[MDaemon-L] Email Spam Score

Syafril Hermansyah Tue, 12 Aug 2014 02:30:07 -0700

On 2014-08-12 16:21, Dedy Sumytra wrote:
> SPAM masih tembus ke akun user padahal kalau dilihat log-nya sudah
> terdetect sebagai SPAM. berikut log-nya :


> Tue 2014-08-05 03:15:48: [678921] Accepting SMTP connection from
> [76.180.37.249:65409 <http://76.180.37.249:65409>] to [10.10.51.165:25
> <http://10.10.51.165:25>]

> Tue 2014-08-05 03:15:48: [678921] <-- EHLO
> cpe-76-180-37-249.buffalo.res.rr.com
> <http://cpe-76-180-37-249.buffalo.res.rr.com>

> Tue 2014-08-05 03:15:48: [678921] Performing PTR lookup
> (249.37.180.76.IN-ADDR.ARPA)
> Tue 2014-08-05 03:15:48: [678921] *  D=249.37.180.76.IN-ADDR.ARPA
> TTL=(1439) PTR=[cpe-76-180-37-249.buffalo.res.rr.com
> <http://cpe-76-180-37-249.buffalo.res.rr.com>]
> Tue 2014-08-05 03:15:48: [678921] *  Gathering A records...
> Tue 2014-08-05 03:15:49: [678921] * 
> D=cpe-76-180-37-249.buffalo.res.rr.com
> <http://cpe-76-180-37-249.buffalo.res.rr.com> TTL=(1439) A=[76.180.37.249]
> Tue 2014-08-05 03:15:49: [678921] ---- End PTR results

Spam sakti begini harus diblock menggunakan Host Screening.

http://mdaemon.dutaint.co.id/14.0.1/security--host_screening.htm

Local IP: All IPs
Remote host: cpe-76-180-37-249.buffalo.res.rr.com
[x] Refuse EHLO/PTR value

Klik "add"

> Tue 2014-08-05 09:35:31: [679560] Accepting SMTP connection from 
> [92.124.140.33:1182] to [10.10.51.165:25]

> Tue 2014-08-05 09:35:31: [679560] <-- EHLO host-92-124-140-33.pppoe.omsknet.ru
> Tue 2014-08-05 09:35:31: [679560] --> 250-mail.aaa-asset.com Hello 
> host-92-124-140-33.pppoe.omsknet.ru, pleased to meet you

> Tue 2014-08-05 09:35:31: [679560] Performing PTR lookup 
> (33.140.124.92.IN-ADDR.ARPA)
> Tue 2014-08-05 09:35:32: [679560] *  D=33.140.124.92.IN-ADDR.ARPA TTL=(1440) 
> PTR=[host-92-124-140-33.pppoe.omsknet.ru]
> Tue 2014-08-05 09:35:32: [679560] *  Gathering A records...
> Tue 2014-08-05 09:35:32: [679560] *  D=host-92-124-140-33.pppoe.omsknet.ru 
> TTL=(1440) A=[92.124.140.33]

Sama kasusnya dengan diatas.

Penjelasan lebih lengkap baca disini

http://www.mail-archive.com/mdaemon-l@dutaint.com/msg31029.html

-- 
syafril
-------
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 14.5.0 Beta B SP 4.5.0 Beta B
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

-- 
--[MDaemon-L]------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: http://www.netmeister.org/news/learn2quote
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 14.0.3, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 3.0.1

[MDaemon-L] Email Spam Score

Kirim email ke