[mdaemon-l] SPAM
On 27/04/18 11:20, Norman Sinaga (norman.sin...@puninar.com) wrote: > Akhir – akhir ini banyak sekali SPAM masuk ke email kami, Perlihatkan message header dari spam mail tersebut. Salin message header itu ke notepad lalu lampirkan kesini agar lebih mudah dibaca. Cara melihat message hader https://www.ablebits.com/office-addins-blog/2013/08/07/view-outlook-email-headers/ -- syafril --- Syafril Hermansyah MDaemon-L Moderators, running MDaemon 18.0-64 bit Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. Banyak yang tidak menyadari bahwa untuk bisa menjadi pemimpin yang baik sebenarnya harus pernah membuktikan dirinya pernah menjadi orang yang dipimpin. --- Dahlan Iskan -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir MD 18.0 (all-in-one), SG 5.0.1
[mdaemon-l] SPAM
Dear Pak Syafril, Saya Norman dari PT Puninar Jaya, Akhir - akhir ini banyak sekali SPAM masuk ke email kami, [cid:image001.png@01D3DE1A.1F725960] Apakah ada solusi dari Duta Int untuk menangani masalah ini ? Terimakasih Norman Sinaga
[mdaemon-l] Kasus Hijack
On 27/04/18 08:22, Ivan (bluesky1...@gmail.com) wrote: >> Kalau jumlah outbound spam mail belum mencapai limit yang ditetap di >> account hijack detection maka account hijack detector belum terpicu >> bekerja. >> >> http://mdaemon.dutaint.co.id/mdaemon/18.0/index.html?security--hijack_detection.htm >> > Yes pak secara logika pasti sudah mencapai krn kirim ribuan email, Periksa ke smtp-out dan smtp-in log untuk melihat faktanya. Logika tanpa fakta tidak valid. > tapi akun tsb di di freeze sama MD, sy jd binun kenapa ga terdetect MD. Kalau spam mail recipient local user/account tidak akan terdeteksi oleh Account Hijack Detection. -- syafril --- Syafril Hermansyah MDaemon-L Moderators, running MDaemon 18.0-64 bit Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. Wisdom comes not from age, but from education and learning. --- Anton Chekhov -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir MD 18.0 (all-in-one), SG 5.0.1
[mdaemon-l] WARNING: Message delivery failed
On 27/04/18 08:03, Ceppy Multi Anggara (cepotg...@gmail.com) wrote: > Ijin bertanya mengenai permasalahan berikut, soalnya user saya tanya > selalu login gmail nya via browser. > [935800] <-- 550-5.7.1 Unauthenticated email from dropbox.com is not > accepted due to domain's > [935800] <-- 550-5.7.1 DMARC policy. Please contact the administrator of > dropbox.com domain > [935800] <-- 550-5.7.1 if this was a legitimate mail. Please visit > [935800] <-- 550-5.7.1 https://support.google.com/mail/answer/2451690 to > learn about the > [935800] <-- 550 5.7.1 DMARC initiative. x28si110996pfa.37 - gsmtp Mail ditolak karena mail aslinya berasal dropbox.com yang mengaktifkan DMARC paranoide mode. DMARC adalah antispoofing protocol (mirip DKIM dan SPF), yang mencheck FROM . Di mode paranoid (parameter p=reject), mail dari domain yang diproteksi dengan DMARC tidak bisa di autoforward ke akun lain yang server penerimanya mengaktifkan DMARC detection seperti gmail.com (dan MDaemon, walau di MDaemon bisa di set untuk accept atau whitelist) DMARC paranoid hanya bisa diatasi jika server yang melakukan autoforward mengaktifkan ARC (Authenticate Receive Chain). https://www.dmarcanalyzer.com/arc-is-here/ Saya sudah meminta (wish list) ARC ke altn.com developer, semoga bisa diimplementasi di MDaemon versi mendatang. -- syafril --- Syafril Hermansyah MDaemon-L Moderators, running MDaemon 18.0-64 bit Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. Friendship... is not something you learn in school. But if you haven't learned the meaning of friendship, you really haven't learned anything. --- Muhammad Ali -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir MD 18.0 (all-in-one), SG 5.0.1
