[MDaemon-L] MDaemon SecurityGateway 3.0 release
On 28/05/14 12:51 PM, Syafril Hermansyah wrote: > o The ProtectionPlus add-on is no longer needed to add an additional > layer of antivirus and spam protection to SecurityGateway and has been > discontinued. When upgrading to v.3.0 the /*installer will inform the > user*/ that it must automatically uninstall ProtectionPlus before > proceeding. Please note that if upgrading from within the web > interface, there is no opportunity for a prompt and that > ProtectionPlus will be automatically uninstalled. Ini yg bold maksudnya apa ya Pak ? Website : WWW.PTTDP.COM --- DISCLAIMER : Important Notice: This information transmitted (including any attachments) is intended only for the use of the named addressee, and may contain material/information that is private, confidential and/or legally privileged. Any retransmission, dissemination or other use of, or taking of any action in reliance upon, this material/information by anyone other than the named addressee is prohibited. If you received this in error, please immediately notify the sender at the address and telephone/telefax number or e-mail address set forth herein, delete the material/information from any computer and data carrier and destroy any copies or print-outs that may have been made of this material/information. Please note that e-mails are susceptible to change. Although this e-mail and any attachments are believed to be free of any virus, or any other defect which might affect any computer or IT system into which they are received and opened, it is the responsibility of the recipient to ensure that they are free of viruses and other defects. PT. TIGAKA DISTRINDO PERKASA is not liable for any loss or damage arising in any way from receipt, use or delay of this e- mail and any attachments, nor for improper or incomplete transmission of the information contained therein. -- --[MDaemon-L] Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. Netiket: http://www.netmeister.org/news/learn2quote Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com Versi terakhir MD 14.0.2, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 3.0, PP 2.0.1
[MDaemon-L] MDaemon SecurityGateway 3.0 release
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hallo, MDaemon Security Gateway 3.0 release pagi ini ftp://ftp.dutaint.com/altn-securitygateway/sg300_en.exe http://www.altn.com/Downloads/SecurityGateway-Free-Trial/ Release Note: http://files.altn.com/securitygateway/release/relnotes_en.htm SecurityGateway 3.0.0 - May 27, 2014 SPECIAL CONSIDERATIONS * [12243] Outbreak Protection and CYREN AntiVirus are now included in SecurityGateway! o The ProtectionPlus add-on is no longer needed to add an additional layer of antivirus and spam protection to SecurityGateway and has been discontinued. When upgrading to v.3.0 the installer will inform the user that it must automatically uninstall ProtectionPlus before proceeding. Please note that if upgrading from within the web interface, there is no opportunity for a prompt and that ProtectionPlus will be automatically uninstalled. o Kaspersky AV integration, which was previously provided via the ProtectionPlus add-on, has been replaced with CYREN AntiVirus built in to SecurityGateway. * [12957] Active Software License Renewal coverage is required for Cyren Outbreak Protection, Cyren AntiVirus, ClamAV updates, SpamAssassin updates, and Bayesian Learning. * [12958] The trial period has been changed. A hassle free 14 day trial period is now offered without the need to provide any contact information. Simply install the product and a trial license will be automatically downloaded. The trial period may be extended to 30 days by providing valid contact information. CHANGES AND NEW FEATURESS * [1444] Dynamic screening for failed SMTP