan bagaimana cara melakukan blocking nya . berikut kami
> lampirkan email header nya.


> Authentication-Results: mail.dima.co.id;
> iprev=fail policy.iprev=113.193.176.213 reason="does not 
> match" (MAIL trcsupp...@orientindia.net)


Bisa masukkan sender address kedalam blacklist contact recipient
customer.market...@dima.co.id via webmail.

Atau masukkan sender domain (*@orientindia.net) kedalam sender blacklist
atau antispam blacklist.

http://mdaemon.dutaint.co.id/mdaemon/18.0/index.html?security--sender-blacklist.htm

http://mdaemon.dutaint.co.id/mdaemon/18.0/index.html?sf_black_list.htm

> X-MDDNSBL-Result: mail.dima.co.id, Wed, 16 May 2018 04:39:54 +0700
> 
> bl.csma.biz returned result of 72.52.4.122


Dihapus saja DSNBL host bl.csma.biz karena host itu tidak lagi aktif.

https://www.dnsbl.com/2013/02/status-of-blcsmabiz-dead.html


> (MAIL recepc...@hotelelpolo.com)

Prinsipnya sama dengan diatas.



-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, MDaemon 18.0.2-64 Beta A
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

Perkecualian tdk selalu mrpkan pembuktian daripada hukum lama yg ada,
perkecualian bisa juga mrpkan pertanda dari masa mendatang, tibanya
hukum baru
-- Marie van Ebner-Eschenbach, 1830-1916


-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 18.0.1, SG 5.5.0

[mdaemon-l] Cara Block Email Spam

2018-05-25 Terurut Topik Heryanto 
Dear Pak Syafril,

 

Belakangan ini kami ada menerima seperti email spam / virus yg ingin kami
tanya kan bagaimana cara melakukan blocking nya . berikut kami lampirkan
email header nya. Terima Kasih.

 

X-MDAV-Processed: mail.dima.co.id, Wed, 16 May 2018 04:39:54 +0700

Authentication-Results: mail.dima.co.id;

spf=neutral smtp.mailfrom=trcsupp...@orientindia.net;

dkim=fail (DKIM_SELECTOR_DNS_PERM_FAILURE)
header.d=orientindia.net header.b=U3N68XxLub;

dmarc=none header.from=orientindia.net (no DMARC record);

iprev=pass policy.iprev=113.193.176.213 (PTR
mail.orientindia.net);

iprev=fail policy.iprev=113.193.176.213 reason="does not
match" (HELO otmumhomail01.orient.com);

iprev=fail policy.iprev=113.193.176.213 reason="does not
match" (MAIL trcsupp...@orientindia.net)

Received-SPF: neutral (mail.dima.co.id: 113.193.176.213 is neither permitted

nor denied by domain orientindia.net)

receiver=mail.dima.co.id; client-ip=113.193.176.213;

mechanism=default;
envelope-from="trcsupp...@orientindia.net";

helo=otmumhomail01.orient.com;

Received: from otmumhomail01.orient.com (mail.orientindia.net
[113.193.176.213]) 

by mail.dima.co.id with ESMTPS id md50011002654.msg; Wed, 16
May 2018 04:39:54 +0700

X-Spam-Level: 

X-Spam-Status: No, score=4.70 required=6.0

X-Spam-Report:

*  3.0 MDAEMON_DNSBL MDaemon: marked by MDaemon's DNSBL

*  1.6 BAYES_50 BODY: Bayes spam probability is 40 to 60%

*  [score: 0.5000]

*  0.0 T_DKIM_INVALID DKIM-Signature header exists but is
not valid

X-Spam-Processed: mail.dima.co.id, Wed, 16 May 2018 04:39:54 +0700

(processed during SMTP session)

X-MDOP-RefID:
str=0001.0A150205.5AFB52F6.00A3,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld
=1,fgs=0 (_st=1 _vt=0 _iwf=0)

X-MDSPF-Result: neutral (mail.dima.co.id)

X-MDDNSBL-Result: mail.dima.co.id, Wed, 16 May 2018 04:39:54 +0700

bl.csma.biz returned result of 72.52.4.122

X-MDRemoteIP: 113.193.176.213

X-MDHelo: otmumhomail01.orient.com

X-MDArrival-Date: Wed, 16 May 2018 04:39:54 +0700

X-Rcpt-To: customer.market...@dima.co.id

X-MDRcpt-To: customer.market...@dima.co.id

X-Envelope-From: trcsupp...@orientindia.net

X-CAV-Result: clean

Received: from otmumhomail01.orient.com (localhost [127.0.0.1])

by otmumhomail01.orient.com (Postfix) with ESMTP id
B8A324254AE7

for ; Wed, 16 May 2018
03:06:45 +0530 (IST)

Authentication-Results: otmumhomail01.orient.com (amavisd-new); dkim=pass

reason="pass (just generated, assumed good)"
header.d=orientindia.net

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=orientindia.net;

h=content-type:content-type:mime-version:subject:subject

:message-id:to:from:from:date:date; s=dkim; t=1526420200; x=

1527284201; bh=ZqhPM4BqIVCKmcmmwflI0WGXTjK8JpE71UFmAmZLC9M=;
b=U

 
3N68XxLubJR1ye408F2lRlLscR4h+IHKDldnd61yqOj9zwMDb4wU3c0aj2b26zGR

 
DPpQVsegqYvTHgGDjtSFVLxhdh50d5dSpDtTVWWVHDuNqdMn//wjnh1uXl3i9XLK

NeTVSAmsjhugC3H5w4FDTSOGXW0EPCSxxS/SacnPv4=

X-Virus-Scanned: amavisd-new at otmumhomail01.orient.com

Received: from otmumhomail01.orient.com ([127.0.0.1])

by otmumhomail01.orient.com (otmumhomail01.orient.com
[127.0.0.1]) (amavisd-new, port 10026)

with ESMTP id QYZB_GAqAxN5 for
;

Wed, 16 May 2018 03:06:40 +0530 (IST)

Received: from 10.0.0.58 (lns_global2.embc.uk.com [92.43.67.254])

by otmumhomail01.orient.com (Postfix) with ESMTPSA id
0E50E4292678

for ; Wed, 16 May 2018
01:44:43 +0530 (IST)

Date: Tue, 15 May 2018 21:14:44 +

From: Dimas Rama 

To: customer.market...@dima.co.id

Message-ID: <389879726619.2018515201...@dima.co.id>

Subject: Payment Receipt 81997901228

MIME-Version: 1.0

Content-Type: multipart/mixed;
boundary="=_NextPart_000_001A_A0B89F46.B67F6181"

X-MDRedirect: 1

X-MDRedirect_From: customer.market...@dima.co.id

X-Return-Path: 

X-MDaemon-Deliver-To: ken.ho...@dima.co.id  

 

 

 

X-MDAV-Processed: mail.dima.co.id, Wed, 23 May 2018 01:19:35 +0700

Authentication-Results: mail.dima.co.id;spf=none
smtp.mailfrom=recepc...@hotelelpolo.com;dkim=pass (good signature)
header.d=hotelelpolo.com header.b=NxChxdBzd6;dmarc=none
header.from=hotelelpolo.com (no DMARC record);iprev=pass
policy.iprev=50.116.15.239 (PTR li485-239.members.linode.com);iprev=pass
policy.iprev=50.116.15.239 (HELO mailsrv.jclhg.com);iprev=pass
policy.iprev=50.116.15.239 (MAIL recepc...@hotelelpolo.com)

Received: from mailsrv.jclhg.com