subject:"\[mdaemon\-l\] Spam ke domain kompastv"

[mdaemon-l] Spam ke domain kompastv

2018-08-09 Terurut Topik Syafril Hermansyah

On 09/08/18 12:09, Ahmad Ardiansyah (ardiansyah.em...@gmail.com) wrote:
> kami mendapatkan spam dengan log ini :
> 
> Thu 2018-08-09 04:49:34.362: [315122] Session 315122; child 0002
> Thu 2018-08-09 04:49:34.362: [315122] Accepting SMTP connection from
> 192.168.51.1:34178  to 10.8.40.3:25
> 


yang jadi penyebab banyak spam masuk karena firewall diubah lagi dari
PAT ke NAT.
Bukankah sudah pernah diperbaiki bulan lalu?

https://www.mail-archive.com/mdaemon-l@dutaint.com/msg42737.html

> Wed 2018-02-07 11:17:01.396: [088755] Accepting SMTP connection from
> 106.10.242.139:39770 to 10.0.0.6:25
> Wed 2018-02-07 11:17:01.478: [088755] --> 250-mail.kompas.tv Hello
> sonic302-19.consmr.mail.sg3.yahoo.com [106.10.242.139], pleased to meet you
^^
sudah pakai PAT sehingga original IP sender terlihat

> apakah yang harus kami lakukan selain melakukan blacklist terhadap domain 
> tersebut.


Perbaiki kembali setting firewallnya agar pakai PAT bukan NAT agar
antispam/antirelay berbasis IP di MDaemon berkerja normal.





-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 18.0.2-64 bit
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

It is not that I'm so smart. But I stay with the questions much longer.
--- Albert Einstein


-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 18.0.2, SG 5.5.0

[mdaemon-l] Spam ke domain kompastv

2018-08-08 Terurut Topik Ahmad Ardiansyah

pak syafril,

kami mendapatkan spam dengan log ini :

Thu 2018-08-09 04:49:32.428: --
Thu 2018-08-09 04:49:34.362: [315122] Session 315122; child 0002
Thu 2018-08-09 04:49:34.362: [315122] Accepting SMTP connection from
192.168.51.1:34178 to 10.8.40.3:25
Thu 2018-08-09 04:49:34.364: [315122] --> 220 mail.kompas.tv ESMTP MDaemon
17.0.2; Thu, 09 Aug 2018 04:49:34 +0700
Thu 2018-08-09 04:49:34.543: [315122] <-- EHLO mx1.hussong.biz
Thu 2018-08-09 04:49:34.543: [315122] --> 250-mail.kompas.tv Hello
mx1.hussong.biz [192.168.51.1], pleased to meet you
Thu 2018-08-09 04:49:34.543: [315122] --> 250-ETRN
Thu 2018-08-09 04:49:34.543: [315122] --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Thu 2018-08-09 04:49:34.543: [315122] --> 250-8BITMIME
Thu 2018-08-09 04:49:34.543: [315122] --> 250-ENHANCEDSTATUSCODES
Thu 2018-08-09 04:49:34.543: [315122] --> 250 SIZE 2048
Thu 2018-08-09 04:49:34.722: [315122] <-- MAIL FROM:
SIZE=2232 BODY=7BIT
Thu 2018-08-09 04:49:34.723: [315122] --> 250 2.1.0 Sender OK
Thu 2018-08-09 04:49:34.902: [315122] <-- RCPT TO:
Thu 2018-08-09 04:49:34.903: [315122] --> 250 2.1.5 Recipient OK
Thu 2018-08-09 04:49:35.081: [315122] <-- RCPT TO:
Thu 2018-08-09 04:49:35.088: [315122] --> 250 2.1.5 Recipient OK
Thu 2018-08-09 04:49:35.269: [315122] <-- RCPT TO:
Thu 2018-08-09 04:49:35.344: [315122] --> 250 2.1.5 Recipient OK
Thu 2018-08-09 04:49:35.523: [315122] <-- DATA
Thu 2018-08-09 04:49:35.524: [315122] Creating temp file (SMTP):
c:\mdaemon\queues\temp\md5108616.tmp
Thu 2018-08-09 04:49:35.524: [315122] --> 354 Enter mail, end with
.
Thu 2018-08-09 04:49:35.757: [315122] Message size: 2231 bytes
Thu 2018-08-09 04:49:35.767: [315122] Passing message through AntiVirus
(Size: 2231)...
Thu 2018-08-09 04:49:35.776: [315122] *  Message is clean (no viruses found)
Thu 2018-08-09 04:49:35.776: [315122]  End AntiVirus results
Thu 2018-08-09 04:49:35.893: [315122] Passing message through Outbreak
Protection...
Thu 2018-08-09 04:49:35.893: [315122] *  Message-ID: <
e77c86d6-b5d1-4b2f-bd0f-1648940c2...@dehemm.net>
Thu 2018-08-09 04:49:35.894: [315122] *  Reference-ID:
str=0001.0A150209.5B6B657C.0070,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0
Thu 2018-08-09 04:49:35.894: [315122] *  Virus result: 0 - Clean
Thu 2018-08-09 04:49:35.894: [315122] *  Spam result: 1 - Clean
Thu 2018-08-09 04:49:35.894: [315122] *  IWF result: 0 - Clean
Thu 2018-08-09 04:49:35.894: [315122]  End Outbreak Protection results
Thu 2018-08-09 04:49:35.895: [315122] Passing message through Spam Filter
(Size: 2231)...
Thu 2018-08-09 04:49:35.957: [315122] *  0.0 HTML_MESSAGE BODY: HTML
included in message
Thu 2018-08-09 04:49:35.957: [315122] *  1.6 FORGED_MUA_MOZILLA Forged mail
pretending to be from Mozilla
Thu 2018-08-09 04:49:35.957: [315122]  End SpamAssassin results
Thu 2018-08-09 04:49:35.957: [315122] Spam Filter score/req: 1.60/12.0
Thu 2018-08-09 04:49:35.959: [315122] Message creation successful:
c:\mdaemon\queues\inbound\md50001876777.msg
Thu 2018-08-09 04:49:35.959: [315122] --> 250 2.6.0 Ok, message saved
>
Thu 2018-08-09 04:49:36.137: [315122] <-- QUIT
Thu 2018-08-09 04:49:36.137: [315122] --> 221 2.0.0 See ya in cyberspace
Thu 2018-08-09 04:49:36.137: [315122] SMTP session successful (Bytes
in/out: 2411/509)
Thu 2018-08-09 04:49:36.137: --

apakah yang harus kami lakukan selain melakukan blacklist terhadap domain
tersebut. terima kasih

salam,
ardiansyah

-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 18.0.2, SG 5.5.0

[mdaemon-l] Spam ke domain kompastv

[mdaemon-l] Spam ke domain kompastv

2 matches

Site Navigation

Mail list logo

Footer information