[mdaemon-l] Kasus Hijack
On 26/04/18 20:07, Syafril Hermansyah wrote: Kalau jumlah outbound spam mail belum mencapai limit yang ditetap di account hijack detection maka account hijack detector belum terpicu bekerja. Juga kalau akun itu masuk dalam account hijack detection whitelist, tidak akan bekerja. http://mdaemon.dutaint.co.id/mdaemon/18.0/index.html?security--hijack_detection.htm Yes pak secara logika pasti sudah mencapai krn kirim ribuan email, tapi akun tsb di di freeze sama MD, sy jd binun kenapa ga terdetect MD. dan hijack detection whitelist kosong pak -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir MD 18.0 (all-in-one), SG 5.0.1
[mdaemon-l] WARNING: Message delivery failed
Selamat pagi pak Syafril, Ijin bertanya mengenai permasalahan berikut, soalnya user saya tanya selalu login gmail nya via browser. Terima kasih Ceppy MA BMKG --- Forwarded message --- From: MDaemon at dip2.dutaint.com Date: 27 April 2018 7:55:31 AM Subject: WARNING: Message delivery failed To: layanan.l...@bmkg.go.id = Greetings from the MDaemon mail system at dip2.dutaint.com = The following message: Session-ID: 935800 (specific to this delivery attempt) Queue-ID: pd35000286417.msg Message-ID: 0100016304869295-458eb7c1-b3ef-4096-9f94-7ac19fd568e9-000...@email.amazonses.com could not be delivered to the following recipient(s): kentan...@gmail.com (unrecoverable error) despite one or more unsuccessful attempts to do so. No further delivery attempts will be made and the message has been removed from the queue. The original message headers may follow at the end of this report. For information on DSN messages see http://www.altn.com/dsn/. Please quote the Queue-ID, Session-ID, and Message-ID found above in any inquiries regarding this message. = Session Transcript = [935800] Session 935800; child 0021 [935800] Parsing message [935800] * From: no-re...@dropbox.com [935800] * To: kentan...@gmail.com [935800] * Subject: We noticed a new sign in to your Dropbox [935800] * Size (bytes): 11954 [935800] * Message-ID: <0100016304869295-458eb7c1-b3ef-4096-9f94-7ac19fd568e9-000...@email.amazonses.com> [935800] Resolving MX record for gmail.com (DNS Server: 8.8.8.8)... [935800] * P=005 S=000 D=gmail.com TTL=(49) MX=[gmail-smtp-in.l.google.com] [935800] * P=010 S=001 D=gmail.com TTL=(49) MX=[alt1.gmail-smtp-in.l.google.com] [935800] * P=020 S=003 D=gmail.com TTL=(49) MX=[alt2.gmail-smtp-in.l.google.com] [935800] * P=030 S=002 D=gmail.com TTL=(49) MX=[alt3.gmail-smtp-in.l.google.com] [935800] * P=040 S=004 D=gmail.com TTL=(49) MX=[alt4.gmail-smtp-in.l.google.com] [935800] Attempting SMTP connection to gmail-smtp-in.l.google.com [935800] Resolving A record for gmail-smtp-in.l.google.com (DNS Server: 8.8.8.8)... [935800] * D=gmail-smtp-in.l.google.com