[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
> > Apakah ada log transaksinya di smtp-in log? Tidak ada pak, saya sudah tanya ke MX Backup juga (CBN) tidak ada e-mail dari pajak.go.id. > > > > Namun jika di kirimkan ke gmail, di terima dengan baik, berikut logs yang di > gmail : > > > Server-server gmail.com terima koneksi STARTTLS (SMTP/TLS) yang sesuai > dengan keinginan server *.pajak.go.id terkini yang hanya mau kirim mail ke > receiver yang support STARTTLS. > > Sementara server mail.aio.co.id tidak support STARTTLS karena terfilter oleh > firewall. > Tetapi bukankah kemarin sudah dibuatkan pengecualian untuk sender > *.pajak.co.id? Sudah pak, saya sudah buat pengecualian berdasarkan semua SPF host yang Pak Syafril sarankan. Jika saya Analisa, pajak,go.id ini mengirim e-mail dengan 2 metode : 1. Jika kirim e-mail yang sifatnya manual (misal kirim dari salah satu usernya) maka akan di kirimkan melalui smtp server pajaknya langsung (mx10.pajak.go.id, mailout-06.pajak.go.id dan semua server yang depannya berawalan mx..), ini dapat di terima dengan baik. 2. Jika kirim yang sifatnya otomatis dari system (misal kirim OTP login ke DJP online), maka akan di kirimkan melalui smtp server mailtarget.co (ini yang tidak masuk-masuk). Best Regards, Slamet Raharjo IT Dept. -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.com Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 25.0.0, SecurityGateway 10.5.3
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
> Cukup subnet 103.28.106.0/24 saja. > > Tetapi saran saya sebaiknya allow STARTTLS di smtp port 25 dibolehkan secara > global (dari sender manapun), karena ada perbedaan SMTP Size limit antara > pakai STARTTLS (SMTP/TLS) dengan Plain SMTP. > > > Tue 2025-03-18 10:42:58.531: [36983393] --> 250-mail.aio.co.id Hello > > mx12.pajak.go.id [103.28.106.109], pleased to meet you Tue 2025-03-18 > > 10:42:58.531: [36983393] --> 250-ETRN Tue 2025-03-18 10:42:58.531: > > [36983393] --> 250-8BITMIME Tue 2025-03-18 10:42:58.531: [36983393] > > --> 250-ENHANCEDSTATUSCODES Tue 2025-03-18 10:42:58.531: [36983393] > > --> 250-PIPELINING Tue 2025-03-18 10:42:58.531: [36983393] --> > > 250-CHUNKING Tue 2025-03-18 10:42:58.531: [36983393] --> 250-STARTTLS > > Tue 2025-03-18 10:42:58.531: [36983393] --> 250 SIZE 52428800 Pak Syafril, jika e-mail tersebut di kirimkan secara manual dari user (employee pajak) sudah dapat di terima dengan baik. Namun jika di kirimkan dari system otomatis (misalnya OTP), masih belum dapat di terima (di logs MDaemon sama sekali tidak ada logsnya yang dari pajak.go.id). Namun jika di kirimkan ke gmail, di terima dengan baik, berikut logs yang di gmail : === Pesan Asli ID Pesan<195538357.509828.1742273411241@localhost> Dibuat pada:18 Maret 2025 pukul 11.50 (Dikirim setelah 2 detik) Dari: Direktorat Jenderal Pajak Kepada: ssaptay...@gmail.com Subjek: [DJP Online] Kode Verifikasi SPF:PASS dengan IP 147.253.223.64 Pelajari lebih lanjut DKIM: 'PASS' dengan domain pajak.go.id Pelajari lebih lanjut DMARC: 'PASS' Pelajari lebih lanjut Download Pesan Asli Salin ke papan klip Delivered-To: ssaptay...@gmail.com Received: by 2002:a05:7010:389:b0:440:c006:df9d with SMTP id u9csp2717421mdi; Mon, 17 Mar 2025 21:50:14 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEh12nj7njgrGPPHWdCFuTuxBnhZm5EcLyYiPIQuXY+o8EY5ynDLUw6xvVLi812GTD75EwC X-Received: by 2002:a05:690c:6ac4:b0:6f6:7b02:2568 with SMTP id 00721157ae682-6ff460529d9mr202360457b3.32.1742273413894; Mon, 17 Mar 2025 21:50:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1742273413; cv=none; d=google.com; s=arc-20240605; b=ZV9TJBDIwQM3MImOHvMEJwhwQOvbc530MwRFPKzbZjXOey1CZq31McHWPXSMkGczXY RAPCNWqf9KllMHu73m4MDWSZzJjIgAIUu6ycHJHRnhDIbtWd9XuNmpUIXNlvrDZiU2on /WT6GpohnhCKTptMTUYBXu9hXeS/79mKWokFky1sq8vsYymOFaxhQpVImUz6l2lOfA5I ElO/r31M/ec2+aNzxpSICikeKqREu7azH1NX05h/+lODxLv6dl0l4PbTDMrQ3sOaONEu CtQfCCPibIE19tzBbzJzS2Aekzxxh0jxhAQXaG6Yr65U2Qj6Mxgq3s4NfKOEYQtLBmRy kW5g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:subject:message-id:to:from:date:dkim-signature; bh=qth/5xffloXnxNwTixSQwgO5Q68Ohmw4J1K4Np9nld0=; fh=XyIccDqISIyBz8sbu5nkJCNymuXMVXzJ54hDyKY7ZrE=; b=enMwTckFkHYoHBRcgUGx0D4GYjOmXsowwMgsieiNoF5F82tYzuAg467RKVQClwYX3Z YsATL4P9IKh34L/aIilWXfz0MtdxyCnAe1S0f3rIA0e57LDN4lGxVSMBLhEjUYqS3DPW o2oJw9af7nava/J3uVhDV0bP8A9b3b1AfV2C8rcusinUZnp3GjIlp+L3IHzDsjbpQXcM ChwLeLhjFxIma6r17Jwi8nBLMUzryHXtIbW0wB0er26xv+pGStT5mtH2wb8/H7Raqdr+ 5kU4vRFfd23ZrerPJAD1cZNZ0tFK4fNnPli8Dg8PvsxjkBA5uCyLO6KNURt99jWbGbf+ Kvtw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@pajak.go.id header.s=mt1 header.b=XKmyBwd+; spf=pass (google.com: domain of msprvs1=20172luaup5sf=bounces-287856...@spmailtechno.com designates 147.253.223.64 as permitted sender) smtp.mailfrom="msprvs1=20172LuauP5SF=bounces-287856...@spmailtechno.com"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=pajak.go.id Return-Path: Received: from mta-253-223-64.sparkpostmail.com (mta-253-223-64.sparkpostmail.com. [147.253.223.64]) by mx.google.com with ESMTPS id 00721157ae682-6ff32b399adsi97483297b3.257.2025.03.17.21.50.13 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 17 Mar 2025 21:50:13 -0700 (PDT) Received-SPF: pass (google.com: domain of msprvs1=20172luaup5sf=bounces-287856...@spmailtechno.com designates 147.253.223.64 as permitted sender) client-ip=147.253.223.64; Authentication-Results: mx.google.com; dkim=pass header.i=@pajak.go.id header.s=mt1 header.b=XKmyBwd+; spf=pass (google.com: domain of msprvs1=20172luaup5sf=bounces-287856...@spmailtechno.com designates 147.253.223.64 as permitted sender) smtp.mailfrom="msprvs1=20172LuauP5SF=bounces-287856...@spmailtechno.com"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=pajak.go.id X-MSFBL: tPZOXvZZSBdipJox3taec7jzfqc2zKgPdFA1J2Crxmw=|eyJjdXN0b21lcl9pZCI 6IjI4Nzg1NiIsInN1YmFjY291bnRfaWQiOiI3NSIsIm1lc3NhZ2VfaWQiOiI2N2Q 0ODNmYmQ4Njc5NzBhM2EwOCIsInIiOiJzc2FwdGF5YW5pQGdtYWlsLmNvbSIsInR lbmFudF9pZCI6InNwYyJ9 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pajak.go.id; s=mt1; t=1742273412; i=@pajak.go.id; bh=qth/5xffloXnxNwTixSQwgO5Q68Ohmw4J1K4Np9nld0=; h=Dat
