[Mdaemon-L] Mohon penjelasan Log Terlampir

Mon, 10 Jun 2024 21:10:27 -0700

On 10/06/2024 15:17, Syafril Hermansyah via Mdaemon-L (Mdaemon-L@dutaint.com) wrote: 
On 6/10/24 14:48, Andriansyah wrote:
Mohon penjelasan dari log terlampir, yg memutuskan koneksi dari pihak @crew.batikair.com atau @batikair.com.my dan apakah penyebabnya? 


Sat 2024-06-01 11:37:35.992: [11609643] <-- RCPT 
TO:<fazuan.s...@crew.batikair.com>



Sat 2024-06-01 11:37:35.995: [11609643] * Socket error 10054 - 
Connection was reset by the other side!






Yang memutus koneksi ada sender host 
APC01-SG2-obe.outbound.protection.outlook.com [40.107.215.103] akibat 
kehabisan waktu delivery (TTL time out) atau salah hitung waktu.



Jika ada pengiriman mail data antar 2 node melalui koneksi tcp maka 
yang melakukan penghitungan waktu adalah sender host.
Penghitungan waktu itu menggunakan protocol icmp (aka ping) dan 
standard time to live adalah 10 menit.



Koneksi ini masih belum mencapai 10 menit tetapi sender sudah closed 
connection yang mengindikasikan ada salah hitung, dan karena sender 
host tidak bisa di "ping" mengindikasikan protocol icmp terfilter oleh 
firewall.



Saran: coba disable tarpit atau ubah/naikkan nilainya atau sender host 
di exempt.



http://mdaemon.dutaint.co.id/mdaemon/24.0.0/security--tarpit_settings.html 




[ ] Activate tarpitting

SMTP RCPT tarpit threshold = 20


Specify the number of SMTP RCPT commands that you wish to allow for a 
given host during a mail session before MDaemon will begin tarpitting 
that host. For example, if this number was set to 10 and a sending 
host attempted to send a message to 20 addresses (i.e. 20 RCPT 
commands), then MDaemon would allow the first 10 normally and then 
pause after each subsequent command for the number of seconds 
specified in the SMTP RCPT tarpit delay control below.





$ ping 40.107.215.103

PING 40.107.215.103 (40.107.215.103) 56(84) bytes of data.
^C
--- 40.107.215.103 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6150ms

$ ping mail.crew.batikair.com
PING mail.crew.batikair.com (202.152.61.246) 56(84) bytes of data.

64 bytes from mail.batikair.com (202.152.61.246): icmp_seq=1 ttl=119 
time=2.73 ms
64 bytes from mail.batikair.com (202.152.61.246): icmp_seq=2 ttl=119 
time=3.21 ms
64 bytes from mail.batikair.com (202.152.61.246): icmp_seq=3 ttl=119 
time=5.36 ms
64 bytes from mail.wingsair.co.id (202.152.61.246): icmp_seq=4 ttl=119 
time=2.70 ms

^C
--- mail.crew.batikair.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3044ms
rtt min/avg/max/mdev = 2.703/3.500/5.359/1.091 ms





Baik Pak syafril terimakasih atas penjelasannya, saya coba disable 
tarpit setting terlebih dahulu.


Regards

Andriansyah


--
--[mdaemon-l]----------------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.com
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 24.0.0, SecurityGateway 10.0.0

























					Kirim email ke