[Mdaemon-L] Mengatur pembatasan pengiriman email dari Mdaemon

2024-12-02 Terurut Topik Syafril Hermansyah via Mdaemon-L

On 12/2/24 16:28, Reza S wrote:

---
Kalau meresponse posting sampaikan kutipan (quote) dari posting 
sebelumnya, sebagai pengarah/fokus pembicaraan.
Tanpa quote maka posting itu menjadi susah diketahui maksudnya, tetapi 
jangan terlalu banyak, secukupnya saja.


https://www.netmeister.org/news/learn2quote2.html

Writing an email is like writing an article. Only quote the relevant
parts, interspersing your new remarks between the quoted passages. Don’t
quote anything at all from the original message if you don’t have to.

Does it take more time to edit the portions of quoted text included in
your reply? Yes. So does spell-checking and proofreading. It also takes
time to shower and brush your teeth each day.
---


 >Itu artinya MDaemon di set always relay to smarthost ya?

 >https://mdaemon.dutaint.com/mdaemon/24.5.0/default-domain-and- 
servers_delivery.html 


  Betul pak



Saat MDaemon kirim mail via smarthost perlu authenticate?
Pakai smtp port berapa: 25, 26, 587 atau lainnya (465, 1125)?


Kalau dinginkan MDaemon tidak brodcast mail lebih dari 200 message per hour 
tinggal lakukan penyesuaian.



Limit messages sent from all other IPs to 200 msgs in 60 minutes


Kalo pengiriman email lebih dari 200 messages in 60 menit maka email 
selanjutnya akan kepending ya pak?atau masuk folder tertentu?



Tidak sepenuhnya begitu.
200 messages itu adalah persentasi (umumnya di set 80%) dari message 
yang bounce atau differed (DSN, Delivery Status Notification of failure 
or delay delivery) yang berasal dari client domain (allowed domain).
Kalau memang tercapai 200 messages bounce/delay maka authenticate sender 
account akan di block selama 1 jam (dynamic/temporary blocking).
Tetapi jika tidak bounce atau deferred yang mencapai 200 messages dalam 
selang waktu 1 jam, maka tidak ada blocking.


Message yang bounce akan dikembalikan ke client server, sementara 
message yang deferred tetap ada di queue Exim MTA.



Kemudian akan mengirimkan kembali setelah 60 menit secara otomatis?



Ya, kalau Account Hijack Detection tidak diaktifkan di client server 
(MDaemon).




--
syafril
---
Syafril Hermansyah

MDaemon-L Moderator, run MDaemon 24.5.2
Mohon tidak kirim private mail (atau cc:) untuk masalah MDaemon.

Mengagumi seseorg berarti berkeinginan menjadi = yg dikagumi itu, 
irihati kpd seseorg berarti berkehendak utk menyingkirkannya

-- Pierre Reverdy, born 1889

--
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.com
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 24.5.2, SecurityGateway 10.5.2





[Mdaemon-L] Mengatur pembatasan pengiriman email dari Mdaemon

2024-12-02 Terurut Topik Reza S
>> Iya benar pak Syafril, seperti link address yang bapak kirimkan error

>> messagenya, apakah ada cara untuk melimit pengiriman email dari

>> mdaemon misal dalam 1 jam bisa utk 200 email saja. mohon arahan

>> masukkan





>Itu artinya MDaemon di set always relay to smarthost ya?



>
https://mdaemon.dutaint.com/mdaemon/24.5.0/default-domain-and-servers_delivery.html



 Betul pak



>[x] Send all outbound email to a smart host



>Smarthost yang punya karakteristik macam ini adalah yang pakai Exim MTA.



>Exim MTA mempunyai fitur tersebut sebagai pencegahan terhadap Account yang
diduga ter hijack (compromise) digunakan oleh spammer untuk broadcast spam
melalui SMTPRelay server.



>
https://support.cpanel.net/hc/en-us/articles/360049231233-Unable-to-send-email-Domain-example-tld-has-exceeded-the-max-defers-and-failures-per-hour



>Jadi selama client server (dhi MDaemon) tidak broadcast spam melalui
smtprelay exim MTA tidak akan terkena limitasi tersebut.

>Di MDaemon juga ada fitur yang serupa, yang disebut account hijack
detection.



