subject:"\[mdaemon\-l\] Email spam terlanjur masuk"

[mdaemon-l] Email spam terlanjur masuk

2018-09-24 Terurut Topik Syafril Hermansyah

On 24/09/18 18:10, Thariq Basyir (thariqbas...@gmail.com) wrote:
> > Bisa dicarikan message header dari mail tersebut?
> 

> Reply-To: infra@kompas.tv 
> List-ID: http://infra.bit.kompas.tv>>
> List-Post: >


Kalau milisnya untuk kebutuhan internal maka di set private (only member
allow post).

http://mdaemon.dutaint.co.id/mdaemon/18.0/index.html?ml_options.htm

[x] Refuse messages from non list members

Mailing list punya blacklist terpisah namanya blacklist file

http://mdaemon.dutaint.co.id/mdaemon/18.0/index.html?ml_support_files.htm

Black List File

If specified, the file listed here will be used to suppress messages
sent from specified users.

informasi lengkap untuk internal mailing list bisa dilihat disini

https://www.mail-archive.com/mdaemon-l@dutaint.com/msg35807.html
https://www.mail-archive.com/mdaemon-l@dutaint.com/msg35815.html

-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 18.5.0-64 bit Beta RC2
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

The life so short, the craft so long to learn.
--- Hippocrates













-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 18.0.2, SG 5.5.0

[mdaemon-l] Email spam terlanjur masuk

2018-09-24 Terurut Topik Thariq Basyir

2018-09-24 17:32 GMT+07:00 Syafril Hermansyah :

> > Bisa dicarikan message header dari mail tersebut?
>
>From - Mon Sep 24 10:05:31 2018
X-Account-Key: account1
X-UIDL: MD5095899:MSG:347774:30691955:55179016
X-Mozilla-Status: 0001
X-Mozilla-Status2: 
X-Mozilla-Keys:
Return-path: 
Authentication-Results: mail.kompas.tv
iprev=pass policy.iprev=192.185.198.26 (PTR 
gateway30.websitewelcome.com);
iprev=pass policy.iprev=192.185.198.26 (HELO 
gateway30.websitewelcome.com);
iprev=fail policy.iprev=192.185.198.26 reason="does not match" (MAIL
i...@grosir-alatkesehatan.com)
Received: from gateway30.websitewelcome.com
(gateway30.websitewelcome.com [192.185.198.26])
by mail.kompas.tv (MDaemon PRO v17.0.2) with ESMTP id pd50001973120.msg;
Sat, 22 Sep 2018 19:51:43 +0700
X-Spam-Processed: mail.kompas.tv, Sat, 22 Sep 2018 19:51:43 +0700
(not processed: spam filter already applied to initial list submission)
X-MDRemoteIP: 192.185.198.26
X-MDHelo: gateway30.websitewelcome.com
X-MDArrival-Date: Sat, 22 Sep 2018 19:51:43 +0700
X-Rcpt-To: infra@kompas.tv
X-MDRcpt-To: infra@kompas.tv
X-Envelope-From: i...@grosir-alatkesehatan.com
X-MDaemon-Deliver-To: thariq.bas...@kompas.tv
X-MDMailing-List: infra@kompas.tv
Precedence: bulk
Sender: infra@kompas.tv
X-MDAV-Processed: mail.kompas.tv, Sat, 22 Sep 2018 19:51:43 +0700
X-Spam-Level:
X-Spam-Status: No, score=0.0 required=5.0 tests=none shortcircuit=no
autolearn=unavailable autolearn_force=no version=3.4.1
X-Spam-Report:
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28)
X-Authority-Reason: nr=8
MIME-Version: 1.0
Content-Type: multipart/mixed;
 boundary="=_56d5c01c5796888cf6f776b5e3864e07"
Date: Sat, 22 Sep 2018 07:09:59 -0500
From: i...@grosir-alatkesehatan.com
To: undisclosed-recipients:;
Subject: [infra.bit] Kisah Threesome Sandiaga, Miftah dan Noriyu di Gedung Adaro
Message-ID: 
X-Sender: i...@grosir-alatkesehatan.com
User-Agent: Roundcube Webmail/1.3.3
X-AntiAbuse: This header was added to track abuse, please include it
with any abuse report
X-AntiAbuse: Primary Hostname - gator4071.hostgator.com
X-AntiAbuse: Original Domain - kompas.tv
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - grosir-alatkesehatan.com
X-BWhitelist: no
X-Source-IP: 192.185.4.82
X-Source-L: Yes
X-Exim-ID: 1g3gjY-001Vlq-75
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: (grosir-alatkesehatan.com) [192.185.4.82]:12525
X-Source-Auth: i...@grosir-alatkesehatan.com
X-Email-Count: 198
X-Source-Cap: ZWRpc29ueW87ZWRpc29ueW87Z2F0b3I0MDcxLmhvc3RnYXRvci5jb20=
X-Local-Domain: yes
Reply-To: infra@kompas.tv
List-ID: 
List-Post: 

