Dear Pak Syafril,
Kami menerima email ber virus bagaimana cara memblock email tersebut kalau dilihat di SMTP in log nya pengirim dari ISP kami Wed 2015-12-02 15:10:16.479: [776930] Session 776930; child 0001 Wed 2015-12-02 15:10:16.479: [776930] Accepting SMTP connection from 202.171.1.139:57077 to 165.108.159.10:25 Wed 2015-12-02 15:10:16.507: [776930] --> 220-mail.jkt.itochu.co.id ESMTP MDaemon 15.0.3; Wed, 02 Dec 2015 15:10:16 +0700 Wed 2015-12-02 15:10:16.507: [776930] --> 220 No public service mail PT. Itochu Indonesia Wed 2015-12-02 15:10:16.511: [776930] <-- EHLO mx3.ntt.net.id Wed 2015-12-02 15:10:16.513: [776930] Performing IP lookup (mx3.ntt.net.id) Wed 2015-12-02 15:10:16.514: [776930] * D=mx3.ntt.net.id TTL=(5) A=[202.171.1.139] Wed 2015-12-02 15:10:16.514: [776930] ---- End IP lookup results Wed 2015-12-02 15:10:16.514: [776930] --> 250-mail.jkt.itochu.co.id Hello mx3.ntt.net.id, pleased to meet you Wed 2015-12-02 15:10:16.514: [776930] --> 250-ETRN Wed 2015-12-02 15:10:16.514: [776930] --> 250-AUTH LOGIN CRAM-MD5 PLAIN Wed 2015-12-02 15:10:16.514: [776930] --> 250-8BITMIME Wed 2015-12-02 15:10:16.514: [776930] --> 250-ENHANCEDSTATUSCODES Wed 2015-12-02 15:10:16.514: [776930] --> 250-STARTTLS Wed 2015-12-02 15:10:16.514: [776930] --> 250 SIZE 20480000 Wed 2015-12-02 15:10:16.518: [776930] <-- MAIL FROM:<kerry_b...@gmail.com> SIZE=835384 BODY=8BITMIME Wed 2015-12-02 15:10:16.518: [776930] Performing IP lookup (gmail.com) Wed 2015-12-02 15:10:16.518: [776930] * D=gmail.com TTL=(3) A=[74.125.68.17] Wed 2015-12-02 15:10:16.518: [776930] * D=gmail.com TTL=(3) A=[74.125.68.19] Wed 2015-12-02 15:10:16.518: [776930] * D=gmail.com TTL=(3) A=[74.125.68.83] Wed 2015-12-02 15:10:16.518: [776930] * D=gmail.com TTL=(3) A=[74.125.68.18] Wed 2015-12-02 15:10:16.518: [776930] * P=005 S=003 D=gmail.com TTL=(28) MX=[gmail-smtp-in.l.google.com] {74.125.68.27} Wed 2015-12-02 15:10:16.518: [776930] * P=010 S=002 D=gmail.com TTL=(28) MX=[alt1.gmail-smtp-in.l.google.com] {173.194.72.26} Wed 2015-12-02 15:10:16.518: [776930] * P=020 S=001 D=gmail.com TTL=(28) MX=[alt2.gmail-smtp-in.l.google.com] {74.125.25.27} Wed 2015-12-02 15:10:16.518: [776930] * P=030 S=004 D=gmail.com TTL=(28) MX=[alt3.gmail-smtp-in.l.google.com] {64.233.169.26} Wed 2015-12-02 15:10:16.518: [776930] * P=040 S=000 D=gmail.com TTL=(28) MX=[alt4.gmail-smtp-in.l.google.com] {173.194.69.26} Wed 2015-12-02 15:10:16.518: [776930] ---- End IP lookup results Wed 2015-12-02 15:10:16.518: [776930] --> 250 2.1.0 Sender OK Wed 2015-12-02 15:10:16.530: [776930] <-- RCPT TO:<tett...@jkt.itochu.co.id> Wed 2015-12-02 15:10:16.535: [776930] Performing DNS-BL lookup (202.171.1.139 - connecting IP) Wed 2015-12-02 15:10:16.543: [776930] * zen.spamhaus.org - passed Wed 2015-12-02 15:10:16.543: [776930] ---- End DNS-BL results Wed 2015-12-02 15:10:16.550: [776930] --> 250 2.1.5 Recipient OK Wed 2015-12-02 15:10:16.550: [776930] <-- DATA Wed 2015-12-02 15:10:16.550: [776930] Creating temp file (SMTP): s:\mdaemon\queues\temp\md50000110843.tmp Wed 2015-12-02 15:10:16.550: [776930] --> 354 Enter mail, end with <CRLF>.