Selamat pagi Pak Syafril,
Pagi ini saya mendapatkan alamat email ser...@victoriabank.co.id telah dibajak dan mengirimkan banyak email kepada *@qq.com dan banyak alamat email lainnya Sat 2014-03-08 01:44:08: [677780] <-- MAIL FROM:<ser...@victoriabank.co.id> Sat 2014-03-08 01:44:08: [677780] --> 250 <ser...@victoriabank.co.id>, Sender ok Sat 2014-03-08 01:44:09: [677780] <-- RCPT TO:<13395577...@ah165.net> Sat 2014-03-08 01:44:09: [677780] --> 250 <13395577...@ah165.net>, Recipient ok Sat 2014-03-08 01:44:09: [677780] <-- RCPT TO:<13501531...@139.com> Sat 2014-03-08 01:44:09: [677780] --> 250 <13501531...@139.com>, Recipient ok Sat 2014-03-08 01:44:09: [677780] <-- RCPT TO:<13510823...@139.com> Sat 2014-03-08 01:44:09: [677780] --> 250 <13510823...@139.com>, Recipient ok Sat 2014-03-08 01:44:09: [677780] <-- RCPT TO:<13513513...@163.com> Sat 2014-03-08 01:44:09: [677780] --> 250 <13513513...@163.com>, Recipient ok Sat 2014-03-08 01:44:09: [677780] <-- RCPT TO:<13...@163.com> Sat 2014-03-08 01:44:09: [677780] --> 250 <13...@163.com>, Recipient ok Sat 2014-03-08 01:44:10: [677780] <-- RCPT TO:<13600403...@139.com> Sat 2014-03-08 01:44:10: [677780] --> 250 <13600403...@139.com>, Recipient ok Sat 2014-03-08 01:44:10: [677780] <-- RCPT TO:<13601823...@163.com> Sat 2014-03-08 01:44:10: [677780] --> 250 <13601823...@163.com>, Recipient ok Sat 2014-03-08 01:44:10: [677780] <-- RCPT TO:<13608513...@163.com> Sat 2014-03-08 01:44:10: [677780] --> 250 <13608513...@163.com>, Recipient ok Sat 2014-03-08 01:44:10: [677780] <-- RCPT TO:<13609755...@139.com> Sat 2014-03-08 01:44:10: [677780] --> 250 <13609755...@139.com>, Recipient ok Sat 2014-03-08 01:44:11: [677780] <-- RCPT TO:<1363230...@qq.com> Sat 2014-03-08 01:44:11: [677780] --> 250 <1363230...@qq.com>, Recipient ok Sat 2014-03-08 01:44:13: [677780] <-- RCPT TO:<1375476...@qq.com> Sat 2014-03-08 01:44:13: [677780] --> 250 <1375476...@qq.com>, Recipient ok Sat 2014-03-08 01:44:17: [677780] <-- RCPT TO:<1404060...@qq.com> Sat 2014-03-08 01:44:17: [677780] --> 250 <1404060...@qq.com>, Recipient ok Account tersebut telah di freeze Sat 2014-03-08 01:44:24: [677791] --> 552 Too many messages from ser...@victoriabank.co.id in too short a time frame Sat 2014-03-08 01:44:24: [677791] Hijack detection has frozen the ser...@victoriabank.co.id account Sat 2014-03-08 01:44:24: [677791] SMTP session terminated (Bytes in/out: 126/435) Yang ingin saya tanyakan apa yang sedang dilakukan oleh @qq.com dibawah ini ? awalnya saya berpikir qq.com hendak mengirimkan spam email, namun saya tidak melihat alamat email @victoriabank.co.id yang dituju Sat 2014-03-08 01:44:30: [677855] Session 677855; child 0004 Sat 2014-03-08 01:44:30: [677855] Accepting SMTP connection from [119.147.194.233:60285] to [202.159.14.34:25] Sat 2014-03-08 01:44:30: [677855] --> 220 mail.victoriabank.co.id ESMTP MDaemon 13.6.1; Sat, 08 Mar 2014 01:44:30 +0700 Sat 2014-03-08 01:44:30: [677855] <-- HELO smtpbg174.qq.com Sat 2014-03-08 01:44:30: [677855] --> 250 mail.victoriabank.co.id Hello smtpbg174.qq.com, pleased to meet you Sat 2014-03-08 01:44:30: [677855] <-- MAIL FROM: <1375476754+auto_=server=victoriabank.co...