--=_56d5c01c5796888cf6f776b5e3864e07
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8;
 format=flowed



> > Aktifkan menu berikut agar spam filter memberikan informasi lebih banyak
> >  http://mdaemon.dutaint.co.id/mdaemon/18.0/index.html?sf_
> spam_filtering.htm
> > [x] Send heuristic results to SMTP clients
>

barusan kami aktfikan pak

> Coba diperiksa ulang.
>

terlampir pak, FYI kami pakai versi 17.0.2

[mdaemon-l] Email spam terlanjur masuk

2018-09-24 Terurut Topik Thariq Basyir

2018-09-24 16:42 GMT+07:00 Syafril Hermansyah :

>
> > Bisa dicarikan transaksinya di smtp-in log?
>

Sat 2018-09-22 19:51:34.955: [704704] Session 704704; child 0004
Sat 2018-09-22 19:51:34.955: [704704] Accepting SMTP connection from
192.185.198.26:27584 to 10.8.40.3:25
Sat 2018-09-22 19:51:34.957: [704704] --> 220 mail.kompas.tv ESMTP MDaemon
17.0.2; Sat, 22 Sep 2018 19:51:34 +0700
Sat 2018-09-22 19:51:35.188: [704704] <-- EHLO gateway30.websitewelcome.com
Sat 2018-09-22 19:51:35.188: [704704] --> 250-mail.kompas.tv Hello
gateway30.websitewelcome.com [192.185.198.26], pleased to meet you
Sat 2018-09-22 19:51:35.188: [704704] --> 250-ETRN
Sat 2018-09-22 19:51:35.188: [704704] --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Sat 2018-09-22 19:51:35.188: [704704] --> 250-8BITMIME
Sat 2018-09-22 19:51:35.188: [704704] --> 250-ENHANCEDSTATUSCODES
Sat 2018-09-22 19:51:35.188: [704704] --> 250 SIZE 2048
Sat 2018-09-22 19:51:35.420: [704704] <-- MAIL FROM:<
i...@grosir-alatkesehatan.com> SIZE=346939 BODY=8BITMIME
Sat 2018-09-22 19:51:35.423: [704704] Performing PTR lookup
(26.198.185.192.IN-ADDR.ARPA)
Sat 2018-09-22 19:51:35.441: [704704] *  D=26.198.185.192.IN-ADDR.ARPA
TTL=(59) PTR=[gateway30.websitewelcome.com]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.196.18]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.179.30]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.198.26]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.145.3]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.151.58]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.147.85]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.168.15]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[50.116.126.1]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.149.4]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.146.7]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.152.11]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.197.25]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.148.2]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.107.137]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.194.16]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.184.48]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.192.34]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.193.11]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.180.41]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.106.218]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.160.12]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.150.24]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[50.116.124.68]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[50.116.125.1]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[192.185.144.21]
Sat 2018-09-22 19:51:35.457: [704704] *  D=gateway30.websitewelcome.com
TTL=(49) A=[50.116.127.1]
Sat 2018-09-22 19:51:35.457: [704704]  End PTR results
Sat 2018-09-22 19:51:35.460: [704704] Performing IP lookup (
gateway30.websitewelcome.com)
Sat 2018-09-22 19:51:35.474: [704704] *  D=gateway30.websitewelcome.com
TTL=(46) A=[192.185.194.16]
Sat 2018-09-22 19:51:35.474: [704704] *  D=gateway30.websitewelcome.com
TTL=(46) A=[192.185.198.26]
Sat 2018-09-22 19:51:35.474: [704704] *  D=gateway30.websitewelcome.com
TTL=(46) A=[192.185.148.2]
Sat 2018-09-22 19:51:35.474: [704704] *  D=gateway30.websitewelcome.com
TTL=(46) A=[192.185.145.3]
Sat 2018-09-22 19:51:35.474: [704704] *  D=gateway30.websitewelcome.com
TTL=(46) A=[192.185.179.30]
Sat 2018-09-22 19:51:35.474: [704704] *  D=gateway30.websitewelcome.com
TTL=(46) A=[50.116.124.68]
Sat 2018-09-22 19:51:35.474: [704704] *  D=gateway30.websitewelcome.com
TTL=(46) A=[50.116.127.1]
Sat 2018-09-22 19:51:35.474: [704704] *  D=gateway30.websitewelcome.com
TTL=(46) A=[192.185.192.34]
Sat 2018-09-22 19:51:35.474: [704704] *  D=gateway30.websitewelcome.com
TTL=(46) A=[192.185.193.11]
Sat 2018-09-22 19:51:35.474: [704704] *  D=gateway30.websitewelcome.com
TTL=(46) A=[192.185.107.137]
Sat 2018-09-22 19:51:35.474: [704704] *

