[mdaemon-l] email di header <> email di body message
RESEND -Original Message- From: Suzy Ariyani Sent: Friday, September 28, 2018 9:03 AM To: mdaemon-l@dutaint.com Subject: email di header <> email di body message Semangat pagi pak Syafril.. Header Email di bawah ini terjaring masuk Quarantine Queue.. X-SPScan-Result: infected X-SPScan-VirusName: W32/Trojan.JABI-3067 X-MDBadQueue-Reason: WARNING! infected with virus (W32/Trojan.JABI-3067) X-MDAV-Processed: bb.ptbmi.com, Mon, 24 Sep 2018 08:41:34 +0700 Return-path: Authentication-Results: bb.ptbmi.com; spf=pass smtp.mailfrom=z.laa...@oceanic-dz.com; dkim=pass (good signature) header.d=oceanic-dz.com header.b=PTj+jbUdXX; dmarc=pass header.from=oceanic-dz.com (p=none sampling=72 pct=100); iprev=pass policy.iprev=154.16.116.58 (PTR vps.kserver-mars.com); iprev=pass policy.iprev=154.16.116.58 (HELO vps.kserver-mars.com); iprev=pass policy.iprev=154.16.116.58 (MAIL z.laa...@oceanic-dz.com) Received-SPF: pass (bb.ptbmi.com: domain oceanic-dz.com designates 154.16.116.58 as permitted sender) receiver=bb.ptbmi.com; client-ip=154.16.116.58; mechanism=a; envelope-from="z.laa...@oceanic-dz.com"; helo=vps.kserver-mars.com; Received: from vps.kserver-mars.com (vps.kserver-mars.com [154.16.116.58]) by bb.ptbmi.com (MDaemon PRO v18.0.2) with ESMTPS id 20-md5061526.msg; Mon, 24 Sep 2018 08:41:33 +0700 X-Spam-Processed: bb.ptbmi.com, Mon, 24 Sep 2018 08:41:33 +0700 (not processed: message size (420725) exceeds spam filter configured max size of (102400)) X-MDDKIM-Result: unapproved (bb.ptbmi.com) X-MDSPF-Result: unapproved (bb.ptbmi.com) X-MDRemoteIP: 154.16.116.58 X-MDHelo: vps.kserver-mars.com X-MDArrival-Date: Mon, 24 Sep 2018 08:41:33 +0700 X-Rcpt-To: purchasing.ad...@ptbmi.com X-MDRcpt-To: purchasing.ad...@ptbmi.com X-Return-Path: z.laa...@oceanic-dz.com X-Envelope-From: z.laa...@oceanic-dz.com X-MDaemon-Deliver-To: purchasing.ad...@ptbmi.com X-CAV-Result: clean DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=oceanic-dz.com; s=default; h=Message-ID:References:In-Reply-To:Subject:To: From:Date:Content-Type:MIME-Version:Sender:Reply-To:Cc: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=H0/NJU2Rd990hLjyoTMwpClwJylrV/t2RzPzFUNkmFc=; b=PTj+jbUdXXmzqmdOruMiGaPCT gIC29wK5DSi8Z38sXhEek7nhIod0jvzeyWD+rfJf1ZVPmAQENBdTb/x5YD1lN0r8MGUKXNQw1gq1D fHwzXLiPHBISzd4xQKbIUK6bcH0eaP/6Zbq4SoV29GpV2nfLhM9FmSZQxcqOzFHzq+ZnVgzRlyfzv OWNwaKjjzt3SrWHStTYuA8k396EKC81H86h8Km7U6KcSa1PR7ukvX+zeO2ASEt8l2a8KUPXUucPSL 7ydJCNrmGr6NTyGye1aKlaGCdvUpb6D3YDKj6DrlfFNvhDp9tMSxgfBIhKZuYZvrt9BYlboPn6nN1 oqT1SyqnQ==; Received: from [::1] (port=15520 helo=vps.kserver-mars.com) by vps.kserver-mars.com with esmtpa (Exim 4.91) (envelope-from ) id 1g4FYk-0002xm-26; Mon, 24 Sep 2018 02:21:10 +0100 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=_67fcb9321adb3659b62b8e36e3c25463" Date: Mon, 24 Sep 2018 03:21:08 +0200 From: "PT. RCS SHIPPING & LOGISTICS" To: undisclosed-recipients:; Subject: VSL: M/V BASIC RAINBOW, ORDER NO: TKH-A801B In-Reply-To: References: <6a194b5b2f79829a01c8dc8218ff7...@oceanic-dz.com> <4c7c7bc2d54a541a1c22b20f47cab...@oceanic-dz.com> <5dbacdc3a6858b85be89b50043d45...@oceanic-dz.com> <5789f3f22df9254e9f6601320151b...@oceanic-dz.com> <9bf12c0d8e77aca2edafd925789a5...@oceanic-dz.com> <94dce919dabf84ff3b9513850ad56...@oceanic-dz.com> <0e46d35634c5d9af36492c30350fc...@oceanic-dz.com> <7207522ed098236d25dccd3f38cc3...@oceanic-dz.com> <222bd2448443f4ac88b789228...@oceanic-dz.com> <6caa0a0b3b8eb364b5a4859c75f72...@oceanic-dz.com> <01bf2f7ed66ce15b5e320f9f09b9a...@oceanic-dz.com> <5d2824bd6e45b3cadfab8f53129df...@oceanic-dz.com> <401be3640b7f12f83f51fdf9238e3...