[Mdaemon-L] Email tiket
From: "Syafril Hermansyah via Mdaemon-L (Mdaemon-L@dutaint.com)" To: Mdaemon-L@dutaint.com Date: Mon, 6 Jun 2022 22:36:37 +0700 Subject: [Mdaemon-L] Email tiket CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. On 06/06/22 17.22, zul wrote: > Mail kami dapat kiriman seperti di bawah ini > Mon 2022-06-06 17:14:14.921: [01509501] Performing PTR lookup (66.27.223.159.IN-ADDR.ARPA) > Mon 2022-06-06 17:14:14.922: [01509501] * D=66.27.223.159.IN-ADDR.ARPA TTL=(20) PTR=[slot0.crystalmeth.cf] > Mon 2022-06-06 17:14:14.924: [01509501] * D=slot0.crystalmeth.cf TTL=(13) A=[159.223.27.66] > Mon 2022-06-06 17:14:14.924: [01509501] End PTR results > Mon 2022-06-06 17:14:14.926: [01509501] Performing IP lookup (slot0.crystalmeth.cf) > Mon 2022-06-06 17:14:14.928: [01509501] * D=slot0.crystalmeth.cf TTL=(13) A=[159.223.27.66] > Mon 2022-06-06 17:14:14.928: [01509501] End IP lookup results Pakai DNS mana sebagai rujukkan sehingga FDQN hostnya bisa resolve begitu? http://mdaemon.dutaint.co.id/mdaemon/22.0/default-domain-and-servers_dns.html > Mon 2022-06-06 17:14:15.926: [01509501] Passing message through Outbreak Protection... > Mon 2022-06-06 17:14:15.926: [01509501] * Spam result: 4 - Spam (confirmed) Menurut outbreak Protection, mail ini adalah spam. > Mon 2022-06-06 17:14:16.069: [01509501] * 2.5 MDAEMON_OP_SPAM_HIGH MDaemon: spam/phish Tetapi karena spam score dari OP kekecilan maka tidak melewati ambang batas +5.0. Naikkan nilainya, yang saat phising spam marak 2- 3 bulan terakhir in menjadi +10.2 http://mdaemon.dutaint.co.id/mdaemon/22.0/sp_outbreak_protection.html Spam should be... [x] accepted for filtering Score: +10.2 lihat juga ke arsip berikut https://www.mail-archive.com/mdaemon-l@dutaint.com/msg48184.html Sudah saya lakukan, dan terjadi antrian di SMTP (in) $ host slot0.crystalmeth.cf 1.1.1.1 Using domain server: Name: 1.1.1.1 Address: 1.1.1.1#53 Aliases: Host slot0.crystalmeth.cf not found: 2(SERVFAIL) $ host slot0.crystalmeth.cf 8.8.8.8 Using domain server: Name: 8.8.8.8 Address: 8.8.8.8#53 Aliases: Host slot0.crystalmeth.cf not found: 2(SERVFAIL) $ host 159.223.27.66 1.1.1.1 Using domain server: Name: 1.1.1.1 Address: 1.1.1.1#53 Aliases: 66.27.223.159.in-addr.arpa domain name pointer htb-eyi3ryqbzb.htb-cloud.com. $ host crystalmeth.cf 1.1.1.1 Using domain server: Name: 1.1.1.1 Address: 1.1.1.1#53 Aliases: Host crystalmeth.cf not found: 2(SERVFAIL) -- syafril Syafril Hermansyah MDaemon-L Moderator, run MDaemon 22.0.1 64bit Beta A Mohon tidak kirim private mail (atau cc:) untuk masalah MDaemon. Life is really simple, but we insist on making it complicated. --- Confucius -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 22.0, SecurityGateway 8.5.2 -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 22.0, SecurityGateway 8.5.2
[Mdaemon-L] Email tiket
On 06/06/22 17.22, zul wrote: Mail kami dapat kiriman seperti di bawah ini Mon 2022-06-06 17:14:14.921: [01509501] Performing PTR lookup (66.27.223.159.IN-ADDR.ARPA) Mon 2022-06-06 17:14:14.922: [01509501] * D=66.27.223.159.IN-ADDR.ARPA TTL=(20) PTR=[slot0.crystalmeth.cf] Mon 2022-06-06 17:14:14.924: [01509501] * D=slot0.crystalmeth.cf TTL=(13) A=[159.223.27.66] Mon 2022-06-06 17:14:14.924: [01509501] End PTR results Mon 2022-06-06 17:14:14.926: [01509501] Performing IP lookup (slot0.crystalmeth.cf) Mon 2022-06-06 17:14:14.928: [01509501] * D=slot0.crystalmeth.cf