authentication attempts now works across sessions over time. Previously, the failed authentication attempts had to occur within a single session. The failed authentication count for an IP is reset at midnight, or when it is blocked and added to the dynamic screening list. * [1485] Added "User Verification Source Options" page with options that allow response caching and user re-verification to be configured. * [3597] Added "Released" as a reason when filtering the message log * [3618] Added the ability to exclude whitelisted senders, authenticated sessions, and domain mail servers from attachment filtering * [11386] Restart clamd.exe immediately if "unable to allocate memory" or "cannot create thread" error occurs * [11702] SecurityGateway.exe is now Large Address Aware, allowing it to use up to 4 GB of RAM on a 64-bit OS. * [11703] Added "Spam" and "Not Spam" buttons for Bayesian Learning to the quarantine views * [12367] Updated Firebird database engine to version 2.1.5 * [12368] Updated ClamAV to version 0.98 * [12456] Updated Chilkat library to 9.4.1 * [12542] Improved whitelisting or blacklisting a sender directly from the message log or quarantine o Added "Whitelist" and "Blacklist" button to the domain and global views o Domain administrators may add the sender to the recipient domain's list o Global administrators may add the sender to the global list o Allow the sender's domain to be added, as a wildcard entry * [12817] Updated product logos * [12936] Added support for using the hostname returned by PTR lookup as a condition in SIEVE scripts * [13031] Added option to automatically redirect HTTP requests for the web interface to HTTPS FIXES * [9051] fix to the Bayesian learning process fails if the Bayesian DB path in SpamAssassin's local.cf file contains a parenthesis. The impacts most installations on a 64bit OS as the default install location is "Program Files (x86)" * [10118] fix to when delivering remote mail, other MX records are not tried when the TCP connection is successful but a SMTP protocol timeout occurs * [10126] fix to unable to disable "Close SMTP session after banning IP" setting under Dynamic Screening * [10961] fix to Account Hijack detection does not kill current session when account is disabled * [11049] fix to Notepad does not detect logs as UTF-8 encoded * [11146] fix to unable to disable "... include original message when informing the sender" option under "Mail Delivery" * [11219] fix to SSL negotiation error 0x80090308 when sending to certain SMTP servers * [11240] fix to Bayesian auto-learning does not occur if message is rejected * [11300] fix to when searching the message log, a search string that contains a single quote results in an SQL error and no results are returned * [11308] fix to dashboard displays negative days remaining in trial after trial license has expired * [11428] fix to "Save" button may not be enabled on "Quarantine Options" page * [11442] fix to Administrative Quarantine Report interval still displayed as "Daily" after being changed to another value * [11639] fix to installer unable to validate license when system does not have a MAC address * [12013] fix to redelivering a message needs to change the MessageID, or Exchange will believe it is a duplicate and n
[MDaemon-L] gagal kirim email (451 Temporary local problem - please try later)
