[mdaemon-l] Email sampah

Wed, 07 Nov 2018 18:32:31 -0800 

Smangat pagi Pak Syafril...

Ada user yg minta diblokirkan email tertentu..
salah satu header email-nya sbb:
Received: from mail.argiriadis.com (mail.argiriadis.com [188.40.97.132]) by bb.ptbmi.com (MDaemon PRO v18.0.2) 
   with ESMTPS id 53-md50000063527.msg; Thu, 08 Nov 2018 07:10:13 +0700
Return-Path: <ioan...@itrino.com>
Reply-To: "askwee" <askw...@rogers.com>
From: "askwee" <ioan...@itrino.com>
To: "Ineke" <in...@ptbmi.com>
Subject:
Date: Thu, 8 Nov 2018 07:10:00 +0700
Message-ID: <t2ecgvszsrdvzvpe1awpbrsfmntqrvsdxm3wwyc287nsu9by...@mail.gmail.com> 
MIME-Version: 1.0
Content-Type: multipart/alternative;
   boundary="----=_NextPart_000_0005_01D47737.967C9280"
X-Mailer: Microsoft Outlook 15.0
X-Antivirus: AVG (VPS 181107-0, 11/07/2018), Inbound message
Thread-Index: AQHLxf+Ja0jqNtChi/In8uahi1KjMg==

