Dear Pak Syafril,
>Periksa ke smtp-in log untuk cari tahu siapa sebenarnya pengirim
berlampiran itu.andri_7D1143C9.zip (history_285 - 1.js) dan
deny.iskandar_AE91615B.zip (history_341 - 1.js) itu, agar bisa dianalisis
apakah memang >itu dari spammer atau worm virus atau akun yang terkena
hijack (di server lain).
Pak Syafril berikut log nya ? mau bertanya pak kalau dilihat dari log smtp
in di bawah ini ada celah di mana ya pak ?
Wed 2016-05-18 06:01:57.426: ----------
Wed 2016-05-18 06:02:41.066: [376213] Session 376213; child 0001
Wed 2016-05-18 06:02:41.066: [376213] Accepting SMTP connection from
188.76.84.3:52319 to 116.254.100.37:25
Wed 2016-05-18 06:02:41.069: [376213] --> 220-edm.ed-dima.com ESMTP MDaemon
15.0.1; Wed, 18 May 2016 06:02:41 +0700
Wed 2016-05-18 06:02:41.070: [376213] --> 220-"PT. Esham Dima Mandiri Mail
Server"
Wed 2016-05-18 06:02:41.070: [376213] --> 220-"All transactions and IP
addresses are logged"
Wed 2016-05-18 06:02:41.070: [376213] --> 220-"By IT-DIMA Dept."
Wed 2016-05-18 06:02:41.070: [376213] --> 220 "2012-2013"
Wed 2016-05-18 06:02:41.545: [376213] <-- EHLO
3.84.76.188.dynamic.jazztel.es
Wed 2016-05-18 06:02:41.545: [376213] --> 250-edm.ed-dima.com Hello
3.84.76.188.dynamic.jazztel.es, pleased to meet you
Wed 2016-05-18 06:02:41.545: [376213] --> 250-ETRN
Wed 2016-05-18 06:02:41.545: [376213] --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Wed 2016-05-18 06:02:41.545: [376213] --> 250-8BITMIME
Wed 2016-05-18 06:02:41.545: [376213] --> 250-ENHANCEDSTATUSCODES
Wed 2016-05-18 06:02:41.545: [376213] --> 250 SIZE 15360000
Wed 2016-05-18 06:02:42.044: [376213] <-- MAIL
FROM:<dejesuskenet...@jazztel.es>
Wed 2016-05-18 06:02:42.047: [376213] Performing PTR lookup
(3.84.76.188.IN-ADDR.ARPA)
Wed 2016-05-18 06:02:42.069: [376213] * D=3.84.76.188.IN-ADDR.ARPA
TTL=(283) PTR=[3.84.76.188.dynamic.jazztel.es]
Wed 2016-05-18 06:02:42.073: [376213] * D=3.84.76.188.dynamic.jazztel.es
TTL=(368) A=[188.76.84.3]
Wed 2016-05-18 06:02:42.073: [376213] ---- End PTR results
Wed 2016-05-18 06:02:42.076: [376213] Performing IP lookup
(3.84.76.188.dynamic.jazztel.es)
Wed 2016-05-18 06:02:42.078: [376213] * D=3.84.76.188.dynamic.jazztel.es
TTL=(368) A=[188.76.84.3]
Wed 2016-05-18 06:02:42.078: [376213] ---- End IP lookup results
Wed 2016-05-18 06:02:42.081: [376213] Performing IP lookup (jazztel.es)
Wed 2016-05-18 06:02:42.085: [376213] * D=jazztel.es TTL=(984)
A=[212.106.220.96]
Wed 2016-05-18 06:02:42.090: [376213] * P=010 S=000 D=jazztel.es TTL=(1492)
MX=[mail.jazztel.es] {62.14.3.193}
Wed 2016-05-18 06:02:42.090: [376213] ---- End IP lookup results
Wed 2016-05-18 06:02:42.092: [376213] Performing SPF lookup (jazztel.es /
188.76.84.3)
Wed 2016-05-18 06:02:42.093: [376213] * Policy: v=spf1
redirect=_spf.jazztel.es
Wed 2016-05-18 06:02:42.093: [376213] * Evaluating
redirect=_spf.jazztel.es:
Wed 2016-05-18 06:02:42.093: [376213] * Evaluating
redirect=_spf.jazztel.es: performing lookup
Wed 2016-05-18 06:02:42.093: [376213] * Policy (cache): v=spf1 mx
ip4:62.14.3.170/30 ip4:62.14.3.174 ip4:62.14.3.191 ip4:62.14.3.192
ip4:62.14.3.193 ip4:62.14.3.194 ip4:62.14.3.195 ip4:62.14.3.196
ip4:62.14.3.197 ip4:62.14.3.198 ip4:62.14.3.29 ip4:62.14.3.30
ip4:212.106.192.69 ip4:
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating mx: no match - zero
'mx' type records
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating ip4:62.14.3.170/30: no