<CRLF> Wed 2015-12-02 15:10:19.743: [776930] Message size: 835384 bytes Wed 2015-12-02 15:10:19.744: [776930] Performing DKIM lookup Wed 2015-12-02 15:10:19.744: [776930] * File: s:\mdaemon\queues\temp\md50000110843.tmp Wed 2015-12-02 15:10:19.744: [776930] * Message-ID: <20151202081203.12bad405...@mx3.ntt.net.id> Wed 2015-12-02 15:10:19.744: [776930] * Result: neutral Wed 2015-12-02 15:10:19.744: [776930] ---- End DKIM results Wed 2015-12-02 15:10:19.747: [776930] Performing DMARC processing Wed 2015-12-02 15:10:19.747: [776930] * File: s:\mdaemon\queues\temp\md50000110843.tmp Wed 2015-12-02 15:10:19.747: [776930] * Message-ID: <20151202081203.12bad405...@mx3.ntt.net.id> Wed 2015-12-02 15:10:19.747: [776930] * Author domain: gmail.com Wed 2015-12-02 15:10:19.747: [776930] * Organizational domain: gmail.com Wed 2015-12-02 15:10:19.747: [776930] * Query domain: _dmarc.gmail.com Wed 2015-12-02 15:10:19.841: [776930] * Policy record: v=DMARC1; p=none; rua=mailto:mailauth-repo...@google.com Wed 2015-12-02 15:10:19.845: [776930] * Verifying report recipient: mailauth-repo...@google.com Wed 2015-12-02 15:10:19.845: [776930] * Query domain: gmail.com._report._dmarc.google.com Wed 2015-12-02 15:10:19.864: [776930] * Policy record: v=DMARC1 Wed 2015-12-02 15:10:19.864: [776930] * Recipient mailauth-repo...@google.com is verified Wed 2015-12-02 15:10:19.864: [776930] * Checking authentication mechanisms for DMARC alignment Wed 2015-12-02 15:10:19.864: [776930] * SPF: verification disabled by administrator Wed 2015-12-02 15:10:19.864: [776930] * DKIM: no DKIM signatures found Wed 2015-12-02 15:10:19.870: [776930] * Action taken: none Wed 2015-12-02 15:10:19.870: [776930] * Result: fail Wed 2015-12-02 15:10:19.870: [776930] ---- End DMARC results Wed 2015-12-02 15:10:19.870: [776930] Passing message through AntiVirus (Size: 835384)... Wed 2015-12-02 15:10:19.913: [776930] * Message is clean (no viruses found) Wed 2015-12-02 15:10:19.914: [776930] ---- End AntiVirus results Wed 2015-12-02 15:10:19.914: [776930] Spam filter scan skipped; message size (835384) exceeds spam filter configured max size of (102400) Wed 2015-12-02 15:10:19.917: [776930] Message creation successful: e:\mdaemon\queues\inbound\md50007908292.msg Wed 2015-12-02 15:10:19.917: [776930] --> 250 2.6.0 Ok, message saved <Message-ID: <20151202081203.12bad405...@mx3.ntt.net.id>> Wed 2015-12-02 15:10:19.921: [776930] <-- QUIT Wed 2015-12-02 15:10:19.921: [776930] --> 221 2.0.0 See ya in cyberspace Wed 2015-12-02 15:10:19.921: [776930] SMTP session successful (Bytes in/out: 835516/516) Mohon advice nya Regards Benny -- --[MDaemon-L]------------------------------------------------ Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com Versi terakhir MD 15.5.2, SP 4.5.1, BES 2.0.2, OC 3.5.1, SG 3.0.3