pak Syafril beberapa hari ini kami menerima email dari luar dengan
domain gmail dengan menyertakan attachment .exe dan subject "URGENT"
untungnya MDaemon sudah berhasil menghapus attachmentnya, dan serangan
email ini secara acak dan terus menerus contoh emailnya:
kerry_b...@gmail.com, batooladduli...@gmail.com, dorinez...@gmail.com
saya sertakan lognya pak:
==============================================================
= Greetings from the MDaemon mail system at mail.kompas.tv =
==============================================================
The following message:
Session-ID: 615969 (specific to this delivery attempt)
Queue-ID: pd75000426617.msg
Message-ID: mdaemon9100201511271449.aa4909...@mail.kompas.tv
could not be delivered to the following recipient(s):
dorinez...@gmail.com (unrecoverable error)
despite one or more unsuccessful attempts to do so.
No further delivery attempts will be made and the message has been
removed from the queue.
The original message headers follow at the end of this report. For
information on DSN messages see http://www.altn.com/dsn/.
Please quote the Queue-ID, Session-ID, and Message-ID found above in
any inquiries regarding this message.
========================
= Session Transcript =
========================
[615969] Session 615969; child 0003
[615969] Parsing message <xxxxxxxxxxxxxxxxxxxxxxxx\pd75000426617.msg>
[615969] * From: postmas...@kompas.tv
[615969] * To: dorinez...@gmail.com
[615969] * Subject: MDaemon Notification -- Attachment Removed
[615969] * Size (bytes): 1252
[615969] * Message-ID: <mdaemon9100201511271449.aa4909...@mail.kompas.tv>
[615969] Resolving MX record for gmail.com (DNS Server: 27.50.20.21)...
[615969] * P=005 S=003 D=gmail.com TTL=(55) MX=[gmail-smtp-in.l.google.com]
[615969] * P=010 S=002 D=gmail.com TTL=(55)
MX=[alt1.gmail-smtp-in.l.google.com]
[615969] * P=020 S=001 D=gmail.com TTL=(55)
MX=[alt2.gmail-smtp-in.l.google.com]
[615969] * P=030 S=004 D=gmail.com TTL=(55)
MX=[alt3.gmail-smtp-in.l.google.com]
[615969] * P=040 S=000 D=gmail.com TTL=(55)
MX=[alt4.gmail-smtp-in.l.google.com]
[615969] Attempting SMTP connection to gmail-smtp-in.l.google.com
[615969] Resolving A record for gmail-smtp-in.l.google.com (DNS
Server: 27.50.20.21)...
[615969] * D=gmail-smtp-in.l.google.com TTL=(3) A=[74.125.200.26]
[615969] Attempting SMTP connection to 74.125.200.26:25
[615969] Waiting for socket connection...
[615969] * Connection established 10.0.0.6:63702 --> 74.125.200.26:25
[615969] Waiting for protocol to start...
[615969] <-- 220 mx.google.com ESMTP kk7si2233745pab.220 - gsmtp
[615969] --> EHLO mail.kompas.tv
[615969] <-- 250-mx.google.com at your service, [202.146.0.67]
[615969] <-- 250-SIZE 35882577
[615969] <-- 250-8BITMIME
[615969] <-- 250-STARTTLS
[615969] <-- 250-ENHANCEDSTATUSCODES
[615969] <-- 250-PIPELINING
[615969] <-- 250-CHUNKING
[615969] <-- 250 SMTPUTF8
[615969] --> MAIL From:<postmas...@kompas.tv> SIZE=1252
[615969] <-- 250 2.1.0 OK kk7si2233745pab.220 - gsmtp
[615969] --> RCPT To:<dorinez...@gmail.com>
[615969] <-- 550-5.1.1 The email account that you tried to reach
does not exist. Please try
[615969] <-- 550-5.1.1 double-checking the recipient's email address
for typos or
[615969] <-- 550-5.1.1 unnecessary spaces. Learn more at
[615969] <-- 550 5.1.1 https://support.google.com/mail/answer/6596
kk7si2233745pab.220 - gsmtp
[615969] --> QUIT
========================
= End Transcript =
========================
apakah solusinya hanya dengan memblock by sender?
--
--[MDaemon-L]------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.
Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 15.5.2, SP 4.5.1, BES 2.0.2, OC 3.5.1, SG 3.0.3