match
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating ip4:62.14.3.174: no
match
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating ip4:62.14.3.191: no
match
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating ip4:62.14.3.192: no
match
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating ip4:62.14.3.193: no
match
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating ip4:62.14.3.194: no
match
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating ip4:62.14.3.195: no
match
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating ip4:62.14.3.196: no
match
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating ip4:62.14.3.197: no
match
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating ip4:62.14.3.198: no
match
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating ip4:62.14.3.29: no
match
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating ip4:62.14.3.30: no
match
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating ip4:212.106.192.69: no
match
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating ip4:212.106.192.72: no
match
Wed 2016-05-18 06:02:42.128: [376213] * Evaluating ?all: match
Wed 2016-05-18 06:02:42.128: [376213] * Result: neutral
Wed 2016-05-18 06:02:42.128: [376213] ---- End SPF results
Wed 2016-05-18 06:02:42.128: [376213] --> 250 2.1.0 Sender OK
Wed 2016-05-18 06:02:42.734: [376213] <-- RCPT
TO:<freddy.wij...@ed-dima.com>
Wed 2016-05-18 06:02:42.734: [376213] freddy.wij...@ed-dima.com is an alias
for freddy.wij...@dima.co.id
Wed 2016-05-18 06:02:42.743: [376213] Performing DNS-BL lookup (188.76.84.3
- connecting IP)
Wed 2016-05-18 06:02:42.941: [376213] * zen.spamhaus.org - passed
Wed 2016-05-18 06:02:43.036: [376213] * bl.csma.biz - failed - 127.0.0.11
Wed 2016-05-18 06:02:43.036: [376213] ---- End DNS-BL results
Wed 2016-05-18 06:02:43.040: [376213] --> 250 2.1.5 Recipient OK
Wed 2016-05-18 06:02:43.463: [376213] <-- DATA
Wed 2016-05-18 06:02:43.464: [376213] Creating temp file (SMTP):
d:\mdaemon\queues\temp\md50000000768.tmp
Wed 2016-05-18 06:02:43.464: [376213] --> 354 Enter mail, end with
<CRLF>.<CRLF>
Wed 2016-05-18 06:02:44.987: [376213] Message size: 11859 bytes
Wed 2016-05-18 06:02:44.989: [376213] Performing DKIM lookup
Wed 2016-05-18 06:02:44.989: [376213] * File:
d:\mdaemon\queues\temp\md50000000768.tmp
Wed 2016-05-18 06:02:44.989: [376213] * Message-ID:
<20160518010450.F6554A73EE@mail.freddy.wijaya.local>
Wed 2016-05-18 06:02:45.692: [376213] * Result: neutral
Wed 2016-05-18 06:02:45.692: [376213] ---- End DKIM results
Wed 2016-05-18 06:02:45.697: [376213] Performing DMARC processing
Wed 2016-05-18 06:02:45.697: [376213] * File:
d:\mdaemon\queues\temp\md50000000768.tmp
Wed 2016-05-18 06:02:45.697: [376213] * Message-ID:
<20160518010450.F6554A73EE@mail.freddy.wijaya.local>
Wed 2016-05-18 06:02:45.697: [376213] * Author domain: jazztel.es
Wed 2016-05-18 06:02:45.697: [376213] * Organizational domain: jazztel.es
Wed 2016-05-18 06:02:45.697: [376213] * Query domain: _dmarc.jazztel.es
Wed 2016-05-18 06:02:46.086: [376213] * No DMARC policy record found
Wed 2016-05-18 06:02:46.086: [376213] * Action taken: none
Wed 2016-05-18 06:02:46.086: [376213] * Result: none
Wed 2016-05-18 06:02:46.086: [376213] ---- End DMARC results
Wed 2016-05-18 06:02:46.088: [376213] Passing message through AntiVirus
(Size: 11859)...