On 2014-05-28 12:16, Yudi Chandra wrote: > tolong bantuan pengecekanya terkait gagal kirim > Wed 2014-05-28 10:34:48: [333237] Attempting SMTP connection to > [222.124.197.101:25] > Wed 2014-05-28 10:34:48: [333237] Waiting for socket connection... > Wed 2014-05-28 10:35:09: [333237] * Winsock Error 10060 Yang ini problem koneksi, bisa disisi Anda atau disisi server penerima. Kalau dari kantor saya sih tidak masalah. Bisa dikonsultasikan ke ISP, atau di test dari dos console di MDaemon server dengan telnet sebelum disampaikan ke ISP. $ telnet 222.124.197.101 25 Trying 222.124.197.101... Connected to 222.124.197.101. Escape character is '^]'. 220 mail01.finnet-indonesia.com - Welcome to Qmail Toaster Ver. 7.5 SMTP Server ESMTP > Wed 2014-05-28 10:35:15: [333237] <-- 250-mailgate2.telkom.net.id Hello > email.bjbs.co.id [202.152.55.106] > Wed 2014-05-28 10:35:32: [333237] Transfer Complete > Wed 2014-05-28 10:35:43: [333237] <-- 451 Temporary local problem - please > try later Yang ini server penerima sedang bermasalah. Karena ini adalah temporary (non fatal) problem maka MDaemon akan retry to send pada kesempatan mail processing berikutnya. -- syafril --- Syafril Hermansyah MDaemon-L Moderators, running MDaemon 14.0.2 SecurityPlus 4.5.0 Beta A Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. -- --[MDaemon-L] Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. Netiket: http://www.netmeister.org/news/learn2quote Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com Versi terakhir MD 14.0.2, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 3.0, PP 2.0.1
[MDaemon-L] gagal kirim email (451 Temporary local problem - please try later)
Dear Pak Syafril tolong bantuan pengecekanya terkait gagal kirim berikut log nya 333237] Session 333237; child 0010 Wed 2014-05-28 10:34:45: [333237] Parsing message Wed 2014-05-28 10:34:45: [333237] * From: rona.fajar.ag...@bjbs.co.id Wed 2014-05-28 10:34:45: [333237] * To: er...@finnet-indonesia.com Wed 2014-05-28 10:34:45: [333237] * Subject: Data Transaksi Indovision PostPaid Wed 2014-05-28 10:34:45: [333237] * Size (bytes): 27012 Wed 2014-05-28 10:34:45: [333237] * Message-ID: <000c01cf78cb$69217bd0$3b647370$@fajar.ag...@bjbs.co.id> Wed 2014-05-28 10:34:45: [333237] Attempting SMTP connection to [ finnet-indonesia.com] Wed 2014-05-28 10:34:45: [333237] Resolving MX records for [ finnet-indonesia.com] (DNS Server: 8.8.4.4)... Wed 2014-05-28 10:34:47: [333237] * P=010 S=000 D=finnet-indonesia.comTTL=(6) MX=[ mail01.finnet-indonesia.com] Wed 2014-05-28 10:34:47: [333237] * P=030 S=001 D=finnet-indonesia.comTTL=(6) MX=[ mailgate2.telkom.net.id] Wed 2014-05-28 10:34:47: [333237] Attempting SMTP connection to [ mail01.finnet-indonesia.com:25] Wed 2014-05-28 10:34:47: [333237] Resolving A record for [ mail01.finnet-indonesia.com] (DNS Server: 8.8.4.4)... Wed 2014-05-28 10:34:48: [333237] * D=mail01.finnet-indonesia.com TTL=(11) A=[222.124.197.101] Wed 2014-05-28 10:34:48: [333237] Attempting SMTP connection to [ 222.124.197.101:25] Wed 2014-05-28 10:34:48: [333237] Waiting for socket connection... Wed 2014-05-28 10:35:09: [333237] * Winsock Error 10060 Wed 2014-05-28 10:35:09: [333237] Attempting SMTP connection to [ mailgate2.telkom.net.id:25] Wed 2014-05-28 10:35:09: [333237] Resolving A record for [ mailgate2.telkom.net.id] (DNS Server: 8.8.4.4)... Wed 2014-05-28 10:35:11: [333237] * D=mailgate2.telkom.net.id TTL=(13) A=[222.124.18.147] Wed 2014-05-28 10:35:11: [333237] Attempting SMTP connection to [ 222.124.18.147:25] Wed 2014-05-28 10:35:11: [333237] Waiting for socket connection... Wed 2014-05-28 10:35:12: [333237] * Connection established ( 172.31.250.59:59549 -> 222.124.18.147:25) Wed 2014-05-28 10:35:12: [333237] Waiting for protocol to start... Wed 2014-05-28 10:35:14: [333237] <-- 220-mailgate2.telkom.net.id 147 ESMTP Wed, 28 May 2014 09:51:59 +0700. Wed 2014-05-28 10:35:14: [333237] <-- 220 UBE, porn, and abusive content not allowed. Wed 2014-05-28 10:35:14: [333237] --> EHLO email.bjbs.co.id Wed 2014-05-28 10:35:15: [333237] <-- 250-mailgate2.telkom.net.id Hello email.bjbs.co.id [202.152.55.106] Wed 2014-05-28 10:35:15: [333237] <-- 250-SIZE 20971520 Wed 2014-05-28 10:35:15: [333237] <-- 250-PIPELINING Wed 2014-05-28 10:35:15: [333237] <-- 250-STARTTLS Wed 2014-05-28 