>https://mdaemon.dutaint.com/mdaemon/24.5.0/security--hijack_detection.html



>Account Hijack Detection



>The options on this screen can be used to detect a possibly hijacked
MDaemon account and automatically prevent it from sending messages through
your server. For example, if a >spammer somehow obtained an account's email
address and password then this feature could prevent the spammer from using
the account to send bulk junk e-mail through your >system. You can
designate a maximum number of messages that may be sent by an account in a
given number of minutes, based on the IP address from which it is
connecting. You >can also choose to disable accounts that reach the limit.
There is also an Exempt List that can be used to exempt certain addresses
from this restriction. Account Hijack Detection is >enabled by default.



>Kalau dinginkan MDaemon tidak brodcast mail lebih dari 200 message per
hour tinggal lakukan penyesuaian.



>Limit messages sent from all other IPs to 200 msgs in 60 minutes



Kalo pengiriman email lebih dari 200 messages in 60 menit maka email
selanjutnya akan kepending ya pak?atau masuk folder tertentu?



Kemudian akan mengirimkan kembali setelah 60 menit secara otomatis?



>atau



>Limit messages sent from all other IPs to 20 msgs in 6 minutes



>dan pastikan tidak ada akun yang masuk dalam pengecualian (exempt list)



>Exempt List



>Use the Exempt List to designate any addresses that you wish to exempt
from Account Hijack Detection. Wildcards are permitted. For example, "
newslett...@example.com" would >exempt example.com's "newsletters"

>MDaemon account, while "*@newsletters.example.com" would exempt all
MDaemon accounts belonging to the newsletters.example.com domain. The
Postmaster account is >automatically exempt from Account Hijack Detection.



>Hijack detection diatas adalah tindakan pencegahan setelah akun terhijack.

>Akan lebih baik dilakukan pencegahan terhadap akun ter hijack, antra lain
dengan



>1. Semua user diharapkan pakai strong password.



>https://mdaemon.dutaint.com/mdaemon/24.5.0/passwords.html



>2. Membatasi akses mail berdasar lokasi



>
https://mdaemon.dutaint.com/mdaemon/24.5.0/screening_location-screening.html



>3. Mencegah hacker melakukan usaha menebak username/password yang valid di
MDaemon.



>+ Mewajibkan user mengaktifkan SMTPAuthectication untuk kirim mail

>melalui MDaemon

>+ Mencegah authenticate on smtp port 25



>
https://mdaemon.dutaint.com/mdaemon/24.5.0/security--smtp_authentication.html



>+ Keharusan user pakai secure connection, mencegah penggunaan script

>kiddies dari hacker.



>
https://mdaemon.dutaint.com/mdaemon/24.5.0/default-domain-and-servers_servers.html





>[ ] Allow plain text passwords



>This option governs whether or not MDaemon will accept passwords sent in

>plain text to the SMTP, IMAP, or POP3 servers. If disabled, the POP3

>USER, POP3 PASS, IMAP LOGIN, IMAP AUTH LOGIN, and SMTP AUTH LOGIN

>commands will return an error unless the connection is using SSL.



>4. Authentication failure monitoring



>https://mdaemon.dutaint.com/mdaemon/24.5.0/dynamic-screening_options.html



>Enable Authentication Failure Tracking



>When this option is enabled, the Dynamic Screening service will track

>authentication failures for the protocols designated on the Protocols

>tab and perform actions determined by the options on the Auth Failure

>Tracking tab. This option is enabled by default.



>Enable Dynamic Screening Block List



>This option turns on the Dynamic Screening service's ability to block IP

>addresses and ranges. You can manage the block list from the Dynamic

>Block List tab. The block list option is on by default.



>Enable Dynamic Screening Allow List



>This option turns on the Dynamic Screening service's Dynamic Allow List

>feature, which you can use to exempt IP addresses and ranges, to exclude

>them from Dynamic Screening. The allow list is o

[Mdaemon-L] Mengatur pembatasan pengiriman email dari Mdaemon

2024-11-30 Terurut Topik Syafril Hermansyah via Mdaemon-L

On 29/11/24 14.19, Reza S wrote:
---
Mohon tidak posting dengan top posting style di milis ini, selalu
gunakan bottom (interleaved) posting untuk memudahkan pembacaan.