Wed 2016-05-18 06:02:46.209: [376213] * Message is clean (no viruses found)
Wed 2016-05-18 06:02:46.209: [376213] ---- End AntiVirus results
Wed 2016-05-18 06:02:46.503: [376213] Passing message through Outbreak
Protection...
Wed 2016-05-18 06:02:46.503: [376213] * Message-ID:
<20160518010450.F6554A73EE@mail.freddy.wijaya.local>
Wed 2016-05-18 06:02:46.503: [376213] * Reference-ID:
str=0001.0A150208.573BA39A.0054,ss=4,re=0.000,recu=0.000,reip=0.000,vtr=str,
vl=0,pt=R_549421,cl=4,cld=1,fgs=140
Wed 2016-05-18 06:02:46.504: [376213] * Virus result: 0 - Clean
Wed 2016-05-18 06:02:46.504: [376213] * Spam result: 4 - Spam (confirmed)
Wed 2016-05-18 06:02:46.504: [376213] * IWF result: 0 - Clean
Wed 2016-05-18 06:02:46.504: [376213] ---- End Outbreak Protection results
Wed 2016-05-18 06:02:46.507: [376213] Passing message through Spam Filter
(Size: 11859)...
Wed 2016-05-18 06:02:46.639: [376213] * 3.5 HELO_DYNAMIC_SPLIT_IP Relay
HELO'd using suspicious hostname (Split
Wed 2016-05-18 06:02:46.639: [376213] * IP)
Wed 2016-05-18 06:02:46.639: [376213] * 0.3 CK_HELO_GENERIC Relay used name
indicative of a Dynamic Pool or
Wed 2016-05-18 06:02:46.639: [376213] * Generic rPTR
Wed 2016-05-18 06:02:46.639: [376213] * 0.0 TVD_RCVD_IP Message was
received from an IP address
Wed 2016-05-18 06:02:46.639: [376213] * 3.0 MDAEMON_DNSBL MDaemon: marked
by MDaemon's DNSBL
Wed 2016-05-18 06:02:46.639: [376213] * 2.5 MDAEMON_OP_SPAM_HIGH MDaemon:
spam/phish
Wed 2016-05-18 06:02:46.639: [376213] * -1.4 RP_MATCHES_RCVD Envelope sender
domain matches handover relay domain
Wed 2016-05-18 06:02:46.639: [376213] * 2.6 BAYES_60 BODY: Bayes spam
probability is 60 to 80%
Wed 2016-05-18 06:02:46.639: [376213] * [score: 0.6720]
Wed 2016-05-18 06:02:46.639: [376213] * 1.0 RDNS_DYNAMIC Delivered to
internal network by host with
Wed 2016-05-18 06:02:46.639: [376213] * dynamic-looking rDNS
Wed 2016-05-18 06:02:46.639: [376213] ---- End SpamAssassin results
Wed 2016-05-18 06:02:46.639: [376213] Spam Filter score/req: 11.40/12.0
Wed 2016-05-18 06:02:47.028: [376213] Message creation successful:
d:\mdaemon\queues\inbound\md50007294547.msg
Wed 2016-05-18 06:02:47.028: [376213] --> 250 2.6.0 Ok, message saved
<Message-ID: <20160518010450.F6554A73EE@mail.freddy.wijaya.local>>
Wed 2016-05-18 06:02:47.033: [376213] <-- QUIT
Wed 2016-05-18 06:02:47.033: [376213] --> 221 2.0.0 See ya in cyberspace
Wed 2016-05-18 06:02:47.033: [376213] SMTP session successful (Bytes in/out:
11988/601)
Wed 2016-05-18 06:02:47.033: ----------
Wed 2016-05-18 06:36:16.289: ----------
Wed 2016-05-18 06:37:38.479: [376488] Session 376488; child 0001
Wed 2016-05-18 06:37:38.479: [376488] Accepting SMTP connection from
116.111.51.94:2486 to 116.254.100.37:25
Wed 2016-05-18 06:37:38.481: [376488] --> 220-edm.ed-dima.com ESMTP MDaemon
15.0.1; Wed, 18 May 2016 06:37:38 +0700
Wed 2016-05-18 06:37:38.482: [376488] --> 220-"PT. Esham Dima Mandiri Mail
Server"
Wed 2016-05-18 06:37:38.482: [376488] --> 220-"All transactions and IP
addresses are logged"
Wed 2016-05-18 06:37:38.482: [376488] --> 220-"By IT-DIMA Dept."