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
On 26/03/2025 09.23.31, "Slamet Raharjo via Mdaemon-L" wrote: >> Kalau di smtp-in log coba dicari dengan katakunci "pajak.go.id" atau >> "spmailtechno.com" atau ".sparkpostmail.com". > Ini pak contoh-contoh logsnya : Semua diterima dengan baik. Terima kasih pak, saya coba cek lagi ke usernya, apakah memang sudah terima. Bisa periksa routing log untuk melihat apakah mail tersebut berasal dari sender (From) *@pajak.go.id dan apakah sudah disimpan di user mailbox. -- syafril -- Syafril Hermansyah Send using EMclient Mobile for Android -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.com Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 25.0.0, SecurityGateway 10.5.3
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
On 3/25/25 15:16, Slamet Raharjo via Mdaemon-L wrote: Kalau di smtp-in log coba dicari dengan katakunci "pajak.go.id" atau "spmailtechno.com" atau ".sparkpostmail.com". Ini pak contoh-contoh logsnya : Semua diterima dengan baik. Kalau mail dikirim melalui List Server, maka From tidak akan sama dengan MAIL FROM . Di smtp-in log yang tampil adalah MAIL FROM: . Tue 2025-03-25 07:07:26.129: 02: [37375625] <-- MAIL FROM: Diatas ciri dari mail dikirim melalui List Server. Tue 2025-03-25 07:07:27.206: 10: [37375625] * DKIM-Signature 1: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pajak.go.id; s=mt1; t=1742861244; i=@pajak.go.id; b h=Date:From:To:Message-ID:Subject:Content-Type:From:To:Cc:Subject; Tue 2025-03-25 07:07:27.216: 19: [37375625] * Author domain: pajak.go.id Tue 2025-03-25 07:07:27.216: 19: [37375625] * Organizational domain: pajak.go.id Kalau katakunci pencarian pakai "pajak.go.id" akan ketemu informasi diatas. Itu indikasi di messagenya punya From = *@pajak.go.id -- syafril Syafril Hermansyah MDaemon-L Moderator, run MDaemon 25.0.1 Beta A Mohon tidak kirim private mail (atau cc:) untuk masalah MDaemon. Changes is the law of life. -- John F. Kennedy -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.com Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 25.0.0, SecurityGateway 10.5.3
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
> > ARC-Authentication-Results: i=1; mx.google.com; > >dkim=pass header.i=@pajak.go.id header.s=mt1 header.b=XKmyBwd+; > >spf=pass (google.com: domain of msprvs1=20172luaup5sf=bounces- > 287856...@spmailtechno.com designates 147.253.223.64 as permitted sender) > smtp.mailfrom="msprvs1=20172LuauP5SF=bounces-287856- > 7...@spmailtechno.com"; > >dmarc=pass (p=REJECT sp=REJECT dis=NONE) > > header.from=pajak.go.id > > > Kalau di smtp-in log coba dicari dengan katakunci "pajak.go.id" atau > "spmailtechno.com" atau ".sparkpostmail.com". Ini pak contoh-contoh logsnya : === Tue 2025-03-25 13:10:26.970: 05: [37405788] Session 37405788; child 0005 Tue 2025-03-25 13:10:26.970: 05: [37405788] Accepting SMTP connection from 103.28.106.106:3803 to 192.168.1.19:25 Tue 2025-03-25 13:10:26.970: 07: [37405788] Location Screen says connection is from Indonesia, Asia Tue 2025-03-25 13:10:26.971: 03: [37405788] --> 220 mail.aio.co.id ESMTP MDaemon 23.0.1; Tue, 25 Mar 2025 13:10:26 +0700 Tue 2025-03-25 13:10:26.994: 02: [37405788] <-- EHLO mx9.pajak.go.id Tue 2025-03-25 13:10:26.995: 03: [37405788] --> 250-mail.aio.co.id Hello mx9.pajak.go.id [103.28.106.106], pleased to meet you Tue 2025-03-25 13:10:26.995: 03: [37405788] --> 250-ETRN Tue 2025-03-25 13:10:26.995: 03: [37405788] --> 250-8BITMIME Tue 2025-03-25 13:10:26.995: 03: [37405788] --> 250-ENHANCEDSTATUSCODES Tue 2025-03-25 13:10:26.995: 03: [37405788] --> 250-PIPELINING Tue 2025-03-25 13:10:26.995: 03: [37405788] --> 250-CHUNKING Tue 2025-03-25 13:10:26.995: 03: [37405788] --> 250-STARTTLS Tue 2025-03-25 13:10:26.995: 03: [37405788] --> 250 SIZE 52428800 Tue 2025-03-25 13:10:26.998: 02: [37405788] <-- STARTTLS Tue 2025-03-25 13:10:26.999: 03: [37405788] --> 220 2.7.0 Ready to start TLS Tue 2025-03-25 13:10:27.017: 01: [37405788] SSL negotiation successful (TLS 1.2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) Tue 2025-03-25 13:10:27.021: 02: [37405788] <-- EHLO mx9.pajak.go.id Tue 2025-03-25 13:10:27.021: 03: [37405788] --> 250-mail.aio.co.id Hello mx9.pajak.go.id [103.28.106.106], pleased to meet you Tue 2025-03-25 13:10:27.021: 03: [37405788] --> 250-ETRN Tue 2025-03-25 13:10:27.021: 03: [37405788] --> 250-8BITMIME Tue 2025-03-25 13:10:27.021: 03: [37405788] --> 250-ENHANCEDSTATUSCODES Tue 2025-03-25 13:10:27.021: 03: [37405788] --> 250-PIPELINING Tue 2025-03-25 13:10:27.021: 03: [37405788] --> 250-CHUNKING Tue 2025-03-25 13:10:27.021: 03: [37405788] --> 250-REQUIRETLS Tue 2025-03-25 13:10:27.021: 03: [37405788] --> 250 SIZE 52428800 Tue 2025-03-25 13:10:27.037: 02: [37405788] <-- MAIL FROM: SIZE=284090 Tue 2025-03-25 13:10:27.045: 09: [37405788] Performing SPF lookup (mx9.pajak.go.id / 103.28.106.106) Tue 2025-03-25 13:10:27.059: 09: [37405788] * Result: none; no SPF record in DNS Tue 2025-03-25 13:10:27.059: 09: [37405788] End SPF results Tue 2025-03-25 13:10:27.059: 09: [37405788] Performing SPF lookup (pajak.go.id / 103.28.106.106) Tue 2025-03-25 13:10:27.066: 09: [37405788] * Policy: v=spf1 +a +mx +ip4:103.28.106.0/24 include:_spf.mlsend.com