Sy ambil IP-nya: 188.40.97.132

Sy cari di SMTP-(in).log tgl 2018-11-08, search IP tsb. Hasilnya:
Thu 2018-11-08 07:10:01.160: [482934] Session 482934; child 0001
Thu 2018-11-08 07:10:01.160: [482934] Accepting SMTP connection from 188.40.97.132:48132 to 172.16.0.6:25 Thu 2018-11-08 07:10:01.161: [482934] --> 220 bb.ptbmi.com ESMTP MDaemon 18.0.2; Thu, 08 Nov 2018 07:10:01 +0700 
Thu 2018-11-08 07:10:01.436: [482934] <-- EHLO mail.argiriadis.com
Thu 2018-11-08 07:10:01.437: [482934] Performing SPF lookup (mail.argiriadis.com / 188.40.97.132) 
Thu 2018-11-08 07:10:02.741: [482934] *  Result: none; no SPF record in DNS
Thu 2018-11-08 07:10:02.741: [482934] ---- End SPF results
Thu 2018-11-08 07:10:02.741: [482934] --> 250-bb.ptbmi.com Hello mail.argiriadis.com [188.40.97.132], pleased to meet you 
Thu 2018-11-08 07:10:02.741: [482934] --> 250-ETRN
Thu 2018-11-08 07:10:02.741: [482934] Location Screening hiding AUTH from country Germany 
Thu 2018-11-08 07:10:02.741: [482934] --> 250-8BITMIME
Thu 2018-11-08 07:10:02.741: [482934] --> 250-ENHANCEDSTATUSCODES
Thu 2018-11-08 07:10:02.741: [482934] --> 250-STARTTLS
Thu 2018-11-08 07:10:02.741: [482934] --> 250 SIZE 35840000
Thu 2018-11-08 07:10:02.955: [482934] <-- STARTTLS
Thu 2018-11-08 07:10:02.955: [482934] --> 220 2.7.0 Ready to start TLS
Thu 2018-11-08 07:10:03.405: [482934] SSL negotiation successful (TLS 1.2, 521 bit key exchange, 256 bit AES encryption) 
Thu 2018-11-08 07:10:03.649: [482934] <-- EHLO mail.argiriadis.com
Thu 2018-11-08 07:10:03.649: [482934] Performing SPF lookup (mail.argiriadis.com / 188.40.97.132) 
Thu 2018-11-08 07:10:03.972: [482934] *  Result: none; no SPF record in DNS
Thu 2018-11-08 07:10:03.972: [482934] ---- End SPF results
Thu 2018-11-08 07:10:03.972: [482934] --> 250-bb.ptbmi.com Hello mail.argiriadis.com [188.40.97.132], pleased to meet you 
Thu 2018-11-08 07:10:03.972: [482934] --> 250-ETRN
Thu 2018-11-08 07:10:03.972: [482934] Location Screening hiding AUTH from country Germany 
Thu 2018-11-08 07:10:03.972: [482934] --> 250-8BITMIME
Thu 2018-11-08 07:10:03.972: [482934] --> 250-ENHANCEDSTATUSCODES
Thu 2018-11-08 07:10:03.972: [482934] --> 250 SIZE 35840000
Thu 2018-11-08 07:10:04.198: [482934] <-- MAIL FROM:<ioan...@itrino.com> SIZE=788 Thu 2018-11-08 07:10:04.201: [482934] Performing PTR lookup (132.97.40.188.IN-ADDR.ARPA) Thu 2018-11-08 07:10:04.439: [482934] * D=132.97.40.188.in-addr.arpa TTL=(1440) PTR=[mail.argiriadis.com] Thu 2018-11-08 07:10:04.670: [482934] * D=mail.argiriadis.com TTL=(1440) A=[5.1.76.155] Thu 2018-11-08 07:10:04.670: [482934] * D=mail.argiriadis.com TTL=(1440) A=[188.40.97.132] 
Thu 2018-11-08 07:10:04.670: [482934] ---- End PTR results
Thu 2018-11-08 07:10:04.672: [482934] Performing IP lookup (mail.argiriadis.com) Thu 2018-11-08 07:10:04.672: [482934] * D=mail.argiriadis.com TTL=(1440) A=[5.1.76.155] Thu 2018-11-08 07:10:04.672: [482934] * D=mail.argiriadis.com TTL=(1440) A=[188.40.97.132] 
Thu 2018-11-08 07:10:04.672: [482934] ---- End IP lookup results
Thu 2018-11-08 07:10:04.675: [482934] Performing IP lookup (itrino.com)
Thu 2018-11-08 07:10:04.906: [482934] * D=itrino.com TTL=(1440) A=[188.40.97.132] 
Thu 2018-11-08 07:10:04.906: [482934] ---- End IP lookup results
Thu 2018-11-08 07:10:04.906: [482934] Performing SPF lookup (itrino.com / 188.40.97.132) 
Thu 2018-11-08 07:10:06.239: [482934] *  Result: none; no SPF record in DNS
Thu 2018-11-08 07:10:06.239: [482934] ---- End SPF results
Thu 2018-11-08 07:10:06.239: [482934] --> 250 2.1.0 Sender OK
Thu 2018-11-08 07:10:06.453: [482934] <-- RCPT TO:<in...@ptbmi.com>
Thu 2018-11-08 07:10:06.526: [482934] Performing DNS-BL lookup (188.40.97.132 - connecting IP) 
