Dear Pak syafril,
Berikut salah satu log di smtp in log : Tue 2016-05-17 19:12:39.284: [370628] Session 370628; child 0001 Tue 2016-05-17 19:12:39.284: [370628] Parsing message <d:\mdaemon\queues\remote\pd75001644881.msg> Tue 2016-05-17 19:12:39.288: [370628] * From: postmas...@ed-dima.com Tue 2016-05-17 19:12:39.288: [370628] * To: smallsherry54...@ccs.co.nz Tue 2016-05-17 19:12:39.288: [370628] * Subject: MDaemon Notification -- Attachment Removed Tue 2016-05-17 19:12:39.288: [370628] * Size (bytes): 1285 Tue 2016-05-17 19:12:39.288: [370628] * Message-ID: <mdaemon4070201605171912.aa1238...@edm.ed-dima.com> Tue 2016-05-17 19:12:39.291: [370628] Resolving MX record for ccs.co.nz (DNS Server: 116.254.101.2)... Tue 2016-05-17 19:12:39.303: [370628] * P=050 S=000 D=ccs.co.nz TTL=(59) MX=[smtp.simedarby.co.nz] Tue 2016-05-17 19:12:39.303: [370628] Attempting SMTP connection to smtp.simedarby.co.nz Tue 2016-05-17 19:12:39.304: [370628] Resolving A record for smtp.simedarby.co.nz (DNS Server: 116.254.101.2)... Tue 2016-05-17 19:12:39.306: [370628] * D=smtp.simedarby.co.nz TTL=(35) A=[203.97.53.77] Tue 2016-05-17 19:12:39.307: [370628] Attempting SMTP connection to 203.97.53.77:25 Tue 2016-05-17 19:12:39.309: [370628] Waiting for socket connection... Tue 2016-05-17 19:12:39.583: [370628] * Connection established 116.254.100.37:61888 --> 203.97.53.77:25 Tue 2016-05-17 19:12:39.583: [370628] Waiting for protocol to start... Tue 2016-05-17 19:12:41.892: [370628] <-- 220 ************************************************************* Tue 2016-05-17 19:12:41.893: [370628] --> EHLO edm.ed-dima.com Tue 2016-05-17 19:12:42.166: [370628] <-- 250-legolas.simedarby.co.nz Tue 2016-05-17 19:12:42.166: [370628] <-- 250-PIPELINING Tue 2016-05-17 19:12:42.166: [370628] <-- 250-SIZE 52428800 Tue 2016-05-17 19:12:42.166: [370628] <-- 250-ETRN Tue 2016-05-17 19:12:42.166: [370628] <-- 250-ENHANCEDSTATUSCODES Tue 2016-05-17 19:12:42.166: [370628] <-- 250-8BITMIME Tue 2016-05-17 19:12:42.166: [370628] <-- 250 DSN Tue 2016-05-17 19:12:42.166: [370628] --> MAIL From:<prvs=1945241604=postmas...@ed-dima.com> SIZE=1285 Tue 2016-05-17 19:12:42.440: [370628] <-- 250 2.1.0 Ok Tue 2016-05-17 19:12:42.440: [370628] --> RCPT To:<smallsherry54...@ccs.co.nz> Tue 2016-05-17 19:12:45.953: [370628] <-- 250 2.1.5 Ok Tue 2016-05-17 19:12:45.953: [370628] --> DATA Tue 2016-05-17 19:12:46.225: [370628] <-- 354 End data with <CR><LF>.<CR><LF> Tue 2016-05-17 19:12:46.225: [370628] Sending <d:\mdaemon\queues\remote\pd75001644881.msg> to [203.97.53.77] Tue 2016-05-17 19:12:46.226: [370628] Transfer Complete Tue 2016-05-17 19:12:46.506: [370628] <-- 250 2.0.0 Ok: queued as B580A1BEF9A_73B0B41F Tue 2016-05-17 19:12:46.507: [370628] --> QUIT Tue 2016-05-17 19:12:46.778: [370628] <-- 221 2.0.0 Bye Tue 2016-05-17 19:12:46.778: [370628] SMTP session successful (Bytes in/out: 315/1424) Tue 2016-05-17 19:12:46.779: ---------- Thank's Heryanto > On 17 Mei 2016, at 21.58, Syafril Hermansyah <syaf...@dutaint.co.id> wrote: > >> On 05/17/2016 08:06 PM, Heryanto wrote: >> Mohon pencerahan nya bahwa mail server kami belakangan ini banyak >> menerima email seperti di bawah ini apakah ada celah di settingan mail >> server kami sehingga spam mail bisa masuk. > > Periksa ke smtp-in log untuk cari tahu siapa sebenarnya pengirim > berlampiran itu.andri_7D1143C9.zip (history_285 - 1.js) dan > deny.iskandar_AE91615B.zip (history_341 - 1.js) itu, agar bisa > dianalisis apakah memang itu dari spammer atau worm virus atau akun yang > terkena hijack (di server lain). > > > Yang kedua, sebaiknya notify to sender/recipient jika ada attachment > restriction di non aktifkan saja, cukupkan ke notify ke Administrator > karena mungkin saja sendernya palsu (address spoofing). > > http://mdaemon.dutaint.co.id/mdaemon/16.0/index.html?cf_notifications.htm > > [ ] Send restricted attachment notification message to... > > > > -- > syafril > ------- > Syafril Hermansyah > MDaemon-L Moderators, MDaemon 16.0.2-64, SP 5.0-64 > Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. > > We do not remember days, we remember moments. > --- Cesare Pavese > > -- > --MDaemon-L---------------------------------------------------------- > Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. > > Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette > Arsip: http://mdaemon-l.dutaint.com > Dokumentasi : http://mdaemon.dutaint.co.id > Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com > Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com > Versi terakhir MD 16.0.2, SP 5.0, BES 2.0.2, OC 3.5.2, SG 3.0.3 > > > -- --MDaemon-L---------------------------------------------------------- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com Versi terakhir MD 16.0.2, SP 5.0, BES 2.0.2, OC 3.5.2, SG 3.0.3