[mdaemon-l] Email spam terlanjur masuk

2018-09-24 Terurut Topik Syafril Hermansyah

On 24/09/18 17:11, Thariq Basyir (thariqbas...@gmail.com) wrote:
> 
>> Bisa dicarikan transaksinya di smtp-in log?

> Sat 2018-09-22 19:51:39.638: [704704] Spam Filter score/req: 0.00/12.0


Sepintas kelihatannya normal saja.
Bisa dicarikan message header dari mail tersebut?

Aktifkan menu berikut agar spam filter memberikan informasi lebih banyak

http://mdaemon.dutaint.co.id/mdaemon/18.0/index.html?sf_spam_filtering.htm

[x] Send heuristic results to SMTP clients


>> > Incoming mail sent to local users who do not exist should be...
>> > [x] ...returned to sender with a 'no such user' warning
>> > hal ini akan membebani server untuk hal yang tidak perlu.


> ini sudah kami aktifkan sedari awal


Coba diperiksa ulang.




-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 18.5.0-64 bit Beta RC2
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

The more I read, the more I acquire, the more certain I am that I know
nothing.
--- Voltaire


-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 18.0.2, SG 5.5.0

[mdaemon-l] Email spam terlanjur masuk

2018-09-24 Terurut Topik Syafril Hermansyah

On 24/09/18 16:02, Thariq Basyir (thariqbas...@gmail.com) wrote:
> 2 hari lalu kami banyak mendapat SPAM email dari domain domain
> (terlampir), yang sifatnya politis
> dari sifatnya sih seperti email kena hijack, kemudian dipakai oleh user
> yang tidak bertanggung jawab untuk menyebar berita hoax, fitnah, dan isu
> SARA berkaitan dengan pemilihan presiden 2019
> 
> Selain blok manual, ada cara lain tidak pak untuk menangkis email
> seperti ini?


Bisa dicarikan transaksinya di smtp-in log?

BTW. server mail.kompas.tv ada yang salah setting, di unknown user masih
belum diubah setelah installasi awal selesai.

http://mdaemon.dutaint.co.id/mdaemon/18.0/index.html?unknown_mail.htm

Incoming mail sent to local users who do not exist should be...

[x] ...returned to sender with a 'no such user' warning

hal ini akan membebani server untuk hal yang tidak perlu.


-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 18.5.0-64 bit Beta RC2
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

The only way to do great work is to love what you do. If you haven’t
found it yet, keep looking. Don’t settle.
--- Steve Jobs


-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 18.0.2, SG 5.5.0

[mdaemon-l] Email spam terlanjur masuk

2018-09-24 Terurut Topik Thariq Basyir

Pak syafril,

2 hari lalu kami banyak mendapat SPAM email dari domain domain (terlampir),
yang sifatnya politis
dari sifatnya sih seperti email kena hijack, kemudian dipakai oleh user
yang tidak bertanggung jawab untuk menyebar berita hoax, fitnah, dan isu
SARA berkaitan dengan pemilihan presiden 2019

Selain blok manual, ada cara lain tidak pak untuk menangkis email seperti
ini?

karena sepertinya ANTI-SPAM tidak menganggap ini SPAM

Regards,
Thariq Basyir

[mdaemon-l] Email spam terlanjur masuk

[mdaemon-l] Email spam terlanjur masuk

[mdaemon-l] Email spam terlanjur masuk

[mdaemon-l] Email spam terlanjur masuk

[mdaemon-l] Email spam terlanjur masuk

[mdaemon-l] Email spam terlanjur masuk

6 matches

Site Navigation

Mail list logo

Footer information