@qq.com> Sat 2014-03-08 01:44:30: [677855] Performing PTR lookup (233.194.147.119.IN-ADDR.ARPA) Sat 2014-03-08 01:44:30: [677855] * D=233.194.147.119.IN-ADDR.ARPA TTL=(359) PTR=[SMTPBG174.QQ.COM] Sat 2014-03-08 01:44:30: [677855] * Gathering A records... Sat 2014-03-08 01:44:30: [677855] * D=SMTPBG174.QQ.COM TTL=(59) A=[119.147.194.233] Sat 2014-03-08 01:44:30: [677855] ---- End PTR results Sat 2014-03-08 01:44:30: [677855] Performing IP lookup (smtpbg174.qq.com) Sat 2014-03-08 01:44:30: [677855] * D=smtpbg174.qq.com TTL=(59) A=[119.147.194.233] Sat 2014-03-08 01:44:30: [677855] ---- End IP lookup results Sat 2014-03-08 01:44:30: [677855] Performing IP lookup (qq.com) Sat 2014-03-08 01:44:30: [677855] * D=qq.com TTL=(8) A=[125.39.240.113] Sat 2014-03-08 01:44:30: [677855] * D=qq.com TTL=(8) A=[163.177.65.160] Sat 2014-03-08 01:44:30: [677855] * P=010 S=001 D=qq.com TTL=(22) MX=[mx3.qq.com] Sat 2014-03-08 01:44:30: [677855] * P=020 S=002 D=qq.com TTL=(22) MX=[mx2.qq.com] Sat 2014-03-08 01:44:30: [677855] * P=030 S=000 D=qq.com TTL=(22) MX=[mx1.qq.com] Sat 2014-03-08 01:44:30: [677855] * D=qq.com TTL=(6) A=[163.177.65.160] Sat 2014-03-08 01:44:30: [677855] * D=qq.com TTL=(6) A=[163.177.65.160] Sat 2014-03-08 01:44:30: [677855] * D=qq.com TTL=(6) A=[163.177.65.160] Sat 2014-03-08 01:44:30: [677855] ---- End IP lookup results Sat 2014-03-08 01:44:30: [677855] Performing SPF lookup (qq.com / 119.147.194.233) Sat 2014-03-08 01:44:30: [677855] * Policy: v=spf1 include:spf.mail.qq.com ~all Sat 2014-03-08 01:44:30: [677855] * Evaluating include:spf.mail.qq.com: performing lookup Sat 2014-03-08 01:44:31: [677855] * Policy: v=spf1 include:spf-a.mail.qq.com include:spf-b.mail.qq.com include:spf-c.mail.qq.com include:spf-d.mail.qq.com Sat 2014-03-08 01:44:31: [677855] * Evaluating include:spf-a.mail.qq.com: performing lookup Sat 2014-03-08 01:44:31: [677855] * Policy: v=spf1 ip4:119.147.8.0/21 ip4:222.202.96.0/24 ip4:58.251.149.0/24 ip4:119.147.6.0/24 ip4:183.60.2.0/24 ip4:113.108.77.0/24 ip4:183.62.126.0/23 ip4:183.60.52.0/24 ip4:183.62.104.0/24 ip4:112.90.136.0/21 ip4:183.60.60.0/23 ~all Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:119.147.8.0/21: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:222.202.96.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:58.251.149.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:119.147.6.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:183.60.2.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:113.108.77.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:183.62.126.0/23: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:183.60.52.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:183.62.104.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:112.90.136.0/21: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:183.60.60.0/23: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ~all: match Sat 2014-03-08 01:44:31: [677855] * Evaluating include:spf-a.mail.qq.com: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating include:spf-b.mail.qq.com: performing lookup Sat 2014-03-08 01:44:31: [677855] * Policy: v=spf1 ip4:119.147.16.0/21 ip4:113.108.67.0/24 ip4:183.60.61.0/24 ip4:64.71.138.0/24 ip4:218.189.38.0/24 ip4:180.153.3.0/24 ip4:112.64.199.0/24 ip4:211.139.188.0/24 ip4:125.39.202.0/24 ip4:123.151.37.0/24 ip4:113.108.12.0/23 ip4:11 Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:119.147.16.0/21: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:113.108.67.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:183.60.61.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:64.71.138.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:218.189.38.