Wed 2016-05-18 06:37:38.482: [376488] --> 220 "2012-2013"
Wed 2016-05-18 06:37:38.583: [376488] <-- EHLO [116.111.51.94]
Wed 2016-05-18 06:37:38.583: [376488] --> 250-edm.ed-dima.com Hello
[116.111.51.94], pleased to meet you
Wed 2016-05-18 06:37:38.583: [376488] --> 250-ETRN
Wed 2016-05-18 06:37:38.583: [376488] --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Wed 2016-05-18 06:37:38.583: [376488] --> 250-8BITMIME
Wed 2016-05-18 06:37:38.583: [376488] --> 250-ENHANCEDSTATUSCODES
Wed 2016-05-18 06:37:38.584: [376488] --> 250 SIZE 15360000
Wed 2016-05-18 06:37:38.679: [376488] <-- MAIL
FROM:<blackelish...@luminatica.se>
Wed 2016-05-18 06:37:38.681: [376488] Performing PTR lookup
(94.51.111.116.IN-ADDR.ARPA)
Wed 2016-05-18 06:37:38.797: [376488] * DNS server reports domain name
unknown
Wed 2016-05-18 06:37:38.797: [376488] * No PTR records found
Wed 2016-05-18 06:37:38.797: [376488] ---- End PTR results
Wed 2016-05-18 06:37:38.802: [376488] Performing IP lookup (luminatica.se)
Wed 2016-05-18 06:37:39.171: [376488] * D=luminatica.se TTL=(59)
A=[192.121.104.141]
Wed 2016-05-18 06:37:39.798: [376488] * P=010 S=000 D=luminatica.se
TTL=(60) MX=[vsp1.crystone.se]
Wed 2016-05-18 06:37:39.798: [376488] * P=010 S=001 D=luminatica.se
TTL=(60) MX=[vsp2.crystone.se]
Wed 2016-05-18 06:37:40.166: [376488] * D=vsp1.crystone.se TTL=(60)
A=[83.168.203.32]
Wed 2016-05-18 06:37:40.166: [376488] * D=vsp1.crystone.se TTL=(60)
A=[83.168.203.33]
Wed 2016-05-18 06:37:40.166: [376488] * D=vsp1.crystone.se TTL=(60)
A=[83.168.203.34]
Wed 2016-05-18 06:37:40.166: [376488] * D=vsp1.crystone.se TTL=(60)
A=[83.168.203.35]
Wed 2016-05-18 06:37:40.166: [376488] * D=vsp1.crystone.se TTL=(60)
A=[83.168.225.20]
Wed 2016-05-18 06:37:40.166: [376488] * D=vsp1.crystone.se TTL=(60)
A=[83.168.225.21]
Wed 2016-05-18 06:37:40.166: [376488] * D=vsp1.crystone.se TTL=(60)
A=[83.168.225.22]
Wed 2016-05-18 06:37:40.166: [376488] * D=vsp1.crystone.se TTL=(60)
A=[83.168.225.23]
Wed 2016-05-18 06:37:40.185: [376488] * D=vsp2.crystone.se TTL=(34)
A=[83.168.225.21]
Wed 2016-05-18 06:37:40.185: [376488] * D=vsp2.crystone.se TTL=(34)
A=[83.168.225.22]
Wed 2016-05-18 06:37:40.185: [376488] * D=vsp2.crystone.se TTL=(34)
A=[83.168.225.23]
Wed 2016-05-18 06:37:40.185: [376488] * D=vsp2.crystone.se TTL=(34)
A=[83.168.203.32]
Wed 2016-05-18 06:37:40.185: [376488] * D=vsp2.crystone.se TTL=(34)
A=[83.168.203.33]
Wed 2016-05-18 06:37:40.185: [376488] * D=vsp2.crystone.se TTL=(34)
A=[83.168.203.34]
Wed 2016-05-18 06:37:40.185: [376488] * D=vsp2.crystone.se TTL=(34)
A=[83.168.203.35]
Wed 2016-05-18 06:37:40.185: [376488] * D=vsp2.crystone.se TTL=(34)
A=[83.168.225.20]
Wed 2016-05-18 06:37:40.185: [376488] ---- End IP lookup results