Thu 2018-11-08 07:10:06.569: [482934] *  cbl.abuseat.org - passed
Thu 2018-11-08 07:10:06.858: [482934] *  b.barracudacentral.org - passed
Thu 2018-11-08 07:10:07.135: [482934] *  zen.spamhaus.org - passed
Thu 2018-11-08 07:10:07.135: [482934] ---- End DNS-BL results
Thu 2018-11-08 07:10:07.136: [482934] --> 250 2.1.5 Recipient OK
Thu 2018-11-08 07:10:07.354: [482934] <-- DATA
Thu 2018-11-08 07:10:07.355: [482934] Creating temp file (SMTP): d:\mdaemon\queues\temp\18\md50000000113.tmp Thu 2018-11-08 07:10:07.355: [482934] --> 354 Enter mail, end with <CRLF>.<CRLF> 
Thu 2018-11-08 07:10:07.575: [482934] Message size: 2538 bytes
Thu 2018-11-08 07:10:07.575: [482934] Performing DKIM lookup
Thu 2018-11-08 07:10:07.575: [482934] * File: d:\mdaemon\queues\temp\18\md50000000113.tmp Thu 2018-11-08 07:10:07.575: [482934] * Message-ID: <t2ecgvszsrdvzvpe1awpbrsfmntqrvsdxm3wwyc287nsu9by...@mail.gmail.com> Thu 2018-11-08 07:10:07.779: [482934] * DKIM-Signature 1: v=1; a=rsa-sha256; c=relaxed/relaxed; d=itrino.com; s=2017; t=1541635798; <some tags are not logged> Thu 2018-11-08 07:10:07.779: [482934] * Verification result: DKIM_SELECTOR_DNS_PERM_FAILURE 
Thu 2018-11-08 07:10:07.779: [482934] *  Result: neutral
Thu 2018-11-08 07:10:07.779: [482934] ---- End DKIM results
Thu 2018-11-08 07:10:07.782: [482934] Performing DMARC processing
Thu 2018-11-08 07:10:07.782: [482934] * File: d:\mdaemon\queues\temp\18\md50000000113.tmp Thu 2018-11-08 07:10:07.782: [482934] * Message-ID: <t2ecgvszsrdvzvpe1awpbrsfmntqrvsdxm3wwyc287nsu9by...@mail.gmail.com> 
Thu 2018-11-08 07:10:07.782: [482934] *  Author domain: itrino.com
Thu 2018-11-08 07:10:07.782: [482934] *  Organizational domain: itrino.com
Thu 2018-11-08 07:10:07.782: [482934] *  Query domain: _dmarc.itrino.com
Thu 2018-11-08 07:10:08.615: [482934] *    No DMARC policy record found
Thu 2018-11-08 07:10:08.615: [482934] *  Action taken: none
Thu 2018-11-08 07:10:08.615: [482934] *  Result: none
Thu 2018-11-08 07:10:08.615: [482934] ---- End DMARC results
Thu 2018-11-08 07:10:08.618: [482934] Passing message through ClamAV Plugin (d:\mdaemon\queues\temp\18\md50000000113.tmp)... Thu 2018-11-08 07:10:08.618: [482934] * Message-ID: <t2ecgvszsrdvzvpe1awpbrsfmntqrvsdxm3wwyc287nsu9by...@mail.gmail.com> 
Thu 2018-11-08 07:10:08.630: [482934] *  Virus result: 0 - clean
Thu 2018-11-08 07:10:08.632: [482934] Passing message through Spam Filter (Size: 2559)... Thu 2018-11-08 07:10:08.745: [482934] * 1.6 BAYES_50 BODY: Bayes spam probability is 40 to 60% 
Thu 2018-11-08 07:10:08.745: [482934] *      [score: 0.5110]
Thu 2018-11-08 07:10:08.745: [482934] * -100 USER_IN_WHITELIST_TO address is listed in 'whitelist_to' Thu 2018-11-08 07:10:08.745: [482934] * 0.0 HTML_MESSAGE BODY: HTML included in message 
Thu 2018-11-08 07:10:08.745: [482934] ---- End SpamAssassin results
Thu 2018-11-08 07:10:08.745: [482934] Spam Filter score/req: -98.30/12.0
Thu 2018-11-08 07:10:08.960: [482934] Message creation successful: d:\mdaemon\queues\inbound\53\md50000063527.msg Thu 2018-11-08 07:10:08.960: [482934] --> 250 2.6.0 Ok, message saved <Message-ID: <t2ecgvszsrdvzvpe1awpbrsfmntqrvsdxm3wwyc287nsu9by...@mail.gmail.com>> 
Thu 2018-11-08 07:10:08.961: [482934] <-- QUIT
Thu 2018-11-08 07:10:08.961: [482934] --> 221 2.0.0 See ya in cyberspace
Thu 2018-11-08 07:10:08.962: [482934] SMTP session successful (Bytes in/out: 3562/4544) 
Thu 2018-11-08 07:10:08.962: ----------

Yg sy blok IP-nya (188.40.97.132) or email address-nya?
Email address yg mana yg perlu sy blok?
ioan...@itrino.com or askw...@rogers.com ?
ataukah ada saran lainnya?

mohon pencerahan

terima kasih,
Suzy 

--
--[mdaemon-l]----------------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 18.5.0, SG 5.5.0

Kirim email ke