https://blog.joelesler.net/2009/12/bottom-posting.html

The particular part to pay attention to is in RFC1855 --

"- If you are sending a reply to a message or a posting be sure you
summarize the original at the top of the message, or include just
enough text of the original to give a context. This will make
sure readers understand when they start to read your response.
Since NetNews, especially, is proliferated by distributing the
postings from one host to another, it is possible to see a
response to a message before seeing the original. Giving context
helps everyone. But do not include the entire original!"

http://daringfireball.net/2007/07/on_top

The fundamental source of poor email style is the practice of quoting
the entire message you’re replying to. If that’s what you do, then it
doesn’t matter whether you put your response at the top or bottom. In
fact, if you’re going to quote the entire message, top-posting probably
is better. But both are poor form.

Writing an email is like writing an article. Only quote the relevant
parts, interspersing your new remarks between the quoted passages. Don’t
quote anything at all from the original message if you don’t have to.

Does it take more time to edit the portions of quoted text included in
your reply? Yes. So does spell-checking and proofreading. It also takes
time to shower and brush your teeth each day.

Gunakan fitur di webmail gmail (atau gmail apps) untuk kemudahan 
melakukan bottom posting dan pemangkasan (trimming) teks.


http://webapps.stackexchange.com/questions/49884/how-to-insert-a-reply-inline-in-gmail
---

Iya benar pak Syafril, seperti link address yang bapak kirimkan error 
messagenya, apakah ada cara untuk melimit pengiriman email dari mdaemon 
misal dalam 1 jam bisa utk 200 email saja. mohon arahan masukkan



Itu artinya MDaemon di set always relay to smarthost ya?

https://mdaemon.dutaint.com/mdaemon/24.5.0/default-domain-and-servers_delivery.html

[x] Send all outbound email to a smart host

Smarthost yang punya karakteristik macam ini adalah yang pakai Exim MTA.

Exim MTA mempunyai fitur tersebut sebagai pencegahan terhadap Account 
yang diduga ter hijack (compromise) digunakan oleh spammer untuk 
broadcast spam melalui SMTPRelay server.


https://support.cpanel.net/hc/en-us/articles/360049231233-Unable-to-send-email-Domain-example-tld-has-exceeded-the-max-defers-and-failures-per-hour

Jadi selama client server (dhi MDaemon) tidak broadcast spam melalui 
smtprelay exim MTA tidak akan terkena limitasi tersebut.
Di MDaemon juga ada fitur yang serupa, yang disebut account hijack 
detection.


https://mdaemon.dutaint.com/mdaemon/24.5.0/security--hijack_detection.html

Account Hijack Detection

The options on this screen can be used to detect a possibly hijacked 
MDaemon account and automatically prevent it from sending messages 
through your server. For example, if a spammer somehow obtained an 
account's email address and password then this feature could prevent the 
spammer from using the account to send bulk junk e-mail through your 
system. You can designate a maximum number of messages that may be sent 
by an account in a given number of minutes, based on the IP address from 
which it is connecting. You can also choose to disable accounts that 
reach the limit. There is also an Exempt List that can be used to exempt 
certain addresses from this restriction. Account Hijack Detection is 
enabled by default.


Kalau dinginkan MDaemon tidak brodcast mail lebih dari 200 message per 
hour tinggal lakukan penyesuaian.


Limit messages sent from all other IPs to 200 msgs in 60 minutes

atau

Limit messages sent from all other IPs to 20 msgs in 6 minutes

dan pastikan tidak ada akun yang masuk dalam pengecualian (exempt list)

Exempt List

Use the Exempt List to designate any addresses that you wish to exempt 
from Account Hijack Detection. Wildcards are permitted. For example, 
"newslett...@example.com" would exempt example.com's "newsletters" 
MDaemon account, while "*@newsletters.example.com" would exempt all 
MDaemon accounts belonging to the newsletters.example.com domain. The 
Postmaster account is automatically exempt from Account Hijack Detection.