include:spf.mailtarget.co wlinclude:quintsolar.co.id wlinclude:alt-proxy28.mail.unifiedlayer.com wlinclude:aktiva-cluster-smtp3.aktiva.co.id wlinclude:mgtesa01.galaxybackbone. Tue 2025-03-25 13:10:27.069: 09: [37405788] * Evaluating +a: no match Tue 2025-03-25 13:10:27.087: 09: [37405788] * Evaluating +mx: no match Tue 2025-03-25 13:10:27.087: 09: [37405788] * Evaluating +ip4:103.28.106.0/24: match Tue 2025-03-25 13:10:27.087: 09: [37405788] * Result: pass Tue 2025-03-25 13:10:27.087: 09: [37405788] End SPF results Tue 2025-03-25 13:10:27.087: 03: [37405788] --> 250 2.1.0 Sender OK Tue 2025-03-25 13:10:27.092: 02: [37405788] <-- RCPT TO: Tue 2025-03-25 13:10:27.106: 03: [37405788] --> 250 2.1.5 Recipient OK Tue 2025-03-25 13:10:27.110: 02: [37405788] <-- DATA Tue 2025-03-25 13:10:27.110: 03: [37405788] --> 354 Enter mail, end with . Tue 2025-03-25 13:10:27.210: 01: [37405788] Message size: 285080 bytes Tue 2025-03-25 13:10:27.215: 10: [37405788] Performing DKIM verification Tue 2025-03-25 13:10:27.215: 10: [37405788] * File: c:\mdaemon\temp\md5001004935955.tmp Tue 2025-03-25 13:10:27.215: 10: [37405788] * Message-ID: <987403705.605437.1742883002104.JavaMail.root@pintvmeai02> Tue 2025-03-25 13:10:27.234: 10: [37405788] * DKIM-Signature 1: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pajak.go.id; s=key01; ; Tue 2025-03-25 13:10:27.234: 10: [37405788] *Verification result: good signature Tue 2025-03-25 13:10:27.235: 10: [37405788] * Result: pass Tue 2025-03-25 13:10:27.235: 10: [37405788] End DKIM results Tue 2025-03-25 13:10:27.240: 19: [37405788] Performing DMARC processing Tue 2025-03-25 13:10:27.240: 19: [37405788] * File: c:\mdaemon\temp\md5001004935955.tmp Tue 2025-03-25 13:10:27.240: 19: [37405788] * Message-ID: <987403705.605437.1742883002104.JavaMail.root@pintvmeai02> Tue 2025-03-25 13:10:27.240: 19: [37405788] * Author domain: pajak.go.id Tue 2025
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
> Coba carinya dengan katakcuni pencarian "pajak.go.id" (tanpa tanda kutip). Ini contoh yang dapat di terima (sendernya : no-re...@pajak.go.id) : === Tue 2025-03-25 13:10:26.970: [37405788] Session 37405788; child 0005 Tue 2025-03-25 13:10:26.970: [37405788] Accepting SMTP connection from 103.28.106.106:3803 to 192.168.1.19:25 Tue 2025-03-25 13:10:26.970: [37405788] Location Screen says connection is from Indonesia, Asia Tue 2025-03-25 13:10:26.971: [37405788] --> 220 mail.aio.co.id ESMTP MDaemon 23.0.1; Tue, 25 Mar 2025 13:10:26 +0700 Tue 2025-03-25 13:10:26.994: [37405788] <-- EHLO mx9.pajak.go.id Tue 2025-03-25 13:10:26.995: [37405788] --> 250-mail.aio.co.id Hello mx9.pajak.go.id [103.28.106.106], pleased to meet you Tue 2025-03-25 13:10:26.995: [37405788] --> 250-ETRN Tue 2025-03-25 13:10:26.995: [37405788] --> 250-8BITMIME Tue 2025-03-25 13:10:26.995: [37405788] --> 250-ENHANCEDSTATUSCODES Tue 2025-03-25 13:10:26.995: [37405788] --> 250-PIPELINING Tue 2025-03-25 13:10:26.995: [37405788] --> 250-CHUNKING Tue 2025-03-25 13:10:26.995: [37405788] --> 250-STARTTLS Tue 2025-03-25 13:10:26.995: [37405788] --> 250 SIZE 52428800 Tue 2025-03-25 13:10:26.998: [37405788] <-- STARTTLS Tue 2025-03-25 13:10:26.999: [37405788] --> 220 2.7.0 Ready to start TLS Tue 2025-03-25 13:10:27.017: [37405788] SSL negotiation successful (TLS 1.2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) Tue 2025-03-25 13:10:27.021: [37405788] <-- EHLO mx9.pajak.go.id Tue 2025-03-25 13:10:27.021: [37405788] --> 250-mail.aio.co.id Hello mx9.pajak.go.id [103.28.106.106], pleased to meet you Tue 2025-03-25 13:10:27.021: [37405788] --> 250-ETRN Tue 2025-03-25 13:10:27.021: [37405788] --> 250-8BITMIME Tue 2025-03-25 13:10:27.021: [37405788] --> 250-ENHANCEDSTATUSCODES Tue 2025-03-25 13:10:27.021: [37405788] --> 250-PIPELINING Tue 2025-03-25 13:10:27.021: [37405788] --> 250-CHUNKING Tue 2025-03-25 13:10:27.021: [37405788] --> 250-REQUIRETLS Tue 2025-03-25 13:10:27.021: [37405788] --> 250 SIZE 52428800 Tue 2025-03-25 13:10:27.037: [37405788] <-- MAIL FROM: SIZE=284090 Tue 2025-03-25 13:10:27.045: [37405788] Performing SPF lookup (mx9.pajak.go.id / 103.28.106.106) Tue 2025-03-25 13:10:27.059: [37405788] * Result: none; no SPF record in DNS Tue 2025-03-25 13:10:27.059: [37405788] End SPF results Tue 2025-03-25 13:10:27.059: [37405788] Performing SPF lookup (pajak.go.id / 103.28.106.106) Tue 2025-03-25 13:10:27.066: [37405788] * Policy: v=spf1 +a +mx +ip4:103.28.106.0/24 include:_spf.mlsend.com include:spf.mailtarget.co wlinclude:quintsolar.co.id wlinclude:alt-proxy28.mail.unifiedlayer.com wlinclude:aktiva-cluster-smtp3.aktiva.co.id wlinclude:mgtesa01.galaxybackbone. Tue 2025-03-25 13:10:27.069: [37405788] * Evaluating +a: no match Tue 2025-03-25 13:10:27.087: [37405788] * Evaluating +mx: no match Tue 2025-03-25 13:10:27.087: [37405788] * Evaluating +ip4:103.28.106.0/24: match Tue 2025-03-25 13:10:27.087: [37405788] * Result: pass Tue 2025-03-25 13:10:27.087: [37405788] End SPF results Tue 2025-03-25 13:10:27.087: [37405788] --> 250 2.1.0 Sender OK Tue 2025-03-25 13:10:27.092: [37405788] <-- RCPT TO: Tue 2025-03-25 13:10:27.106: [37405788] --> 250 2.1.5 Recipient OK Tue 2025-03-25 13:10:27.110: [37405788] <-- DATA Tue 2025-03-25 13:10:27.110: [37405788] --> 354 Enter mail, end with . Tue 2025-03-25 13:10:27.210: [37405788] Message size: 285080 bytes Tue 2025-03-25 13:10:27.215: [37405788] Performing DKIM verification Tue 2025-03-25 13:10:27.215: [37405788] * File: c:\mdaemon\temp\md5001004935955.tmp Tue 2025-03-25 13:10:27.215: [37405788] * Message-ID: <987403705.605437.1742883002104.JavaMail.root@pintvmeai02> Tue 2025-03-25 13:10:27.234: [37405788] * DKIM-Signature 