Wed 2016-05-18 06:37:40.187: [376488] Performing SPF lookup (luminatica.se /
116.111.51.94)
Wed 2016-05-18 06:37:40.540: [376488] * Policy: v=spf1 a mx
Wed 2016-05-18 06:37:40.542: [376488] * Evaluating a: no match
Wed 2016-05-18 06:37:40.547: [376488] * Evaluating mx: no match
Wed 2016-05-18 06:37:40.547: [376488] * Result: neutral
Wed 2016-05-18 06:37:40.547: [376488] ---- End SPF results
Wed 2016-05-18 06:37:40.547: [376488] --> 250 2.1.0 Sender OK
Wed 2016-05-18 06:37:40.643: [376488] <-- RCPT TO:<har...@ed-dima.com>
Wed 2016-05-18 06:37:40.644: [376488] har...@ed-dima.com is an alias for
hardja.din...@dima.co.id
Wed 2016-05-18 06:37:40.650: [376488] Performing DNS-BL lookup
(116.111.51.94 - connecting IP)
Wed 2016-05-18 06:37:40.676: [376488] * zen.spamhaus.org - failed -
127.0.0.11
Wed 2016-05-18 06:37:41.062: [376488] * bl.csma.biz - failed - 127.0.0.11
Wed 2016-05-18 06:37:41.062: [376488] ---- End DNS-BL results
Wed 2016-05-18 06:37:41.064: [376488] --> 250 2.1.5 Recipient OK
Wed 2016-05-18 06:37:41.161: [376488] <-- DATA
Wed 2016-05-18 06:37:41.162: [376488] Creating temp file (SMTP):
d:\mdaemon\queues\temp\md50000000838.tmp
Wed 2016-05-18 06:37:41.163: [376488] --> 354 Enter mail, end with
<CRLF>.<CRLF>
Wed 2016-05-18 06:37:41.354: [376488] Message size: 11840 bytes
Wed 2016-05-18 06:37:41.355: [376488] Performing DKIM lookup
Wed 2016-05-18 06:37:41.356: [376488] * File:
d:\mdaemon\queues\temp\md50000000838.tmp
Wed 2016-05-18 06:37:41.356: [376488] * Message-ID:
<20160518063948.22F31A12E5@mail.hardja.local>
Wed 2016-05-18 06:37:42.206: [376488] * Result: neutral
Wed 2016-05-18 06:37:42.206: [376488] ---- End DKIM results
Wed 2016-05-18 06:37:42.212: [376488] Performing DMARC processing
Wed 2016-05-18 06:37:42.212: [376488] * File:
d:\mdaemon\queues\temp\md50000000838.tmp
Wed 2016-05-18 06:37:42.212: [376488] * Message-ID:
<20160518063948.22F31A12E5@mail.hardja.local>
Wed 2016-05-18 06:37:42.212: [376488] * Author domain: luminatica.se
Wed 2016-05-18 06:37:42.212: [376488] * Organizational domain:
luminatica.se
Wed 2016-05-18 06:37:42.212: [376488] * Query domain: _dmarc.luminatica.se
Wed 2016-05-18 06:37:42.923: [376488] * No DMARC policy record found
Wed 2016-05-18 06:37:42.923: [376488] * Action taken: none
Wed 2016-05-18 06:37:42.923: [376488] * Result: none
Wed 2016-05-18 06:37:42.923: [376488] ---- End DMARC results
Wed 2016-05-18 06:37:42.924: [376488] Passing message through AntiVirus
(Size: 11840)...
Wed 2016-05-18 06:37:43.075: [376488] * Message is clean (no viruses found)
Wed 2016-05-18 06:37:43.075: [376488] ---- End AntiVirus results
Wed 2016-05-18 06:37:43.365: [376488] Passing message through Outbreak
Protection...