Hijack detection diatas adalah tindakan pencegahan setelah akun terhijack.
Akan lebih baik dilakukan pencegahan terhadap akun ter hijack, antra 
lain dengan


1. Semua user diharapkan pakai strong password.

https://mdaemon.dutaint.com/mdaemon/24.5.0/passwords.html

2. Membatasi akses mail berdasar lokasi

https://mdaemon.dutaint.com/mdaemon/24.5.0/screening_location-screening.html

3. Mencegah hacker melakukan usaha menebak username/password yang valid 
di MDaemon.


+ Mewajibkan user mengaktifkan SMTPAuthectication untuk kirim mail 
melalui MDaemon

+ Mencegah authenticate on smtp port 25

https://mdaemon.dutaint.com/m

[Mdaemon-L] Mengatur pembatasan pengiriman email dari Mdaemon

2024-11-30 Terurut Topik Syafril Hermansyah via Mdaemon-L

On 29/11/24 14.19, Reza S wrote:
---
Mohon tidak posting dengan top posting style di milis ini, selalu
gunakan bottom (interleaved) posting untuk memudahkan pembacaan.

https://blog.joelesler.net/2009/12/bottom-posting.html

The particular part to pay attention to is in RFC1855 --

"- If you are sending a reply to a message or a posting be sure you
summarize the original at the top of the message, or include just
enough text of the original to give a context. This will make
sure readers understand when they start to read your response.
Since NetNews, especially, is proliferated by distributing the
postings from one host to another, it is possible to see a
response to a message before seeing the original. Giving context
helps everyone. But do not include the entire original!"

http://daringfireball.net/2007/07/on_top

The fundamental source of poor email style is the practice of quoting
the entire message you’re replying to. If that’s what you do, then it
doesn’t matter whether you put your response at the top or bottom. In
fact, if you’re going to quote the entire message, top-posting probably
is better. But both are poor form.

Writing an email is like writing an article. Only quote the relevant
parts, interspersing your new remarks between the quoted passages. Don’t
quote anything at all from the original message if you don’t have to.

Does it take more time to edit the portions of quoted text included in
your reply? Yes. So does spell-checking and proofreading. It also takes
time to shower and brush your teeth each day.

Gunakan fitur di webmail gmail (atau gmail apps) untuk kemudahan 
melakukan bottom posting dan pemangkasan (trimming) teks.


http://webapps.stackexchange.com/questions/49884/how-to-insert-a-reply-inline-in-gmail
---

Iya benar pak Syafril, seperti link address yang bapak kirimkan error 
messagenya, apakah ada cara untuk melimit pengiriman email dari mdaemon 
misal dalam 1 jam bisa utk 200 email saja. mohon arahan masukkan



Itu artinya MDaemon di set always relay to smarthost ya?

https://mdaemon.dutaint.com/mdaemon/24.5.0/default-domain-and-servers_delivery.html

[x] Send all outbound email to a smart host

Smarthost yang punya karakteristik macam ini adalah yang pakai Exim MTA.

Exim MTA mempunyai fitur tersebut sebagai pencegahan terhadap Account 
yang diduga ter hijack (compromise) digunakan oleh spammer untuk 
broadcast spam melalui SMTPRelay server.


https://support.cpanel.net/hc/en-us/articles/360049231233-Unable-to-send-email-Domain-example-tld-has-exceeded-the-max-defers-and-failures-per-hour

Jadi selama client server (dhi MDaemon) tidak broadcast spam melalui 
smtprelay exim MTA tidak akan terkena limitasi tersebut.
Di MDaemon juga ada fitur yang serupa, yang disebut account hijack 
detection.


https://mdaemon.dutaint.com/mdaemon/24.5.0/security--hijack_detection.html

Account Hijack Detection

The options on this screen can be used to detect a possibly hijacked 
MDaemon account and automatically prevent it from sending messages 
through your server. For example, if a spammer somehow obtained an 
account's email address and password then this feature could prevent the 
spammer from using the account to send bulk junk e-mail through your 
system. You can designate a maximum number of messages that may be sent 
by an account in a given number of minutes, based on the IP address from 
which it is connecting. You can also choose to disable accounts that 
reach the limit. There is also an Exempt List that can be used to exempt 
certain addresses from this restriction. Account Hijack Detection is 
enabled by default.


Kalau dinginkan MDaemon tidak brodcast mail lebih dari 200 message per 
hour tinggal lakukan penyesuaian.


Limit messages sent from all other IPs to 200 msgs in 60 minutes

atau

Limit messages sent from all other IPs to 20 msgs in 6 minutes

dan pastikan tidak ada akun yang masuk dalam pengecualian (exempt list)

Exempt List

Use the Exempt List to designate any addresses that you wish to exempt 
from Account Hijack Detection. Wildcards are permitted. For example, 
"newslett...@example.com" would exempt example.com's "newsletters" 
MDaemon account, while "*@newsletters.example.com" would exempt all 
MDaemon accounts belonging to the newsletters.example.com domain. The 
Postmaster account is automatically exempt from Account Hijack Detection.