TTL=(4) A=[74.125.200.27] [935800] Attempting SMTP connection to 74.125.200.27:25 [935800] Waiting for socket connection... [935800] * Connection established 113.20.30.171:39644 --> 74.125.200.27:25 [935800] Waiting for protocol to start... [935800] <-- 220 mx.google.com ESMTP x28si110996pfa.37 - gsmtp [935800] --> EHLO dip2.dutaint.com [935800] <-- 250-mx.google.com at your service, [113.20.30.171] [935800] <-- 250-SIZE 157286400 [935800] <-- 250-8BITMIME [935800] <-- 250-STARTTLS [935800] <-- 250-ENHANCEDSTATUSCODES [935800] <-- 250-PIPELINING [935800] <-- 250-CHUNKING [935800] <-- 250 SMTPUTF8 [935800] --> STARTTLS [935800] <-- 220 2.0.0 Ready to start TLS [935800] SSL negotiation successful (TLS 1.2, 256 bit key exchange, 128 bit AES encryption) [935800] SSL certificate is not valid (does not match gmail-smtp-in.l.google.com and/or is not signed by recognized CA) [935800] --> EHLO dip2.dutaint.com [935800] <-- 250-mx.google.com at your service, [113.20.30.171] [935800] <-- 250-SIZE 157286400 [935800] <-- 250-8BITMIME [935800] <-- 250-ENHANCEDSTATUSCODES [935800] <-- 250-PIPELINING [935800] <-- 250-CHUNKING [935800] <-- 250 SMTPUTF8 [935800] --> MAIL From: SIZE=11954 [935800] <-- 250 2.1.0 OK x28si110996pfa.37 - gsmtp [935800] --> RCPT To: [935800] <-- 250 2.1.5 OK x28si110996pfa.37 - gsmtp [935800] --> DATA [935800] <-- 354 Go ahead x28si110996pfa.37 - gsmtp [935800] Sending to [74.125.200.27] [935800] Transfer Complete [935800] <-- 550-5.7.1 Unauthenticated email from dropbox.com is not accepted due to domain's [935800] <-- 550-5.7.1 DMARC policy. Please contact the administrator of dropbox.com domain [935800] <-- 550-5.7.1 if this was a legitimate mail. Please visit [935800] <-- 550-5.7.1 https://support.google.com/mail/answer/2451690 to learn about the [935800] <-- 550 5.7.1 DMARC initiative. x28si110996pfa.37 - gsmtp [935800] --> QUIT =End Transcript= X-MDAV-Processed: dip2.dutaint.com, Fri, 27 Apr 2018 07:36:23 +0700 Received: by dip2.dutaint.com (MDaemon PRO v18.0.0) with ESMTPSA id 37-md5009298.msg; Fri, 27 Apr 2018 07:36:21 +0700 X-Spam-Processed: dip2.dutaint.com, Fri, 27 Apr 2018 07:36:21 +0700 (not processed: spam filter heuristic analysis disabled) X-MDRemoteIP: 202.90.199.44 X-MDHelo: mail.bmkg.go.id X-MDArrival-Date: Fri, 27 Apr 2018 07:36:21 +0700 X-Authenticated-Sender: bmkg.go.id X-Return-Path: prvs=165544776a=layanan.l...@bmkg.go.id X-Envelope-From: prvs=165544776a=layanan.l...@bmkg.go.id X-MDaemon-Deliver-To: kentan...@gmail.com X-CAV-Result: clean X-MDAV-Re
[mdaemon-l] Tips : bypass location screening utk user tertentu
Hallo, Penerapan Location Screening di MDaemon 17.5.0 keatas akan mengurangi drastis kemngkinan akun terkena hijack https://www.mail-archive.com/mdaemon-l@dutaint.com/msg42186.html khususnya bagi user yang belum menerapkan strong password. https://www.mail-archive.com/mdaemon-l@dutaint.com/msg42271.html hal itu karena beberapa negara dikenali banyak melakukan hijack/spam https://www.spamhaus.org/statistics/countries/ Akan tetapi beberapa VVIP atau Tenaga Kerja Ahli (Expatriate) perusahaan perlu/sering bepergian ke luar negeri yang mungkin ke negara-2x yang masuk dalam "The 10 Worst Spam Countries" atau punya cabang di luar negeri. Di MDaemon versi 18.0 diberikan cara untuk bypass geo