10:35:15: [333237] <-- 250 HELP Wed 2014-05-28 10:35:15: [333237] --> STARTTLS Wed 2014-05-28 10:35:17: [333237] <-- 220 TLS go ahead Wed 2014-05-28 10:35:21: [333237] SSL negotiation successful (TLS 1.0, 1024 bit key exchange, 128 bit AES encryption) Wed 2014-05-28 10:35:21: [333237] --> EHLO email.bjbs.co.id Wed 2014-05-28 10:35:23: [333237] <-- 250-mailgate2.telkom.net.id Hello email.bjbs.co.id [202.152.55.106] Wed 2014-05-28 10:35:23: [333237] <-- 250-SIZE 20971520 Wed 2014-05-28 10:35:23: [333237] <-- 250-PIPELINING Wed 2014-05-28 10:35:23: [333237] <-- 250 HELP Wed 2014-05-28 10:35:23: [333237] --> MAIL From: SIZE=27012 Wed 2014-05-28 10:35:24: [333237] <-- 250 OK Wed 2014-05-28 10:35:24: [333237] --> RCPT To: Wed 2014-05-28 10:35:30: [333237] <-- 250 Accepted Wed 2014-05-28 10:35:30: [333237] --> DATA Wed 2014-05-28 10:35:32: [333237] <-- 354 Enter message, ending with "." on a line by itself Wed 2014-05-28 10:35:32: [333237] Sending to [222.124.18.147] Wed 2014-05-28 10:35:32: [333237] Transfer Complete Wed 2014-05-28 10:35:43: [333237] <-- 451 Temporary local problem - please try later Wed 2014-05-28 10:35:43: [333237] --> QUIT -- --[MDaemon-L] Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. Netiket: http://www.netmeister.org/news/learn2quote Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com Versi terakhir MD 14.0.2, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 3.0, PP 2.0.1
[MDaemon-L] Tips: Mengatasi dampak DMARC policy = reject untuk account forwarding
Hallo, Tips ini mengupdate tips perihal autoforward yang lalu http://www.mail-archive.com/mdaemon-l@dutaint.com/msg20183.html Dengan pengaktifan DMARC policy p=reject oleh beberapa domain berakibat mail yang berasal dari domain-2x itu saat diteruskan ke domain lain yang mengaktifkan DMARC akan di tolak dengan alasan "Message not accepted for policy reasons" http://www.zdnet.com/aol-yahoo-email-problems-show-limits-of-email-security-728783/ http://www.spamresource.com/2014/04/up-in-arms-about-yahoos-dmarc-policy.html https://wordtothewise.com/2014/04/yahoo-statement-dmarc-policy/ Sejauh ini yang diketahui mengaktifkan DMARC policy= reject adalah yahoo.com, aol.com, comcast.net, facebook.com, linkedin.com, paypal.com, bankofamerica.com dari dmarc inisiative/contributor http://dmarc.org/ Dmarc pada prinsipnya merupakan kombinasi dari DKIM dan SPF, SPF forwarding yang diterapkan di MDaemon tidak berfungsi baik. Kalau user Anda banyak yang mengaktifkan auto forward atau account forwarding ke yahoo.com family atau gmail.com maka aktifkan DKIM di MDaemon Anda. http://www.mail-archive.com/mdaemon-l%40dutaint.com/msg19445.html harap diperhatikan bahwa DKIM harus diaktifkan Original Mail Server host (yang ada/terdaftar user mailbox), bukan (tidak bisa) di smarthost (outgoing relayhost). Jika pakai domain sharing, maka semua MDaemon party harus share file rsa.public dan rsa.private yang ada di \\mdaemon\pem\MDaemon. Boleh juga mengaktifkan sekalian ADSP key di DKIM signing asalkan menu berikut aktif (bawaan install aktif). http://mdaemon.dutaint.co.id/14.0.1/security--dkim_options.htm [x] Unsigned/Improperly signed messages trigger ADSP processing contoh untuk domain list server ini $ dig _adsp._domainkey.dutaint.com txt +short "dkim=unknown" $ dig mdaemon._domainkey.dutaint.com txt +short "v=DKIM1\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHu7mOY0gqn70Zu5Ipf0oIbXfe9cORs284SYq0oOAMPBCrvIIKb4aJb0b30CniOxenm4opcDBioLJkkZTjyEqzCDa66ykX1a/VlFKGkOxuP+R4xT19+GeRkd3YtTbpP6orrBTe5qjy2DWQu6BbD0h0DRnkKBUy5Px6iU+4xjckjwIDAQAB" -- syafril --- Syafril Hermansyah Running MDaemon 14.0.2, SP 4.5.0 Beta A To live is to change, and to be perfect is to change often. -- John Henry -- --[MDaemon-L] Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. Netiket: http://www.netmeister.org/news/learn2quote Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com Versi terakhir MD 14.0.2, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 2.1.2, PP 2.0.1