TTL=(13) A=[159.223.27.66] Mon 2022-06-06 17:14:14.928: [01509501] End IP lookup results Pakai DNS mana sebagai rujukkan sehingga FDQN hostnya bisa resolve begitu? http://mdaemon.dutaint.co.id/mdaemon/22.0/default-domain-and-servers_dns.html Mon 2022-06-06 17:14:15.926: [01509501] Passing message through Outbreak Protection... Mon 2022-06-06 17:14:15.926: [01509501] * Spam result: 4 - Spam (confirmed) Menurut outbreak Protection, mail ini adalah spam. Mon 2022-06-06 17:14:16.069: [01509501] * 2.5 MDAEMON_OP_SPAM_HIGH MDaemon: spam/phish Tetapi karena spam score dari OP kekecilan maka tidak melewati ambang batas +5.0. Naikkan nilainya, yang saat phising spam marak 2- 3 bulan terakhir in menjadi +10.2 http://mdaemon.dutaint.co.id/mdaemon/22.0/sp_outbreak_protection.html Spam should be... [x] accepted for filtering Score: +10.2 lihat juga ke arsip berikut https://www.mail-archive.com/mdaemon-l@dutaint.com/msg48184.html $ host slot0.crystalmeth.cf 1.1.1.1 Using domain server: Name: 1.1.1.1 Address: 1.1.1.1#53 Aliases: Host slot0.crystalmeth.cf not found: 2(SERVFAIL) $ host slot0.crystalmeth.cf 8.8.8.8 Using domain server: Name: 8.8.8.8 Address: 8.8.8.8#53 Aliases: Host slot0.crystalmeth.cf not found: 2(SERVFAIL) $ host 159.223.27.66 1.1.1.1 Using domain server: Name: 1.1.1.1 Address: 1.1.1.1#53 Aliases: 66.27.223.159.in-addr.arpa domain name pointer htb-eyi3ryqbzb.htb-cloud.com. $ host crystalmeth.cf 1.1.1.1 Using domain server: Name: 1.1.1.1 Address: 1.1.1.1#53 Aliases: Host crystalmeth.cf not found: 2(SERVFAIL) -- syafril Syafril Hermansyah MDaemon-L Moderator, run MDaemon 22.0.1 64bit Beta A Mohon tidak kirim private mail (atau cc:) untuk masalah MDaemon. Life is really simple, but we insist on making it complicated. --- Confucius -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 22.0, SecurityGateway 8.5.2
[Mdaemon-L] Email tiket
Selamat Sore Mail kami dapat kiriman seperti di bawah ini salam Mon 2022-06-06 17:14:13.938: [01509501] Session 01509501; child 0002 Mon 2022-06-06 17:14:13.938: [01509501] Accepting SMTP connection from 159.223.27.66:44811 to 202.47.68.6:25 Mon 2022-06-06 17:14:13.938: [01509501] Location Screen says connection is from Germany, Europe Mon 2022-06-06 17:14:13.940: [01509501] --> 220 mail.indonakano.co.id ESMTP Mon, 06 Jun 2022 17:14:13 +0700 Mon 2022-06-06 17:14:14.100: [01509501] <-- EHLO slot0.crystalmeth.cf Mon 2022-06-06 17:14:14.101: [01509501] --> 250-mail.indonakano.co.id Hello slot0.crystalmeth.cf [159.223.27.66], pleased to meet you Mon 2022-06-06 17:14:14.101: [01509501] --> 250-ETRN Mon 2022-06-06 17:14:14.101: [01509501] --> 250-8BITMIME Mon 2022-06-06 17:14:14.101: [01509501] --> 250-ENHANCEDSTATUSCODES Mon 2022-06-06 17:14:14.101: [01509501] --> 250-PIPELINING Mon 2022-06-06 17:14:14.101: [01509501] --> 250-CHUNKING Mon 2022-06-06 17:14:14.101: [01509501] --> 250-STARTTLS Mon 2022-06-06 17:14:14.101: [01509501] --> 250 SIZE Mon 2022-06-06 17:14:14.261: [01509501] <-- STARTTLS Mon 2022-06-06 17:14:14.261: [01509501] --> 220 2.7.0 Ready to start TLS Mon 2022-06-06 17:14:14.599: [01509501] SSL negotiation successful (TLS 1.2, 256 bit key exchange, 256 bit AES encryption) Mon 2022-06-06 17:14:14.760: [01509501] <-- EHLO slot0.crystalmeth.cf Mon 2022-06-06 17:14:14.760: [01509501] --> 250-mail.indonakano.co.id Hello slot0.crystalmeth.cf [159.223.27.66], pleased to meet you