Wed 2016-05-18 06:37:43.365: [376488] * Message-ID:
<20160518063948.22F31A12E5@mail.hardja.local>
Wed 2016-05-18 06:37:43.365: [376488] * Reference-ID:
str=0001.0A150203.573BABCB.0032,ss=4,re=0.000,recu=0.000,reip=0.000,vtr=str,
vl=0,pt=R_549421,cl=4,cld=1,fgs=12
Wed 2016-05-18 06:37:43.365: [376488] * Virus result: 0 - Clean
Wed 2016-05-18 06:37:43.365: [376488] * Spam result: 4 - Spam (confirmed)
Wed 2016-05-18 06:37:43.365: [376488] * IWF result: 0 - Clean
Wed 2016-05-18 06:37:43.365: [376488] ---- End Outbreak Protection results
Wed 2016-05-18 06:37:43.368: [376488] Passing message through Spam Filter
(Size: 11840)...
Wed 2016-05-18 06:37:43.501: [376488] * 3.0 MDAEMON_DNSBL MDaemon: marked
by MDaemon's DNSBL
Wed 2016-05-18 06:37:43.501: [376488] * 2.5 MDAEMON_OP_SPAM_HIGH MDaemon:
spam/phish
Wed 2016-05-18 06:37:43.501: [376488] * 1.6 BAYES_50 BODY: Bayes spam
probability is 40 to 60%
Wed 2016-05-18 06:37:43.501: [376488] * [score: 0.5540]
Wed 2016-05-18 06:37:43.501: [376488] * 0.8 RDNS_NONE Delivered to internal
network by a host with no rDNS
Wed 2016-05-18 06:37:43.501: [376488] * 0.0 HELO_MISC_IP Looking for more
Dynamic IP Relays
Wed 2016-05-18 06:37:43.501: [376488] ---- End SpamAssassin results
Wed 2016-05-18 06:37:43.502: [376488] Spam Filter score/req: 7.90/12.0
Wed 2016-05-18 06:37:43.601: [376488] Message creation successful:
d:\mdaemon\queues\inbound\md50007294563.msg
Wed 2016-05-18 06:37:43.601: [376488] --> 250 2.6.0 Ok, message saved
<Message-ID: <20160518063948.22F31A12E5@mail.hardja.local>>
Wed 2016-05-18 06:37:43.612: [376488] <-- QUIT
Wed 2016-05-18 06:37:43.612: [376488] --> 221 2.0.0 See ya in cyberspace
Wed 2016-05-18 06:37:43.612: [376488] SMTP session successful (Bytes in/out:
11948/579)
Wed 2016-05-18 06:37:43.613: ----------
Thank's
Heryanto
-----Original Message-----
From: MDaemon-L@dutaint.com [mailto:MDaemon-L@dutaint.com] On Behalf Of
Syafril Hermansyah
Sent: 17 May 2016 21:58
To: Milis Komunitas MDaemon Indonesia <mdaemon-l@dutaint.com>
Subject: [MDaemon-L] Email spam banyak yang lolos cukup mengganggu user
On 05/17/2016 08:06 PM, Heryanto wrote:
> Mohon pencerahan nya bahwa mail server kami belakangan ini banyak
> menerima email seperti di bawah ini apakah ada celah di settingan mail
> server kami sehingga spam mail bisa masuk.
Periksa ke smtp-in log untuk cari tahu siapa sebenarnya pengirim berlampiran
itu.andri_7D1143C9.zip (history_285 - 1.js) dan deny.iskandar_AE91615B.zip
(history_341 - 1.js) itu, agar bisa dianalisis apakah memang itu dari
spammer atau worm virus atau akun yang terkena hijack (di server lain).
Yang kedua, sebaiknya notify to sender/recipient jika ada attachment
restriction di non aktifkan saja, cukupkan ke notify ke Administrator karena
mungkin saja sendernya palsu (address spoofing).
http://mdaemon.dutaint.co.id/mdaemon/16.0/index.html?cf_notifications.htm
[ ] Send restricted attachment notification message to...
--
syafril
-------
Syafril Hermansyah
MDaemon-L Moderators, MDaemon 16.0.2-64, SP 5.0-64 Harap tidak cc: atau
kirim ke private mail untuk masalah MDaemon.
We do not remember days, we remember moments.
--- Cesare Pavese
--
--MDaemon-L----------------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.
Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id Henti Langgan: Kirim mail ke
MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com Versi
terakhir MD 16.0.2, SP 5.0, BES 2.0.2, OC 3.5.2, SG 3.0.3
--
--MDaemon-L----------------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.
Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 16.0.2, SP 5.0, BES 2.0.2, OC 3.5.2, SG 3.0.3