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:180.153.3.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:112.64.199.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:211.139.188.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:125.39.202.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:123.151.37.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:113.108.12.0/23: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:113.108.23.0/24: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating ~all: match Sat 2014-03-08 01:44:31: [677855] * Evaluating include:spf-b.mail.qq.com: no match Sat 2014-03-08 01:44:31: [677855] * Evaluating include:spf-c.mail.qq.com: performing lookup Sat 2014-03-08 01:44:31: [677855] * Policy: v=spf1 ip4:119.147.192.0/22 ip4:183.62.104.0/24 ip4:112.95.234.0/24 ip4:113.108.11.0/24 ip4:184.105.67.0/24 ip4:103.7.28.0/23 ip4:184.105.206.0/24 ip4:203.205.160.0/24 ip4:54.248.139.0/24 ~all Sat 2014-03-08 01:44:31: [677855] * Evaluating ip4:119.147.192.0/22: match Sat 2014-03-08 01:44:31: [677855] * Evaluating include:spf-c.mail.qq.com: match Sat 2014-03-08 01:44:31: [677855] * Evaluating include:spf.mail.qq.com: match Sat 2014-03-08 01:44:31: [677855] * Result: pass Sat 2014-03-08 01:44:31: [677855] ---- End SPF results Sat 2014-03-08 01:44:31: [677855] --> 250 <1375476754+auto_=server=victoriabank.co...@qq.com>, Sender ok Sat 2014-03-08 01:44:31: [677855] <-- RCPT TO: <ser...@victoriabank.co.id> Sat 2014-03-08 01:44:31: [677855] Performing DNS-BL lookup (119.147.194.233 - connecting IP) Sat 2014-03-08 01:44:31: [677855] * zen.spamhaus.org - passed Sat 2014-03-08 01:44:31: [677855] ---- End DNS-BL results Sat 2014-03-08 01:44:31: [677855] --> 250 <ser...@victoriabank.co.id>, Recipient ok Sat 2014-03-08 01:44:31: [677855] <-- DATA Sat 2014-03-08 01:44:31: [677855] Creating temp file (SMTP): d:\mdaemon\queues\temp\03\md50000000287.tmp Sat 2014-03-08 01:44:31: [677855] --> 354 Enter mail, end with <CRLF>.<CRLF> Sat 2014-03-08 01:44:32: [677855] Message size: 1150 bytes Sat 2014-03-08 01:44:32: [677855] Performing VBR certification (Domain: qq.com, Auth: SPF) Sat 2014-03-08 01:44:32: [677855] * File: d:\mdaemon\queues\temp\03\md50000000287.tmp Sat 2014-03-08 01:44:32: [677855] * Message-ID: <tencent_3752bf6e6285d395641ee...@qq.com> Sat 2014-03-08 01:44:32: [677855] * Certifier (trusted): vbr.emailcertification.org ... Sat 2014-03-08 01:44:32: [677855] * Querying: qq.com._vouch.vbr.emailcertification.org ... Sat 2014-03-08 01:44:32: [677855] * Certifier does not recognize that domain Sat 2014-03-08 01:44:32: [677855] * Certification result: message not certified Sat 2014-03-08 01:44:32: [677855] ---- End VBR results Sat 2014-03-08 01:44:32: [677855] Performing DKIM lookup Sat 2014-03-08 01:44:32: [677855] * File: d:\mdaemon\queues\temp\03\md50000000287.tmp Sat 2014-03-08 01:44:32: [677855] * Message-ID: tencent_3752bf6e6285d395641ee...@qq.com Sat 2014-03-08 01:44:32: [677855] * Signature (1): ;v=1;a=rsa-sha256;c=relaxed/relaxed;d=qq.com;s=s201307;t=1394217873;b h=<not logged>; Sat 2014-03-08 01:44:32: [677855] * Verification result: [0] good Sat 2014-03-08 01:44:32: [677855] * Result: pass Sat 2014-03-08 01:44:32: [677855] ---- End DKIM results Sat 2014-03-08 01:44:32: [677855] Performing VBR certification (Domain: qq.com, Auth: DKIM) Sat 2014-03-08 01:44:32: [677855] * File: d:\mdaemon\queues\temp\03\md50000000287.tmp Sat 2014-03-08 01:44:32: [677855] * Message-ID: tencent_3752bf6e6285d395641ee...