Hijack detection diatas adalah tindakan pencegahan setelah akun terhijack.
Akan lebih baik dilakukan pencegahan terhadap akun ter hijack, antra 
lain dengan


1. Semua user diharapkan pakai strong password.

https://mdaemon.dutaint.com/mdaemon/24.5.0/passwords.html

2. Membatasi akses mail berdasar lokasi

https://mdaemon.dutaint.com/mdaemon/24.5.0/screening_location-screening.html

3. Mencegah hacker melakukan usaha menebak username/password yang valid 
di MDaemon.


+ Mewajibkan user mengaktifkan SMTPAuthectication untuk kirim mail 
melalui MDaemon

+ Mencegah authenticate on smtp port 25

https://mdaemon.dutaint.com/m

[Mdaemon-L] Mengatur pembatasan pengiriman email dari Mdaemon

2024-11-28 Terurut Topik Reza S
Iya benar pak Syafril, seperti link address yang bapak kirimkan error
messagenya, apakah ada cara untuk melimit pengiriman email dari mdaemon
misal dalam 1 jam bisa utk 200 email saja. mohon arahan masukkan

Terima kasih


On Tue, Nov 26, 2024 at 1:07 PM Syafril Hermansyah via Mdaemon-L <
Mdaemon-L@dutaint.com> wrote:

> On 11/26/24 09:53, Reza S wrote:
> > Pak, mau ada settingan untuk mdaemon mengatur pembatasan pengiriman
> > jumlah email supaya tidak terkena "has exceeded the max defers and
> > failures per hour" dikarenakan ada pengiriman max email yg lebih dari
> > 300 email per jam dari hosting. Mohon arahan dan masukkannya.
>
> Yang menolak itu server smarthost (SMTPrelay) atau final destination
> domain?
> Seperti inikah
>
>
> https://www.hostround.com/one/knowledgebase/47/Domain-example.com-has-exceeded-the-max-defers-and-failures-per-hour.html
>
> Bisa diberikan DSN/Bounce (Delivery Status Notification) lengkapnya?
>
>
>
> --
> syafril
> ---
> Syafril Hermansyah
>
> --
> --[mdaemon-l]--
> Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia
>
> Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
> Arsip: http://mdaemon-l.dutaint.com
> Dokumentasi : http://mdaemon.dutaint.com
> Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
> Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
> Versi terakhir: MDaemon 24.5.2, SecurityGateway 10.5.2
>
>
>

--
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.com
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 24.5.2, SecurityGateway 10.5.2



[Mdaemon-L] Mengatur pembatasan pengiriman email dari Mdaemon

2024-11-25 Terurut Topik Syafril Hermansyah via Mdaemon-L

On 11/26/24 09:53, Reza S wrote:
Pak, mau ada settingan untuk mdaemon mengatur pembatasan pengiriman 
jumlah email supaya tidak terkena "has exceeded the max defers and 
failures per hour" dikarenakan ada pengiriman max email yg lebih dari 
300 email per jam dari hosting. Mohon arahan dan masukkannya.


Yang menolak itu server smarthost (SMTPrelay) atau final destination domain?
Seperti inikah

https://www.hostround.com/one/knowledgebase/47/Domain-example.com-has-exceeded-the-max-defers-and-failures-per-hour.html

Bisa diberikan DSN/Bounce (Delivery Status Notification) lengkapnya?



--
syafril
---
Syafril Hermansyah

--
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.com
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 24.5.2, SecurityGateway 10.5.2





[Mdaemon-L] Mengatur pembatasan pengiriman email dari Mdaemon

2024-11-25 Terurut Topik Reza S
Pagi Pak Syafril,


Pak, mau ada settingan untuk mdaemon mengatur pembatasan pengiriman jumlah
email supaya tidak terkena "has exceeded the max defers and failures per
hour" dikarenakan ada pengiriman max email yg lebih dari 300 email per jam
dari hosting. Mohon arahan dan masukkannya.


Terima kasih

salam

Reza

-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.com
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 24.5.2, SecurityGateway 10.5.2