[mdaemon-l] Dynamic Blacklist and/or Sender Blacklist

2018-10-08 Terurut Topik Syafril Hermansyah 
On 08/10/18 13:05, Suzy Ariyani (s...@ptbmi.com) wrote:
> Berdasarkan pengecekan tsb maka IP 103.9.227.34 harus kita block
> SEMENTARA di Dynamic Screening Blacklist.
> Dg harapan dalam waktu 2-3hr IP tsb. stop berkirim email ke ptbmi.com,
> benar?

Ya.

> Tapi jika setelah 3hr berlalu email2 spam masih masuk melalui IP tsb.
> maka harus diblok dari Screening - Sender Blacklist ataukah di Spam
> Filter - Blacklist by Sender?

Ya.


> Kapan harus masuk Screening - Sender Blacklist?

Setelah beberapa kali terjadi (sesudah dynamic blacklist expired).
Atau sudah diketahui sender itu bukan rekan korespondensi dari user
@ptbmi.com


> dan kapan hrs masuk Spam Filter - Blacklist by Sender?

Sebenarnya sama saja kalau sendernya tidak lewat mailing list.

Spam Filter blacklist by sender memblock berdasar return-path ,
sender blacklist memblock berdasar From dan Return-Path Address,
sementara blacklist contact berdasar From 



-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 18.5.0-64 bit
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

We are products of our past, but we don't have to be prisoners of it.
--- Rick Warren


-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 18.0.2, SG 5.5.0

[mdaemon-l] Dynamic Blacklist and/or Sender Blacklist

2018-10-08 Terurut Topik Suzy Ariyani 

Semangat pagi lagi Pak Syafril..

-Original Message- 

From: Syafril Hermansyah
Sent: Monday, October 8, 2018 10:27 AM
To: mdaemon-l@dutaint.com
Subject: [mdaemon-l] Dynamic Blacklist and/or Sender Blacklist

On 08/10/18 09:38, Suzy Ariyani (s...@ptbmi.com) wrote:

Yg bs sy cek adalah:
1. IP: 103.9.227.34 tidak mengarah ke website resmi
werkudoro.jatengprov.go.id


Rujukannya bukan web site, tetapi host.

$ host 103.9.227.34
34.227.9.103.in-addr.arpa domain name pointer werkudoro.jatengprov.go.id.


apakah maksudnya adalah sbb:
Cek IP 103.9.227.34 apakah milik gmail.com?
ternyata IP tsb. BUKAN punya gmail.com tapi milik werkudoro.jatengprov.go.id

Berdasarkan pengecekan tsb maka IP 103.9.227.34 harus kita block SEMENTARA 
di Dynamic Screening Blacklist.
Dg harapan dalam waktu 2-3hr IP tsb. stop berkirim email ke ptbmi.com, 
benar?


Tapi jika setelah 3hr berlalu email2 spam masih masuk melalui IP tsb. maka 
harus diblok dari Screening - Sender Blacklist ataukah di Spam Filter - 
Blacklist by Sender?


Kapan harus masuk Screening - Sender Blacklist?
dan kapan hrs masuk Spam Filter - Blacklist by Sender?

Mohon pencerahan

thanks
Suzy


--
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 18.0.2, SG 5.5.0

[mdaemon-l] Dynamic Blacklist and/or Sender Blacklist

2018-10-07 Terurut Topik Syafril Hermansyah 
On 08/10/18 09:38, Suzy Ariyani (s...@ptbmi.com) wrote:
> Yg bs sy cek adalah:
> 1. IP: 103.9.227.34 tidak mengarah ke website resmi
> werkudoro.jatengprov.go.id


Rujukannya bukan web site, tetapi host.

$ host 103.9.227.34
34.227.9.103.in-addr.arpa domain name pointer werkudoro.jatengprov.go.id.

>     Action:  masukkan IP tsb ke Dynamic Blacklist
> 2. From: Michael mahmudroz...@gmail.com 
>    tapi helo=werkudoro.jatengprov.go.id
>    Action: Blacklist Sender mahmudroz...@gmail.com
> 
>  
> Apa 2 action ini perlu dijalankan secara bersamaan?
> ataukan salah satu aja? yg mana pak?


Minimal yang nomer 1, yang nomer 2 optional.

-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 18.5.0-64 bit
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

Learning is not attained by chance, it must be sought for with ardour
and attended to with diligence.
--- Abigail Adams


-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 18.0.2, SG 5.5.0

[mdaemon-l] Dynamic Blacklist and/or Sender Blacklist

2018-10-07 Terurut Topik Suzy Ariyani 
Semangat pagi Pak Syafril..