1: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pajak.go.id; s=key01; ; Tue 2025-03-25 13:10:27.234: [37405788] *Verification result: good signature Tue 2025-03-25 13:10:27.235: [37405788] * Result: pass Tue 2025-03-25 13:10:27.235: [37405788] End DKIM results Tue 2025-03-25 13:10:27.240: [37405788] Performing DMARC processing Tue 2025-03-25 13:10:27.240: [37405788] * File: c:\mdaemon\temp\md5001004935955.tmp Tue 2025-03-25 13:10:27.240: [37405788] * Message-ID: <987403705.605437.1742883002104.JavaMail.root@pintvmeai02> Tue 2025-03-25 13:10:27.240: [37405788] * Author domain: pajak.go.id Tue 2025-03-25 13:10:27.240: [37405788] * Organizational domain: pajak.go.id Tue 2025-03-25 13:10:27.240: [37405788] * Query domain: _dmarc.pajak.go.id Tue 2025-03-25 13:10:27.247: [37405788] *Policy record: v=DMARC1;p=reject;rua=mailto:dmarc@pajak.go.id;ruf=mailto:dmarc@pajak.go.id Tue 2025-03-25 13:10:27.258: [37405788] * Checking authentication mechanisms for DMARC alignment Tue 2025-03-25 13:10:27.258: [37405788] *SPF: domain "pajak.go.id" passed SPF check; and domain is DMARC aligned Tue 2025-03-25 13:10:27.258: [37405788] *DKIM: domain "pajak.go.id" (from d= of signature #1) verified; and domain is DMARC aligned Tue 2025-03-25 13:10
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
On 3/25/25 14:06, Slamet Raharjo via Mdaemon-L wrote: Ini contoh yang tidak dapat di terima, tapi di gmail di terima (sendernya :no-reply-for-468169487406...@pajak.go.id) : ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@pajak.go.id header.s=mt1 header.b=XKmyBwd+; spf=pass (google.com: domain of msprvs1=20172luaup5sf=bounces-287856...@spmailtechno.com designates 147.253.223.64 as permitted sender) smtp.mailfrom="msprvs1=20172LuauP5SF=bounces-287856...@spmailtechno.com"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=pajak.go.id Kalau di smtp-in log coba dicari dengan katakunci "pajak.go.id" atau "spmailtechno.com" atau ".sparkpostmail.com". -- syafril Syafril Hermansyah MDaemon-L Moderator, run MDaemon 25.0.1 Beta A Mohon tidak kirim private mail (atau cc:) untuk masalah MDaemon. Seorang pemberani yg sebenarnya bukannya dia yg dg membabi buta melompat masuk ke dalam jurang, melainkan adalah dia yg dg perlahan-lahan dan dg mata terbuka memasuki jurang itu setelah mengukur dalamnya -- P.J. Stahl -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.com Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 25.0.0, SecurityGateway 10.5.3
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
On 22/03/25 11.55, Slamet Raharjo via Mdaemon-L wrote: Apakah ada log transaksinya di smtp-in log? Tidak ada pak, saya sudah tanya ke MX Backup juga (CBN) tidak ada e-mail dari pajak.go.id. Coba carinya dengan katakcuni pencarian "pajak.go.id" (tanpa tanda kutip). Jika saya Analisa, pajak,go.id ini mengirim e-mail dengan 2 metode : 1. Jika kirim e-mail yang sifatnya manual (misal kirim dari salah satu usernya) maka akan di kirimkan melalui smtp server pajaknya langsung (mx10.pajak.go.id, mailout-06.pajak.go.id dan semua server yang depannya berawalan mx..), ini dapat di terima dengan baik. 2. Jika kirim yang sifatnya otomatis dari system (misal kirim OTP login ke DJP online), maka akan di kirimkan melalui smtp server mailtarget.co (ini yang tidak masuk-masuk). sender *@*.pajak.go.id mailtarget.co hanya untuk kirim untuk informasional (pengumuman, mass marketing), kalau untuk masalh utama (pajak) dikiri melalui server *.pajak.go.id Berikut beberapa cuplikan message header mail yang diterima oleh server saya. ARC-Authentication-Results: i=1; dip70.dutaint.com; spf=pass smtp.mailfrom=no-re...@pajak.go.id; dkim=pass (good signature) header.d=pajak.go.id header.b=UEFmicrmr4; dmarc=pass header.from=pajak.go.id (p=reject sampling=19 pct=100); iprev=pass policy.iprev=103.28.106.50 (HELO mx6.pajak.go.id); iprev=pass policy.iprev=103.28.106.50 (MAIL no-re...@pajak.go.id) ARC-Authentication-Results: i=1; dip70.dutaint.com; spf=pass smtp.mailfrom=djponl...@pajak.go.id; dkim=pass (good signature) header.d=pajak.go.id header.b=drbda9v9OD; dmarc=pass header.from=pajak.go.id (p=reject sampling=14 pct=100); iprev=fail reason="does not match" policy.iprev=103.28.106.9 (HELO mx7.pajak.go.id); iprev=pass policy.iprev=103.28.106.9 (MAIL djponl...@pajak.go.id) ARC-Authentication-Results: i=1; dip70.dutaint.com; spf=pass smtp.mailfrom=dirjenpa...@pajak.go.id; dmarc=pass header.from=pajak.go.id (p=reject sampling=47 pct=100); iprev=fail reason="does not match" policy.iprev=103.28.106.28 (MAIL dirjenpa...@pajak.go.id) -- syafril --- Syafril Hermansyah MDaemon-L Moderator, run MDaemon 25.0.1 Beta A Mohon tidak kirim private mail (atau cc:) untuk masalah MDaemon. Happiness is when what you think, what you say, and what you do are in harmony. -- Mahatma Gandhi -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.com Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 25.0.0, SecurityGateway 10.5.3
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