Mon 2022-06-06 17:14:14.760: [01509501] --> 250-ETRN Mon 2022-06-06 17:14:14.760: [01509501] --> 250-8BITMIME Mon 2022-06-06 17:14:14.760: [01509501] --> 250-ENHANCEDSTATUSCODES Mon 2022-06-06 17:14:14.760: [01509501] --> 250-PIPELINING Mon 2022-06-06 17:14:14.760: [01509501] --> 250-CHUNKING Mon 2022-06-06 17:14:14.760: [01509501] --> 250-REQUIRETLS Mon 2022-06-06 17:14:14.760: [01509501] --> 250 SIZE Mon 2022-06-06 17:14:14.921: [01509501] <-- MAIL FROM: BODY=8BITMIME Mon 2022-06-06 17:14:14.921: [01509501] Performing PTR lookup (66.27.223.159.IN-ADDR.ARPA) Mon 2022-06-06 17:14:14.922: [01509501] * D=66.27.223.159.IN-ADDR.ARPA TTL=(20) PTR=[slot0.crystalmeth.cf] Mon 2022-06-06 17:14:14.924: [01509501] * D=slot0.crystalmeth.cf TTL=(13) A=[159.223.27.66] Mon 2022-06-06 17:14:14.924: [01509501] End PTR results Mon 2022-06-06 17:14:14.926: [01509501] Performing IP lookup (slot0.crystalmeth.cf) Mon 2022-06-06 17:14:14.928: [01509501] * D=slot0.crystalmeth.cf TTL=(13) A=[159.223.27.66] Mon 2022-06-06 17:14:14.928: [01509501] End IP lookup results Mon 2022-06-06 17:14:14.928: [01509501] Performing IP lookup (crystalmeth.cf) Mon 2022-06-06 17:14:14.929: [01509501] * D=crystalmeth.cf TTL=(19) A=[159.223.27.66] Mon 2022-06-06 17:14:14.929: [01509501] End IP lookup results Mon 2022-06-06 17:14:14.929: [01509501] Performing SPF lookup (slot0.crystalmeth.cf / 159.223.27.66) Mon 2022-06-06 17:14:14.949: [01509501] * Result: none; no SPF record in DNS Mon 2022-06-06 17:14:14.949: [01509501] End SPF results Mon 2022-06-06 17:14:14.949: [01509501] Performing SPF lookup (crystalmeth.cf / 159.223.27.66) Mon 2022-06-06 17:14:14.949: [01509501] * Policy (cache): v=spf1 mx a ip4:159.223.27.66/32 ~all Mon 2022-06-06 17:14:14.953: [01509501] * Evaluating mx: match Mon 2022-06-06 17:14:14.953: [01509501] * Result: pass Mon 2022-06-06 17:14:14.953: [01509501] End SPF results Mon 2022-06-06 17:14:14.953: [01509501] --> 250 2.1.0 Sender OK Mon 2022-06-06 17:14:15.113: [01509501] <-- RCPT TO: Mon 2022-06-06 17:14:15.116: [01509501] --> 250 2.1.5 Recipient OK Mon 2022-06-06 17:14:15.276: [01509501] <-- DATA Mon 2022-06-06 17:14:15.279: [01509501] --> 354 Enter mail, end with . Mon 2022-06-06 17:14:15.449: [01509501] Message size: 8769 bytes Mon 2022-06-06 17:14:15.449: [01509501] Performing DKIM verification Mon 2022-06-06 17:14:15.449: [01509501] * File: c:\mdaemon\queues\temp\md500117930.tmp Mon 2022-06-06 17:14:15.449: [01509501] * Message-ID: <20220606031156.7bc04ebbd9451...@crystalmeth.cf> Mon 2022-06-06 17:14:15.454: [01509501] * DKIM-Signature 1: v=1; a=rsa-sha256; c=relaxed/relaxed; s=dkim; d=crystalmeth.cf; i=cpanel.notifications-nore...@crystalmeth.cf; Mon 2022-06-06 17:14:15.454: [01509501] *Verification result: good signature Mon 2022-06-06 17:14:15.454: [01509501] * Result: pass Mon 2022-06-06 17:14:15.454: [01509501] End DKIM results Mon 2022-06-06 17:14:15.458: [01509501] Performing DMARC processing Mon 2022-06-06 17:14:15.458: [01509501] * File: c:\mdaemon\queues\temp\md500117930.tmp Mon 2022-06-06 17:14:15.458: [01509501] * Message-ID: <20220606031156.7bc04ebbd9451...@crystalmeth.cf> Mon 2022-06-06 17:14:15.458: [01509501] * Author domain: crystalmeth.cf Mon 2022-06-06 17:14:15.458: [01509501] * Organizational domain: crystalmeth.cf Mon 2022-06-06 17:14:15.458: [01509501] * Query domain: _dmarc.crystalmeth.cf Mon 2022-06-06 17:14:15.458: [01