Utk Header di bawah ini:
X-MDAV-Processed: bb.ptbmi.com, Sun, 07 Oct 2018 13:43:14 +0700
Return-path: 
Authentication-Results: bb.ptbmi.com;
spf=softfail smtp.mailfrom=_spf.google.com;
dkim=fail (DKIM_SELECTOR_PUBLIC_KEY_INVALID) header.d=jatengprov.go.id 
header.b=uxCpuTwPXJ;
dmarc=fail header.from=gmail.com (p=none sampling=29 pct=100);
iprev=pass policy.iprev=103.9.227.34 (PTR werkudoro.jatengprov.go.id);
iprev=pass policy.iprev=103.9.227.34 (HELO werkudoro.jatengprov.go.id);
iprev=fail policy.iprev=103.9.227.34 reason="does not match" (MAIL 
mahmudroz...@gmail.com)
Received-SPF: fail (bb.ptbmi.com: domain gmail.com
does not designate 103.9.227.34 as permitted sender)
receiver=bb.ptbmi.com; client-ip=103.9.227.34;
mechanism=all; envelope-from="mahmudroz...@gmail.com";
helo=werkudoro.jatengprov.go.id;
Received: from werkudoro.jatengprov.go.id (werkudoro.jatengprov.go.id 
[103.9.227.34]) 
by bb.ptbmi.com (MDaemon PRO v18.0.2) with ESMTPS id 49-md5062052.msg; 
Sun, 07 Oct 2018 13:43:13 +0700
X-Spam-Flag: YES
X-Spam-Level: **
X-Spam-Status: Yes, score=10.20 required=5.0
X-Spam-Report:
*  1.6 BAYES_50 BODY: Bayes spam probability is 40 to 60%
*  [score: 0.5000]
*  0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
*  (mahmudrozana[at]gmail.com)
*  1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
*  freemails
*  2.5 MDAEMON_SPF_SOFTFAIL MDaemon: soft-failed SPF verification
*  0.3 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit
*  (mikebrown2141[at]gmail.com)
*  0.0 LOTS_OF_MONEY Huge... sums of money
*  1.2 ADVANCE_FEE_2 Appears to be advance fee fraud (Nigerian 419)
*  2.5 SPOOFED_FREEM_REPTO Forged freemail sender with freemail reply-to
*  1.0 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money
X-Spam-Processed: bb.ptbmi.com, Sun, 07 Oct 2018 13:43:13 +0700
(processed during SMTP session)
X-MDSPF-Result: softfail (bb.ptbmi.com)
X-MDRemoteIP: 103.9.227.34
X-MDHelo: werkudoro.jatengprov.go.id
X-MDArrival-Date: Sun, 07 Oct 2018 13:43:13 +0700
X-Rcpt-To: j...@ptbmi.com
X-MDRcpt-To: j...@ptbmi.com
X-Return-Path: mahmudroz...@gmail.com
X-Envelope-From: mahmudroz...@gmail.com
X-MDaemon-Deliver-To: j...@ptbmi.com
X-CAV-Result: clean
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=jatengprov.go.id; s=default; h=Message-ID:Reply-To:Subject:To:From:Date:
Content-Transfer-Encoding:Content-Type:MIME-Version:Sender:Cc:Content-ID:

Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc

:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=JJcw3cvfqXyMpdJqJeBa6agiziU6zFuFYCZ6ioWq0OQ=; 
b=uxCpuTwPXJkRd32tdeaXm8EnqB

pRLKAgMT9i54U5rCYyGY9oZLaSxEqlaiCGB1BjxsOS1Jg6G/8+0SMTUFdbHCJ3AlWM2n/7PD/rCIG

1HRF/VK/0VVZ5z9YTOcmDoKBPqldJ8xGE/PWWJ5kJhIH1kZG9slHJKBALrdDk2YBRZw8E3Pet5ul+

kzdb3vgxQsVyN2H/DuRdn5Lxc33oSUwE5huN4Y8jCFXTEUVXYpaj370GdU4Ol+IL2JYo5btEbXNCf

M9r+//4D8Dh0ND7Ss7/Afqs29Kl1MPJ4NACn87RM0YNNDaiAxmZI6bctVmoCwHIl55Ah11wLLiiL6
hJA3vxWw==;
Received: from [::1] (port=55442 helo=werkudoro.jatengprov.go.id)
by werkudoro.jatengprov.go.id with esmtpa (Exim 4.91)
(envelope-from )
id 1g92ln-0009Um-W6; Sun, 07 Oct 2018 13:42:30 +0700
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII;
format=flowed
Content-Transfer-Encoding: 7bit
Date: Sun, 07 Oct 2018 13:42:27 +0700
From: Michael 
To: undisclosed-recipients:;
Subject:  please get back to me
Reply-To: mikebrown2...@gmail.com
Mail-Reply-To: mikebrown2...@gmail.com
Message-ID: 
X-Sender: mahmudroz...@gmail.com
User-Agent: Roundcube Webmail/1.3.3
X-OutGoing-Spam-Status: No, score=2.5
X-AntiAbuse: This header was added to track abuse, please include it with any 
abuse report
X-AntiAbuse: Primary Hostname - werkudoro.jatengprov.go.id
X-AntiAbuse: Original Domain - ptbmi.com
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - gmail.com
X-Get-Message-Sender-Via: werkudoro.jatengprov.go.id: authenticated_id: 
p...@jatengprov.go.id
X-Source: 
X-Source-Args: 
X-Source-Dir: 

Yg bs sy cek adalah:
1. IP: 103.9.227.34 tidak mengarah ke website resmi werkudoro.jatengprov.go.id
Action:  masukkan IP tsb ke Dynamic Blacklist
2. From: Michael mahmudroz...@gmail.com
   tapi helo=werkudoro.jatengprov.go.id
   Action: Blacklist Sender mahmudroz...@gmail.com 

Apa 2 action ini perlu dijalankan secara bersamaan?
ataukan salah satu aja? yg mana pak?

Maaf masih sering rancu...
Mohon pencerahan..

thanks
Suzy
--
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com