On 21/03/25 16.54, Slamet Raharjo via Mdaemon-L wrote: Cukup subnet 103.28.106.0/24 saja. Tetapi saran saya sebaiknya allow STARTTLS di smtp port 25 dibolehkan secara global (dari sender manapun), karena ada perbedaan SMTP Size limit antara pakai STARTTLS (SMTP/TLS) dengan Plain SMTP. Pak Syafril, jika e-mail tersebut di kirimkan secara manual dari user (employee pajak) sudah dapat di terima dengan baik. Namun jika di kirimkan dari system otomatis (misalnya OTP), masih belum dapat di terima (di logs MDaemon sama sekali tidak ada logsnya yang dari pajak.go.id). Apakah ada log transaksinya di smtp-in log? Namun jika di kirimkan ke gmail, di terima dengan baik, berikut logs yang di gmail : Server-server gmail.com terima koneksi STARTTLS (SMTP/TLS) yang sesuai dengan keinginan server *.pajak.go.id terkini yang hanya mau kirim mail ke receiver yang support STARTTLS. Sementara server mail.aio.co.id tidak support STARTTLS karena terfilter oleh firewall. Tetapi bukankah kemarin sudah dibuatkan pengecualian untuk sender *.pajak.co.id? -- syafril --- Syafril Hermansyah MDaemon-L Moderator, run MDaemon 25.0.1 Beta A Mohon tidak kirim private mail (atau cc:) untuk masalah MDaemon. Karir yg sukses tdk lagi mengenai promosi. Karir yg sukses adalah mengenai penguasaan -- Michael Hammer -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.com Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 25.0.0, SecurityGateway 10.5.3
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
On 3/19/25 10:22, Slamet Raharjo via Mdaemon-L wrote: Di "rule khusus" yang tadinya dimaksudkan agar dari semua MX pajak.go.id tidak di filter diganti menjadi rule khusus agar semua SPF host domain pajak.go.id tidak di filter. Cukup Subnet Ini saja : 103.28.106.0/24 yang harus di allow (tanpa filter) ? , atau semua Subnet dan IP di bawah ini Pak : Cukup subnet 103.28.106.0/24 saja. Tetapi saran saya sebaiknya allow STARTTLS di smtp port 25 dibolehkan secara global (dari sender manapun), karena ada perbedaan SMTP Size limit antara pakai STARTTLS (SMTP/TLS) dengan Plain SMTP. Tue 2025-03-18 10:42:58.531: [36983393] --> 250-mail.aio.co.id Hello mx12.pajak.go.id [103.28.106.109], pleased to meet you Tue 2025-03-18 10:42:58.531: [36983393] --> 250-ETRN Tue 2025-03-18 10:42:58.531: [36983393] --> 250-8BITMIME Tue 2025-03-18 10:42:58.531: [36983393] --> 250-ENHANCEDSTATUSCODES Tue 2025-03-18 10:42:58.531: [36983393] --> 250-PIPELINING Tue 2025-03-18 10:42:58.531: [36983393] --> 250-CHUNKING Tue 2025-03-18 10:42:58.531: [36983393] --> 250-STARTTLS Tue 2025-03-18 10:42:58.531: [36983393] --> 250 SIZE 52428800 220 mail.aio.co.id ESMTP Service ready ehlo dip8.dutaint.com 250-Requested mail action okay, completed 250-ETRN 250-8BITMIME 250-SIZE 26624000 -- syafril Syafril Hermansyah MDaemon-L Moderator, run MDaemon 25.0.1 Beta A Mohon tidak kirim private mail (atau cc:) untuk masalah MDaemon. Do great things in your life, but do small things as well -- Sophia Bedford Pierce -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.com Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 25.0.0, SecurityGateway 10.5.3
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
> Di "rule khusus" yang tadinya dimaksudkan agar dari semua MX pajak.go.id > tidak > di filter diganti menjadi rule khusus agar semua SPF host domain pajak.go.id > tidak di filter. Cukup Subnet Ini saja : 103.28.106.0/24 yang harus di allow (tanpa filter) ? , atau semua Subnet dan IP di bawah ini Pak : == pajak.go.id.833 IN TXT "v=spf1 +a +mx +ip4:103.28.106.0/24 include:_spf.mlsend.com include:spf.mailtarget.co -all" _spf.mlsend.com.300 IN TXT "v=spf1 ip4:185.249.220.0/24 ip4:185.225.161.0/24 ~all" spf.mailtarget.co. 14400 IN TXT "v=spf1 include:spf.layang.id ip4:156.70.63.207 ip4:35.219.53.239 ip4:147.253.214.50 ip4:192.174.85.116 ip4:147.253.216.201 ip4:147.253.218.183 ip4:192.174.93.194 ip4:147.253.215.168 ip4:147.253.223.222 ip4:192.174.86.224 ip4:147.253.223.14 ip4:192.174.86." "166 ip4:156.70.25.152 ip4:156.70.25.153 ip4:156.70.25.154 ip4:156.70.25.155 ip4:156.70.22.217 ip4:156.70.22.218 ip4:156.70.22.219 ip4:156.70.22.220 ip4:159.65.3.183 ip4:156.70.47.155 ip4:156.70.53.34 ip4:156.70.53.35 ip4:156.70.53.36 ip4:156.70.53.37 ip4:" "147.253.223.61 ip4:147.253.223.62 ip4:147.253.223.63 ip4:147.253.223.64 ip4:156.70.4.15 ip4:199.15.224.234 ip4:13.250.158.5 ip4:18.136.7.250 ip4:3.1.92.226 ip4:168.203.32.129 ip4:168.203.32.130 ip4:156.70.151.215 ip4:35.219.52.21 ip4:35.219.112.34 ip4:35." "219.118.116 ip4:35.219.22.31 ip4:35.219.12.140 ip4:35.219.65.72 ip4:35.219.86.225 ip4:156.70.52.101 ip4:156.70.52.102 ip4:199.15.224.207 ip4:156.70.151.112 ip4:156.70.151.199 ip4:199.15.225.211 ip4:192.174.93.219 ip4:156.70.4.61 ip4:156.70.4.62 ip4:156.70" ".4.63 ip4:156.70.63.137 ip4:156.70.4.135 ~all" Best Regards, Slamet Raharjo IT Dept. -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.com Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 25.0.0, SecurityGateway 10.5.3
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
Ok pak, sudah mulai masuk. > > Mestinya di bypass berdasar SPF host bukan MX host. Ini di bagian mana bypassnya ya ? > > > Namun di logs ini saya melihat ada yang Namanya : > > mailout-06.pajak.go.id (sepertinya ini untuk SMTP Outbound) > > > Ini cara kita cek pajak.go.id pakai SMTP Outbound dengan nama apa saja, > bagaimana caranya ya pak ? > > > Check ke PTR host name dari semua SPF host domain pajak.go.id. > Tidak akurat tetapi membantu. > > $ host 103.28.106.109 1.1.1.1 > Using domain server: > Name: 1.1.1.1 > Address: 1.1.1.1#53 > Aliases: > > 109.106.28.103.in-addr.arpa domain name pointer mx10.pajak.go.id. > 109.106.28.103.in-addr.arpa domain name pointer mailout-06.pajak.go.id. Terima kasih Pak. Best Regards, Slamet Raharjo IT Dept. -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.com Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 25.0.0, SecurityGateway 10.5.3
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
On 3/18/25 13:41, Slamet Raharjo via Mdaemon-L wrote: Mestinya di bypass berdasar SPF host bukan MX host. Ini di bagian mana bypassnya ya ? Di "rule khusus" yang tadinya dimaksudkan agar dari semua MX pajak.go.id tidak di filter diganti menjadi rule khusus agar semua SPF host domain pajak.go.id tidak di filter. -- syafril Syafril Hermansyah MDaemon-L Moderator, run MDaemon 25.0.1 Beta A Mohon tidak kirim private mail (atau cc:) untuk masalah MDaemon. All companies have a culture, some companies have dicipline, but few companies have a culture of dicipline. -- Jim Collins -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.com Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 25.0.0, SecurityGateway 10.5.3