location screening bagi user tertentu khususnya jika user itu menggunakan Activesync Protocol. http://mdaemon.dutaint.co.id/mdaemon/18.0/index.html?activesync--devices.htm pilih activesyn client/user lalu aktifkan [x] Exempt from Location Screen Activesync client bisa berupa Ponsel (Cellphone, Mobile Device) atau PC/Laptop email client yang mendukung Protocol Activesync. Activesync mendukung Email/Message Sync, Calendar Sync dan Contact Sync http://www.altn.com/Products/MDaemon-Email-Server-Windows/Mail-Server-Mobile-Access/Android-ActiveSync/ http://www.altn.com/Products/MDaemon-Email-Server-Windows/Mail-Server-Mobile-Access/iPhone-ActiveSync/ http://www.altn.com/Support/KnowledgeBase/KnowledgeBaseResults/?Number=KBA-02501 http://www.altn.com/Support/KnowledgeBase/KnowledgeBaseResults/?Number=KBA-02544 -- syafril --- Syafril Hermansyah MDaemon-L Moderators, running MDaemon 18.0-64 bit Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. Tell me and I forget. Teach me and I remember. Involve me and I learn. --- Benjamin Franklin -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir MD 18.0 (all-in-one), SG 5.0.1
[mdaemon-l] Kasus Hijack
On 2018-04-26 17:18, Ivan (bluesky1...@gmail.com) wrote: > Pak minggu lalu user saya ada yg kena hijack walaupun sudah secure > password, mungkin dia sembarang register di web ga jelas. sehingga > account tsb dipakai mengirim ribuan email dalam 1 malam > pertanyaan saya kenapa hijack prevention setting tidak berfungsi saat > kirim email sampai ribuan ini : Kalau jumlah outbound spam mail belum mencapai limit yang ditetap di account hijack detection maka account hijack detector belum terpicu bekerja. Juga kalau akun itu masuk dalam account hijack detection whitelist, tidak akan bekerja. http://mdaemon.dutaint.co.id/mdaemon/18.0/index.html?security--hijack_detection.htm Account Hijack Detection The options on this screen can be used to detect a possibly hijacked MDaemon account and automatically prevent it from sending messages through your server. For example, if a spammer somehow obtained an account's email address and password then this feature could prevent the spammer from using the account to send bulk junk e-mail through your system. You can designate a maximum number of messages that may be sent by an account in a given number of minutes, based on the IP address from which it is connecting. You can also choose to disable accounts that reach the limit. There is also a White List that can be used to exempt certain addresses from this restriction. Account Hijack Detection is enabled by default. > IP *202.171.41.162 *contoh IP hacker nya tidak terblock oleh hijack > detestion sy cek di log DynScrn IP tersebut tidak terblock dan account > tidak freeze. Kenapa bisa lolos ya ? IP ini tercatat di SMTP-in log > banyak sekali berhasil login. IP 202.171.41.162 dari negara malaysia, kalau Geo Location Screening diaktifkan tidak akan bisa pakai akun yang sudah diketahui passwordnya sekalipun. http://mdaemon.dutaint.co.id/mdaemon/18.0/index.html?screening_location-screening.htm [x] SMTP connections are accepted but authentication is blocked lihat lagi ke arsip yl untuk pencegahan akun terkena hijack. https://www.mail-archive.com/mdaemon-l@dutaint.com/msg42186.html -- syafril --- Syafril Hermansyah MDaemon-L Moderators, MDaemon 18.0-64 Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. Masa depan bukan mrpkan terusan masa silam. Masa depan akan mrpkan rangkaian peristiwa yg diskontinyu. Kita hrs lupakan cara menghdpi masa silam utk menangani masa depan -- Charles Handy -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir MD 18.0 (all-in-one), SG 5.0.1