[MDaemon-L] Disastrous Recovery ( was Re: Mirroring MDAEMON Server)
On 2014-05-26 15:09, Syafril Hermansyah wrote: > On 2014-05-26 14:08, HIDAYAT - ASST. IT MANAGER wrote: >> Untuk menghindari wakt recovery MD server yang lama (bilamana ada disaster), >> kami ingin mengetahui apa saja opsi untuk membuat mirror MD server yang >> setiap waktu bisa di switch. > > Dilihat dulu problem persisnya apa. > - Kalau problem koneksi internet, maka tambahkan line backup. > > - Kalau problemnya perangkat keras, siapkan perangkat pengganti > dibelahnya yang standby dan letakkan data di NAS yang bisa dihubungi > kedua server serta backup config disimpan di removable devices atau > gunakan backup mirroring (synchronize) yang mendukung "shadow copy" > > http://en.wikipedia.org/wiki/Shadow_Copy Yang Anda tanyakan itu bukan disastrous recovery jamannya Main Frame dulu, seperti yang ini http://en.wikipedia.org/wiki/Disaster_recovery Kalau jaman mainframe dulu artinya disiapkan "remote server" jika terjadi masalah koneksi internet (jaman dulu kalau lease line down maka lama bisa up kembali), tidak ada line backup (atau mahal dan lama pengaktifannya). Dijaman sekarang untuk disastrous recovery menjadi seperti ini untuk Internet Mail System seperti MDaemon: 1. Siapkan MX backup yang mendukung ODMR (atau domainPOP) dan dynamic DNS. Saat terjadi masalah koneksi internet maka mail tetap jalan, demikian pula remote worker tetap berjalan. Yang penting MX backup sekaligus bertindak sebagai smarthost sehingga mempermudah recovery nantinya. Koneksi bisa digantikan dengan Broadband Residential yang cepat aktivasinya dan tinggi kecepatannya misalkan ADSL speedy Gold (s/d 100 Mbps), Cable Modem (s/d 100 Mbps), Wifi Offload (s/d 1.3 Gbps), LTE (s/d 145 Mbps), GSM 3G H+ multi carrier ( s/d 42 Mbps) tergantung model langganan dan provider yang dipakai. Semua residential connection punya karakteristik asynchronous connection (kecepatan unduh jauh lebih tinggi dibanding unggah) cocok untuk ODMR yang bisa multiple Serialize session connection (perlu saat recovery jika dipakai sekalian untuk remote archive). 2. Siapkan Remote Online Mail Archiving dan Online Backup Bisa pakai server sendiri (MDaemon di IDC) atau YahooPlus (yang unlimited quota) atau tempat lain (jangan yang free, agar terjaga keandalannya), yang penting remote backup accessible melalui email dan web. Online mail archive bisa merupakan mirror dari internal mail archive atau menggunakan single mailbox. Online backup hanya untuk menyimpan MDaemon backup config yang ukurannya 1.5 MB/hari di MD 13.6 keatas (versi sebelumnya berkisar 20 MB, tidak besar juga sih), pakai dropbox basic yang 5 GB sudah bisa dipakai 9 tahun) atau pakai flash disk yang berganti setiap hari (jaman dulu bagian IT ada yang piket dan ada yang bertanggung jawab bawa tape backup ke rumah atau simpan ke safety box di bank, flash disk lebih mudah disimpan dibanding tape juga restorenya lebih cepat). --- Saat terjadi kantor bermasalah (misalkan terjadi kebakaran total, amit-amit) maka cukup beli 1 PC dari toko terdekat yang sudah terinstall Windows (versi apapun), langganan koneksi brodband lalu install MDaemon versi yang sama lalu restore semua config dan mail archive maka MDaemon siap beroperasi dalam 1 jam saja. -- syafril --- Syafril Hermansyah Running MDaemon 14.0.2, SP 4.5.0 Beta A Rule of Life #1 -- Never get separated from your luggage. -- --[MDaemon-L] Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. Netiket: http://www.netmeister.org/news/learn2quote Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com Versi terakhir MD 14.0.2, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 2.1.2, PP 2.0.1