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
On 3/18/25 11:06, Slamet Raharjo via Mdaemon-L wrote: Coba diperika Firewall Traffic Rule untuk tcp port 25 (dan 110, 143) khsusnya untuk inbound rule (dari internet ke server MDaemon mail.aio.co.id), samakan exclusionnya dengan traffic rule port 587. Traffic rule untuk outbound sudah benar mendukung SMTP/TLS. Saya sudah cek di Firewall, dan saya sudah membuat rule khusus agar dari semua MX pajak.go.id (Saya cek melalui MX Toolbox) agar tidak di filter, MX-nya sbb : Mestinya di bypass berdasar SPF host bukan MX host. Tue 2025-03-18 10:42:58.526: [36983393] Session 36983393; child 0003 Tue 2025-03-18 10:42:58.526: [36983393] Accepting SMTP connection from 103.28.106.109:60105 to 192.168.1.19:25 Tue 2025-03-18 10:42:58.526: [36983393] Location Screen says connection is from Indonesia, Asia Tue 2025-03-18 10:42:58.527: [36983393] --> 220 mail.aio.co.id ESMTP MDaemon 23.0.1; Tue, 18 Mar 2025 10:42:58 +0700 Tue 2025-03-18 10:42:58.531: [36983393] <-- EHLO mx12.pajak.go.id Tue 2025-03-18 10:42:58.531: [36983393] --> 250-mail.aio.co.id Hello mx12.pajak.go.id [103.28.106.109], pleased to meet you Tue 2025-03-18 10:42:58.531: [36983393] --> 250-ETRN Tue 2025-03-18 10:42:58.531: [36983393] --> 250-8BITMIME Tue 2025-03-18 10:42:58.531: [36983393] --> 250-ENHANCEDSTATUSCODES Tue 2025-03-18 10:42:58.531: [36983393] --> 250-PIPELINING Tue 2025-03-18 10:42:58.531: [36983393] --> 250-CHUNKING Tue 2025-03-18 10:42:58.531: [36983393] --> 250-STARTTLS Tue 2025-03-18 10:42:58.531: [36983393] --> 250 SIZE 52428800 Tue 2025-03-18 10:42:58.535: [36983393] <-- STARTTLS Tue 2025-03-18 10:42:58.535: [36983393] --> 220 2.7.0 Ready to start TLS Tue 2025-03-18 10:42:58.552: [36983393] SSL negotiation successful (TLS 1.2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) Tue 2025-03-18 10:42:58.555: [36983393] <-- EHLO mx12.pajak.go.id Tue 2025-03-18 10:42:58.555: [36983393] --> 250-mail.aio.co.id Hello mx12.pajak.go.id [103.28.106.109], pleased to meet you Tue 2025-03-18 10:42:58.555: [36983393] --> 250-ETRN Tue 2025-03-18 10:42:58.555: [36983393] --> 250-8BITMIME Tue 2025-03-18 10:42:58.555: [36983393] --> 250-ENHANCEDSTATUSCODES Tue 2025-03-18 10:42:58.555: [36983393] --> 250-PIPELINING Tue 2025-03-18 10:42:58.555: [36983393] --> 250-CHUNKING Tue 2025-03-18 10:42:58.555: [36983393] --> 250-REQUIRETLS Tue 2025-03-18 10:42:58.555: [36983393] --> 250 SIZE 52428800 Tue 2025-03-18 10:42:58.561: [36983393] <-- MAIL FROM: SIZE=278206 Tue 2025-03-18 10:42:58.563: [36983393] Performing PTR lookup (109.106.28.103.IN-ADDR.ARPA) Tue 2025-03-18 10:42:58.564: [36983393] * D=109.106.28.103.IN-ADDR.ARPA TTL=(5) PTR=[mailout-06.pajak.go.id] Tue 2025-03-18 10:42:58.564: [36983393] * D=109.106.28.103.IN-ADDR.ARPA TTL=(5) PTR=[mx10.pajak.go.id] Tue 2025-03-18 10:42:58.566: [36983393] * D=mailout-06.pajak.go.id TTL=(5) A=[103.28.106.109] Tue 2025-03-18 10:42:58.567: [36983393] * D=mx10.pajak.go.id TTL=(0) A=[103.28.106.109] Tue 2025-03-18 10:42:58.567: [36983393] End PTR results Tue 2025-03-18 10:42:58.573: [36983393] Performing IP lookup (mx12.pajak.go.id) Tue 2025-03-18 10:42:58.576: [36983393] * DNS server reports domain name unknown Tue 2025-03-18 10:42:58.576: [36983393] End IP lookup results Tue 2025-03-18 10:42:58.576: [36983393] --> 501 5.7.0 mx12.pajak.go.id host can't be resolved Tue 2025-03-18 10:42:58.576: [36983393] SMTP session terminated (Bytes in/out: 498/3709) Tue 2025-03-18 10:42:58.576: -- Ini sudah jalan STARTTLS nya, setelah bypass firewall filtering. Mailnya ditolak karena dikirim melalui server yang identitas hostnya tidak terdaftar di internet. Sudah dibuatkan pengecualian dan diupdate ke https://ftp.dutaint.com/altn-mdaemon/miscl/HeloLookupWL.dat Namun di logs ini saya melihat ada yang Namanya : mailout-06.pajak.go.id (sepertinya ini untuk SMTP Outbound) Ini cara kita cek pajak.go.id pakai SMTP Outbound dengan nama apa saja, bagaimana caranya ya pak ? Check ke PTR host name dari semua SPF host domain pajak.go.id. Tidak akurat tetapi membantu. $ host 103.28.106.109 1.1.1.1 Using domain server: Name: 1.1.1.1 Address: 1.1.1.1#53 Aliases: 109.106.28.103.in-addr.arpa domain name pointer mx10.pajak.go.id. 109.106.28.103.in-addr.arpa domain name pointer mailout-06.pajak.go.id. Check SPF host $ dig txt pajak.go.id _spf.mlsend.com spf.mailtarget.co pajak.go.id. 833 IN TXT "v=spf1 +a +mx +ip4:103.28.106.0/24 include:_spf.mlsend.com include:spf.mailtarget.co -all" _spf.mlsend.com. 300 IN TXT "v=spf1 ip4:185.249.220.0/24 ip4:185.225.161.0/24 ~all" spf.mailtarget.co. 14400 IN TXT "v=spf1 include:spf.layang.id ip4:156.70.63.207 ip4:35.219.53.239 ip4:147.253.214.50 ip4:192.174.85.116 ip4:147.253.216.201 ip4:147.253.218.183 ip4:192.174.93.194 ip4:147.253.215.168 ip4:147.253.223.222 ip4:192.174.86.224 ip4:147.253.223.14 ip4:192.174.86." "166 ip4:156.70.25.152 ip4:156.70.25.153 ip4:156.70.25.154 ip4:156.70.25.155 ip4:156.70.22.217 ip4:156.70.22.218 ip4:156.70.22.219 ip4:156
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