[mdaemon-l] Hijack detection
On 2018-04-26 17:16, Syafril Hermansyah (syaf...@dutaint.co.id) wrote: >> tapi di seluruh Dynscrn log utk tgl 26-04-18 tidak ada yg status Freeze > 0 >> jd dimana lagi bisa cek nya ? > Di notification message dari MDaemon ke postmaster account alias. Oops sorry. Checknya di smtp-out log. Account hijack detection menghitung jumlah mail di smtp-out log. -- syafril --- Syafril Hermansyah MDaemon-L Moderators, MDaemon 18.0-64 Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. Masalah pertama bagi kita semua, laki-2x dan perempuan, bukanlah belajar, tetapi tidak belajar -- Gloria Steinem -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir MD 18.0 (all-in-one), SG 5.0.1
[mdaemon-l] Kasus Hijack
Pak minggu lalu user saya ada yg kena hijack walaupun sudah secure password, mungkin dia sembarang register di web ga jelas. sehingga account tsb dipakai mengirim ribuan email dalam 1 malam pertanyaan saya kenapa hijack prevention setting tidak berfungsi saat kirim email sampai ribuan ini : IP *202.171.41.162 *contoh IP hacker nya tidak terblock oleh hijack detestion sy cek di log DynScrn IP tersebut tidak terblock dan account tidak freeze. Kenapa bisa lolos ya ? IP ini tercatat di SMTP-in log banyak sekali berhasil login. solusi saat ini lsg saya reset password lsg stop. posisi setting hijack sbb : contoh log smtp-in : Sun 2018-04-15 00:03:10.214: 05: Session 631749; child 0001 Sun 2018-04-15 00:03:10.214: 05: Accepting SMTP connection from 202.171.41.162:55467 to 192.168.10.2:587 Sun 2018-04-15 00:03:10.215: 03: --> 220 webmail.pttdp.com ESMTP MSA MDaemon 17.5.1; Sun, 15 Apr 2018 00:03:10 +0700 Sun 2018-04-15 00:03:10.240: 02: <-- EHLO mymobile.gov.my Sun 2018-04-15 00:03:10.240: 03: --> 250-webmail.pttdp.com Hello mymobile.gov.my [*202.171.41.162*], pleased to meet you Sun 2018-04-15 00:03:10.240: 03: --> 250-AUTH LOGIN CRAM-MD5 PLAIN Sun 2018-04-15 00:03:10.240: 03: --> 250-8BITMIME Sun 2018-04-15 00:03:10.241: 03: --> 250-ENHANCEDSTATUSCODES Sun 2018-04-15 00:03:10.241: 03: --> 250-STARTTLS Sun 2018-04-15 00:03:10.241: 03: --> 250 SIZE 3000 Sun 2018-04-15 00:03:10.266: 02: <-- STARTTLS Sun 2018-04-15 00:03:10.266: 03: --> 220 2.7.0 Ready to start TLS Sun 2018-04-15 00:03:10.323: 01: SSL negotiation successful (TLS 1.0, 2048 bit key exchange, 256 bit AES encryption) Sun 2018-04-15 00:03:10.348: 02: <-- EHLO mymobile.gov.my Sun 2018-04-15 00:03:10.348: 03: --> 250-webmail.pttdp.com Hello mymobile.gov.my [202.171.41.162], pleased to meet you Sun 2018-04-15 00:03:10.348: 03: --> 250-AUTH LOGIN CRAM-MD5 PLAIN Sun 2018-04-15 00:03:10.348: 03: --> 250-8BITMIME Sun 2018-04-15 00:03:10.348: 03: --> 250-ENHANCEDSTATUSCODES Sun 2018-04-15 00:03:10.348: 03: --> 250 SIZE 3000 Sun 2018-04-15 00:03:10.374: 02: <-- AUTH CRAM-MD5 Sun 2018-04-15 00:03:10.375: 03: --> 334 PE1EQUVNT04tRjIwMTgwNDE1MDAwMy5BQTAzMTAzNzVNRDM3MTZAd2VibWFpbC5wdHRkcC5jb20+ Sun 2018-04-15 00:03:10.399: 02: <-- ZXN0ZXJAcHR0ZHAuY29tIDEyNDVlN2YwNjc4N2ZkNzFiYjFiYTZiNTFjOTk1OWRi Sun 2018-04-15 00:03:10.399: 01: Authenticating es...