@qq.com Sat 2014-03-08 01:44:32: [677855] * Certifier (trusted): vbr.emailcertification.org ... Sat 2014-03-08 01:44:32: [677855] * Querying: qq.com._vouch.vbr.emailcertification.org ... Sat 2014-03-08 01:44:33: [677855] * Certifier does not recognize that domain Sat 2014-03-08 01:44:33: [677855] * Certification result: message not certified Sat 2014-03-08 01:44:33: [677855] ---- End VBR results Sat 2014-03-08 01:44:33: [677855] Passing message through AntiVirus (Size: 1150)... Sat 2014-03-08 01:44:33: [677855] * Message is clean (no viruses found) Sat 2014-03-08 01:44:33: [677855] ---- End AntiVirus results Sat 2014-03-08 01:44:34: [677855] Passing message through Outbreak Protection... Sat 2014-03-08 01:44:34: [677855] * Message-ID: <tencent_3752bf6e6285d395641ee...@qq.com> Sat 2014-03-08 01:44:34: [677855] * Reference-ID: str=0001.0A090207.531A1395.011E,ss=1,re=0.000,fgs=0 Sat 2014-03-08 01:44:34: [677855] * Virus result: 0 - Clean Sat 2014-03-08 01:44:34: [677855] * Spam result: 1 - Clean Sat 2014-03-08 01:44:34: [677855] * IWF result: 0 - Clean Sat 2014-03-08 01:44:34: [677855] ---- End Outbreak Protection results Sat 2014-03-08 01:44:34: [677855] Passing message through Spam Filter (Size: 1150)... Sat 2014-03-08 01:44:39: [677855] * 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider Sat 2014-03-08 01:44:39: [677855] * (rendyirawan703[at]yahoo.com) (lowongankerja1987[at]gmail.com) Sat 2014-03-08 01:44:39: [677855] * (september2012.customs[at]gmail.com) (rsmmansyur[at]yahoo.com) Sat 2014-03-08 01:44:39: [677855] * (harrysuryaku[at]yahoo.co.id) (info.hrd2013[at]gmail.com) Sat 2014-03-08 01:44:39: [677855] * (neli_chen[at]yahoo.com) (1375476754[at]qq.com) Sat 2014-03-08 01:44:39: [677855] * -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay Sat 2014-03-08 01:44:39: [677855] * domain Sat 2014-03-08 01:44:39: [677855] * 3.5 HK_SCAM_N13 BODY: HK_SCAM_N13 Sat 2014-03-08 01:44:39: [677855] * 0.0 HTML_MESSAGE BODY: HTML included in message Sat 2014-03-08 01:44:39: [677855] * 1.6 BAYES_50 BODY: Bayes spam probability is 40 to 60% Sat 2014-03-08 01:44:39: [677855] * [score: 0.5427] Sat 2014-03-08 01:44:39: [677855] * 0.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts Sat 2014-03-08 01:44:39: [677855] * 1.5 BASE64_LENGTH_79_INF BODY: BASE64_LENGTH_79_INF Sat 2014-03-08 01:44:39: [677855] * 0.4 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag Sat 2014-03-08 01:44:39: [677855] ---- End SpamAssassin results Sat 2014-03-08 01:44:39: [677855] Spam Filter score/req: 7.70/12.0 Sat 2014-03-08 01:44:39: [677855] Message creation successful: d:\mdaemon\queues\inbound\47\md50000001403.msg Sat 2014-03-08 01:44:39: [677855] --> 250 Ok, message saved <Message-ID: <tencent_3752bf6e6285d395641ee...@qq.com>> Sat 2014-03-08 01:44:39: [677855] <-- QUIT Sat 2014-03-08 01:44:39: [677855] --> 221 See ya in cyberspace Sat 2014-03-08 01:44:39: [677855] SMTP session successful (Bytes in/out: 1290/416) VICEDP <mailto:k...@victoriabank.co.id> is now sending mail <mailto:krissan...@gmail.com> from laptop -- --[MDaemon-L]------------------------------------------------ Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. Netiket: http://www.netmeister.org/news/learn2quote Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com Versi terakhir MD 13.6.2, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 2.1.2, PP 2.0.1