> Itu indikasi adanya firewall atau proxy (antivirus) yang aktif memfilter tcp > port > 25. > Beberapa firewall dilengkapi dengan fitur proxy inspector (proxy firewall). > > Coba diperika Firewall Traffic Rule untuk tcp port 25 (dan 110, 143) khsusnya > untuk inbound rule (dari internet ke server MDaemon mail.aio.co.id), samakan > exclusionnya dengan traffic rule port 587. > Traffic rule untuk outbound sudah benar mendukung SMTP/TLS. Saya sudah cek di Firewall, dan saya sudah membuat rule khusus agar dari semua MX pajak.go.id (Saya cek melalui MX Toolbox) agar tidak di filter, MX-nya sbb : PrefHostnameIP Address TTL 3 mx2.pajak.go.id 103.28.106.91 DJP-AS-ID (AS58476) 5 min Blacklist Check SMTP Test 3 mx4.pajak.go.id 103.28.106.9 DJP-AS-ID (AS58476) 5 min Blacklist Check SMTP Test 6 mx10.pajak.go.id103.28.106.109 DJP-AS-ID (AS58476) 5 min Blacklist Check SMTP Test 6 mx5.pajak.go.id 103.28.106.112 DJP-AS-ID (AS58476) 5 min Blacklist Check SMTP Test 6 mx6.pajak.go.id 103.28.106.50 DJP-AS-ID (AS58476) 5 min Blacklist Check SMTP Test 6 mx7.pajak.go.id 103.28.106.178 DJP-AS-ID (AS58476) 5 min Blacklist Check SMTP Test 6 mx8.pajak.go.id 103.28.106.179 DJP-AS-ID (AS58476) 5 min Blacklist Check SMTP Test 6 mx9.pajak.go.id 103.28.106.108 DJP-AS-ID (AS58476) 5 min Blacklist Check SMTP Test Namun saya mendapatkan Logs ini, apakah ini karena MX pajak tersebut memang tidak resolve ya (Aneh juga kenapa ada mx12, padahal di MX Toolbox tidak ada mx12.pajak.go.id) : === Tue 2025-03-18 10:42:58.526: [36983393] Session 36983393; child 0003 Tue 2025-03-18 10:42:58.526: [36983393] Accepting SMTP connection from 103.28.106.109:60105 to 192.168.1.19:25 Tue 2025-03-18 10:42:58.526: [36983393] Location Screen says connection is from Indonesia, Asia Tue 2025-03-18 10:42:58.527: [36983393] --> 220 mail.aio.co.id ESMTP MDaemon 23.0.1; Tue, 18 Mar 2025 10:42:58 +0700 Tue 2025-03-18 10:42:58.531: [36983393] <-- EHLO mx12.pajak.go.id Tue 2025-03-18 10:42:58.531: [36983393] --> 250-mail.aio.co.id Hello mx12.pajak.go.id [103.28.106.109], pleased to meet you Tue 2025-03-18 10:42:58.531: [36983393] --> 250-ETRN Tue 2025-03-18 10:42:58.531: [36983393] --> 250-8BITMIME Tue 2025-03-18 10:42:58.531: [36983393] --> 250-ENHANCEDSTATUSCODES Tue 2025-03-18 10:42:58.531: [36983393] --> 250-PIPELINING Tue 2025-03-18 10:42:58.531: [36983393] --> 250-CHUNKING Tue 2025-03-18 10:42:58.531: [36983393] --> 250-STARTTLS Tue 2025-03-18 10:42:58.531: [36983393] --> 250 SIZE 52428800 Tue 2025-03-18 10:42:58.535: [36983393] <-- STARTTLS Tue 2025-03-18 10:42:58.535: [36983393] --> 220 2.7.0 Ready to start TLS Tue 2025-03-18 10:42:58.552: [36983393] SSL negotiation successful (TLS 1.2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) Tue 2025-03-18 10:42:58.555: [36983393] <-- EHLO mx12.pajak.go.id Tue 2025-03-18 10:42:58.555: [36983393] --> 250-mail.aio.co.id Hello mx12.pajak.go.id [103.28.106.109], pleased to meet you Tue 2025-03-18 10:42:58.555: [36983393] --> 250-ETRN Tue 2025-03-18 10:42:58.555: [36983393] --> 250-8BITMIME Tue 2025-03-18 10:42:58.555: [36983393] --> 250-ENHANCEDSTATUSCODES Tue 2025-03-18 10:42:58.555: [36983393] --> 250-PIPELINING Tue 2025-03-18 10:42:58.555: [36983393] --> 250-CHUNKING Tue 2025-03-18 10:42:58.555: [36983393] --> 250-REQUIRETLS Tue 2025-03-18 10:42:58.555: [36983393] --> 250 SIZE 52428800 Tue 2025-03-18 10:42:58.561: [36983393] <-- MAIL FROM: SIZE=278206 Tue 2025-03-18 10:42:58.563: [36983393] Performing PTR lookup (109.106.28.103.IN-ADDR.ARPA) Tue 2025-03-18 10:42:58.564: [36983393] * D=109.106.28.103.IN-ADDR.ARPA TTL=(5) PTR=[mailout-06.pajak.go.id] Tue 2025-03-18 10:42:58.564: [36983393] * D=109.106.28.103.IN-ADDR.ARPA TTL=(5) PTR=[mx10.pajak.go.id] Tue 2025-03-18 10:42:58.566: [36983393] * D=mailout-06.pajak.go.id TTL=(5) A=[103.28.106.109] Tue 2025-03-18 10:42:58.567: [36983393] * D=mx10.pajak.go.id TTL=(0) A=[103.28.106.109] Tue 2025-03-18 10:42:58.567: [36983393] End PTR results Tue 2025-03-18 10:42:58.573: [36983393] Performing IP lookup (mx12.pajak.go.id) Tue 2025-03-18 10:42:58.576: [36983393] * DNS server reports domain name unknown Tue 2025-03-18 10:42:58.576: [36983393] End IP lookup results Tue 2025-03-18 10:42:58.576: [36983393] --> 501 5.7.0 mx12.pajak.go.id host can't be resolved Tue 2025-03-18 10:42:58.576: [36983393] SMTP session terminated (Bytes in/out: 498/3709) Tue 2025-03-18 10:42:58.576: -- == Namun di logs ini saya melihat ada yang Namanya : mailout-06.pajak.go.id (sepertinya ini untuk SMTP Outbound) , Ini cara kita cek pajak.go.id pakai SMTP Outbound dengan nama apa saja, bagaimana caranya ya pak ? Best Regards, Slamet Raharjo IT Dept. -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/w
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
On 3/17/25 13:57, Slamet Raharjo via Mdaemon-L wrote: --- Mohon tidak posting dengan top posting style di milis ini, selalu gunakan bottom (interleaved) posting untuk memudahkan pembacaan. https://blog.joelesler.net/2009/12/bottom-posting.html The particular part to pay attention to is in RFC1855 -- "- If you are sending a reply to a message or a posting be sure you summarize the original at the top of the message, or include just enough text of the original to give a context. This will make sure readers understand when they start to read your response. Since NetNews, especially, is proliferated by distributing the postings from one host to another, it is possible to see a response to a message before seeing the original. Giving context helps everyone. But do not include the entire original!" http://daringfireball.net/2007/07/on_top The fundamental source of poor email style is the practice of quoting the entire message you’re replying to. If that’s what you do, then it doesn’t matter whether you put your response at the top or bottom. In fact, if you’re going to quote the entire message, top-posting probably is better. But both are poor form. Writing an email is like writing an article. Only