@pttdp.com... Sun 2018-04-15 00:03:10.401: 01: Authenticated as es...@pttdp.com Sun 2018-04-15 00:03:10.401: 03: --> 235 2.7.0 Authentication successful Sun 2018-04-15 00:03:10.427: 02: <-- MAIL FROM: Sun 2018-04-15 00:03:10.428: 03: --> 250 2.1.0 Sender OK Sun 2018-04-15 00:03:10.453: 02: <-- RCPT TO: Sun 2018-04-15 00:03:10.456: 03: --> 250 2.1.5 Recipient OK Sun 2018-04-15 00:03:10.483: 02: <-- DATA Sun 2018-04-15 00:03:10.484: 01: Creating temp file (SMTP): e:\mdaemon\queues\temp\md5091525.tmp Sun 2018-04-15 00:03:10.484: 03: --> 354 Enter mail, end with . Sun 2018-04-15 00:03:10.537: 01: Message size: 1203 bytes Sun 2018-04-15 00:03:10.538: 06: Passing message through AntiVirus (Size: 1203)... Sun 2018-04-15 00:03:10.549: 06: * Message is clean (no viruses found) Sun 2018-04-15 00:03:10.549: 06: End AntiVirus results Sun 2018-04-15 00:03:10.578: 01: Message creation successful: e:\mdaemon\queues\inbound\md50001834914.msg Sun 2018-04-15 00:03:10.578: 03: --> 250 2.6.0 Ok, message saved > Sun 2018-04-15 00:03:10.578: 02: <-- QUIT Sun 2018-04-15 00:03:10.578: 03: --> 221 2.0.0 See ya in cyberspace Sun 2018-04-15 00:03:10.579: 01: SMTP session successful (Bytes in/out: 3345/2154) -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir MD 18.0 (all-in-one), SG 5.0.1
[mdaemon-l] Hijack detection
On 26/04/18 16:28, Ivan (bluesky1...@gmail.com) wrote: > tapi di seluruh Dynscrn log utk tgl 26-04-18 tidak ada yg status Freeze > 0 > jd dimana lagi bisa cek nya ? Di notification message dari MDaemon ke postmaster account alias. -- syafril --- Syafril Hermansyah MDaemon-L Moderators, running MDaemon 18.0-64 bit Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. Challenges are what make life interesting and overcoming them is what makes life meaningful. --- Joshua J. Marine -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir MD 18.0 (all-in-one), SG 5.0.1
[mdaemon-l] Hijack detection
On 26/04/18 11:37, Syafril Hermansyah wrote: Lihat ke dynscrn log. Saya cek di logo ini tidak ada yg freeze dari screening log : Thu 2018-04-26 09:31:27.785: Hijack detection has frozen the admin...@pttdp.com account tapi di seluruh Dynscrn log utk tgl 26-04-18 tidak ada yg status Freeze > 0 contoh : 180426 01709 D [0023] 0x41503100 Summary: 173 Connections Allowed 180426 01709 D [0023] 0x41503101 Summary: 37 Connections Refused 180426 01710 D [0023] 0x41503102 Summary: 0 Trusted IP Hits 180426 01710 D [0023] 0x41503103 Summary: 1 Whitelist Hits 180426 01710 D [0023] 0x41503104 Summary: 37 Blacklist Hits 180426 01711 D [0023] 0x4150310C Summary: 3 Location Screen Hits 180426 01711 D [0023] 0x41503105 Summary: 159 Logon Successes 180426 01711 D [0023] 0x41503106 Summary: 11 Logon Failures 180426 01711 D [0023] 0x41503107 Summary: 1 Block Operations 180426 01712 D [0023] 0x41503108 Summary: 0 Unblock Operations 180426 01712 D [0023] 0x41503109 Summary: 0 Expired block Operations 180426 01712 D [0023] 0x4150310A Summary: 0 Freeze Operations jd dimana lagi bisa cek nya ? -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir MD 18.0 (all-in-one), SG 5.0.1