quote the relevant parts, interspersing your new remarks between the quoted passages. Don’t quote anything at all from the original message if you don’t have to. Does it take more time to edit the portions of quoted text included in your reply? Yes. So does spell-checking and proofreading. It also takes time to shower and brush your teeth each day. Hanya bottom replies yang bisa memanfaatkan inline reply dalam diskusi, top posting itu mirip SMS (Short Message Services) atau Messenger chat hanya untuk 1 topik saja https://en.wikipedia.org/wiki/Posting_style#Interleaved_style) Agar outlook bisa otomatis menggunakan Internet Quote Style yang diperlukan saat inline reply maka ubah settingnya seperti ini https://www.slipstick.com/outlook/email/to-use-internet-style-quoting/ Salin selected text yang akan di quote ulang, yang sesuai contex, ke atas signature lalu hapus quote text yang tidak lagi sesuai konteks yang akan dijawab. Untuk memangkas (hapus) text hanya perlu ketangkasan menggunakan mouse dan atau keyboard. https://www.computerhope.com/issues/ch001669.htm --- Aktifkan SMTP/TLS di MDaemon. Boleh pakai Self Sign Certificate atau lebih baik lagi pakai CA (Certificate Authority) SSL. >> $ openssl s_client -starttls smtp -connect mail.aio.co.id:25 CONNECTED(0003) Didn't find STARTTLS in server response, trying anyway... Terlampr tampilan di MDaemon saya, apakah sudah benar ? MDaemon SMTP TLS.jpg Sudah benar. Tetapi smtp/tls di port 25 tidak aktif, walau di port 587 (SMTP/MSA) aktif. TLS di port 143 (IMAP) dan port 110 (POP3) tidak aktif, walau di port 443 (HTTPS Webmail) aktif. Itu indikasi adanya firewall atau proxy (antivirus) yang aktif memfilter tcp port 25. Beberapa firewall dilengkapi dengan fitur proxy inspector (proxy firewall). Coba diperika Firewall Traffic Rule untuk tcp port 25 (dan 110, 143) khsusnya untuk inbound rule (dari internet ke server MDaemon mail.aio.co.id), samakan exclusionnya dengan traffic rule port 587. Traffic rule untuk outbound sudah benar mendukung SMTP/TLS. https://www.paloaltonetworks.com/cyberpedia/what-is-a-proxy-firewall https://www.fortinet.com/resources/cyberglossary/proxy-firewall $ openssl s_client -starttls smtp -connect mail.aio.co.id:25 CONNECTED(0003) Didn't find STARTTLS in server response, trying anyway... $ telnet mail.aio.co.id 25 Trying 202.158.62.55... Connected to mail.aio.co.id. Escape character is '^]'. 220 mail.aio.co.id ESMTP Service ready ehlo dip8.dutaint.com 250-Requested mail action okay, completed 250-ETRN 250-8BITMIME 250-SIZE 26624000 250 OK $ openssl s_client -starttls smtp -connect mail.aio.co.id:587 CONNECTED(0003) depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = R10 verify return:1 depth=0 CN = mail.aio.co.id verify return:1 --- Certificate chain 0 s:CN = mail.aio.co.id i:C = US, O = Let's Encrypt, CN = R10 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Jan 24 02:00:52 2025 GMT; NotAfter: Apr 24 02:00:51 2025 GMT 1 s:C = US, O = Let's Encrypt, CN = R10 i:C = US, O = Internet Security Research Group, CN = ISRG Root X1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Mar 13 00:00:00 2024 GMT; NotAfter: Mar 12 23:59:59 2027 GMT --- $ telnet mail.aio.co.id 587 Trying 202.158.62.55... Connected to mail.aio.co.id. Escape character is '^]'. 220 mail.aio.co.id ESMTP MSA MDaemon 23.0.1; Tue, 18 Mar 2025 06:38:07 +0700 ehlo dip8.dutaint.com 250-mail.aio.co.id Hello dip8.dutaint.com [103.94.121.132], pleased to meet you 250-AUTH LOGIN CRAM-MD5 PLAIN 250-8BITMIME 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-STARTTLS 250 SIZE 26624000 Mon 2025-03-17 12:53:26
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
Aktifkan SMTP/TLS di MDaemon. Boleh pakai Self Sign Certificate atau lebih baik lagi pakai CA (Certificate Authority) SSL. Server-2x mail-outgoing-.pajak.go.id terkini hanya mau koneksi ke server yang mengaktifkan koneksi SMTP/TLS. https://knowledge.mdaemon.com/how-to-enable-configure-ssl-tls-for-smtp-pop3-imap-in-mdaemon https://knowledge.mdaemon.com/how-to-generate-a-free-ssl-certificate-using-lets-encrypt $ openssl s_client -starttls smtp -connect mail.aio.co.id:25 CONNECTED(0003) Didn't find STARTTLS in server response, trying anyway... quit ^C Terlampr tampilan di MDaemon saya, apakah sudah benar ? Best Regards, Slamet Raharjo IT Dept. -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.com Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 25.0.0, SecurityGateway 10.5.3
[Mdaemon-L] E-mail dari Pajak.go.id tidak bisa masuk
On 3/17/25 13:08, Slamet Raharjo via Mdaemon-L wrote: Beberapa kali user di kami info bahwa tidak terima e-mail dari pajak.go.id (Ke MDaemon tidak masuk, tapi ke gmail masuk) , di bantu di info bagaimana solusinya ? Aktifkan SMTP/TLS di MDaemon. Boleh pakai Self Sign Certificate atau lebih baik lagi pakai CA (Certificate Authority) SSL. Server-2x mail-outgoing-.pajak.go.id terkini hanya mau koneksi ke server yang mengaktifkan koneksi SMTP/TLS. https://knowledge.mdaemon.com/how-to-enable-configure-ssl-tls-for-smtp-pop3-imap-in-mdaemon https://knowledge.mdaemon.com/how-to-generate-a-free-ssl-certificate-using-lets-encrypt $ openssl s_client -starttls smtp -connect mail.aio.co.id:25 CONNECTED(0003) Didn't find STARTTLS in server response, trying anyway... quit ^C -- syafril Syafril Hermansyah MDaemon-L Moderator, run MDaemon 25.0.1 Beta A Mohon tidak kirim private mail (atau cc:) untuk masalah MDaemon. Ada orang-2x yg menjadin agresip, oleh krn mrk kuatir menjadi takut -- Victor Cherbullieez, 1829-1899 -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.com Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 25.0.0, SecurityGateway 10.5.3