@oceanic-dz.com> <19599b26e76ad4f4390ba484cf2dc...@oceanic-dz.com> <1320bf273748990165d53657a9eb2...@oceanic-dz.com> <24f9cbf331f9b8821a0bfb321cce9...@oceanic-dz.com> <591d41070357bf29c51879b6f3fc5...@oceanic-dz.com> <7c14a2959ea4be44d5eb2e5a83331...@oceanic-dz.com> <37ea5b5e57587730ee677a5ecae6f...@oceanic-dz.com> <37bfea7e54fb9fd1548476c947cdf...@oceanic-dz.com> <7e94b55e08461cad64ad08a197de4...@oceanic-dz.com> <40d5606d4ebe53702ad9517c36bbb...@oceanic-dz.com> <04943a6279c11c3b92684fe9a1b72...@oceanic-dz.com> <49fb7c92e0ae5cb8a9695d00caf5a...@oceanic-dz.com> <18ce5b1820d2a4863c8011883ec54...@oceanic-dz.com> <7539ca65a7557d7d5e275d407ab6d...@oceanic-dz.com> <54918d4cc03624734da8b5761d0af...@oceanic-dz.com> <441776cc8a0278e5c690efbf8bd6c...@oceanic-dz.com> <947aa4737f610eb14d5c2defc7b86...@oceanic-dz.com> <7e70f02d9025ee9c568f5d3dff6c6...@oceanic-dz.com> <4aef37c67730d12d8665795207896...@oceanic-dz.com> <977a34b081e0df521eb8a31cb3c82...@oceanic-dz.com> <6f0d0604cf4a0a296b20f945b0e9e...@oceanic-dz.com> <6586660a67db1894cdb7e91b991b3...@oceanic-dz.com> <9b305990ae19db6c906074e
[mdaemon-l] Email Masuk Quarantine Queue
On 20/09/18 12:23, Syafril Hermansyah wrote: On 20/09/18 09:52, Panji Perdiansyah (pa...@s-iki.co.id) wrote: Di ClamAV memang ada bug untuk pdf berpassword protect, jadi perlu di non aktifkan menu "quarantine message that can not be scanned". Lihat contohnya di lampiran. Masih ada bug rupanya, baik saya akan non aktifkan menu tersebut. Bugnya di ClamAV engine. Semua mail server yang menggunakan ClamAV mengalami masalah yang sama. http://lists.clamav.net/pipermail/clamav-users/2017-April/004374.html http://lists.clamav.net/pipermail/clamav-users/2018-April/006071.html Pak Bugs ini akan diperbaiki di MD versi berapa ? -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir MD 18.0.2, SG 5.5.0
[mdaemon-l] email di header <> email di body message
On 28/09/18 16:35, Suzy Ariyani (s...@ptbmi.com) wrote: > Header Email di bawah ini terjaring masuk Quarantine Queue.. > Authentication-Results: bb.ptbmi.com; >spf=pass smtp.mailfrom=z.laa...@oceanic-dz.com; >dkim=pass (good signature) header.d=oceanic-dz.com header.b=PTj+jbUdXX; >dmarc=pass header.from=oceanic-dz.com (p=none sampling=72 pct=100); >iprev=pass policy.iprev=154.16.116.58 (PTR vps.kserver-mars.com); >iprev=pass policy.iprev=154.16.116.58 (HELO vps.kserver-mars.com); >iprev=pass policy.iprev=154.16.116.58 (MAIL z.laa...@oceanic-dz.com) > Received-SPF: pass (bb.ptbmi.com: domain oceanic-dz.com >designates 154.16.116.58 as permitted sender) >receiver=bb.ptbmi.com; client-ip=154.16.116.58; >mechanism=a; envelope-from="z.laa...@oceanic-dz.com"; >helo=vps.kserver-mars.com; > Yg sy temukan adalah: > 1. Email header <> email body message >di Header: z.laa...@oceanic-dz.com >di Body Message: irene-...@rcs-asia.com >Sy cek by browser: >domain oceanic-dz.com ada website-nya >domain rcs-asia.com masuk worlclient software MDaemon v16.5.2 >Seharusnya ini semua domain2 terpercaya ya pak? Ya, tetapi kedua domain tidak berhubungan. oceanic-dz.com pusatnya di algeria (africa) dan bisnisnya konsultan logistik sementara rcs-asia.com pusatnya di India dan bisnisnya logistik (shipping). > 2. Warning Infected with virus (W32/Trojan.JABI-3067) >Apakah memang masuk ke Quarantine Queue krn mslh ini? Ya. > 3. References mail ini banyak dan panjang >lazimkah ini? Tidak lazim. > 4. dikirim ke: >email rekan2 logistic: purchasing.ad...@ptbmi.com 2x, ste...@ptbmi.com > 2x >email rekan exim: exim.ron...@ptbmi.com 1x >jika dikirim ke dept2 yg tidak berhubungan dan mempertimbangkan > domainnya (tidak jelas), biasanya sy bs pastikan bahwa email tsb. semacam > junk mail/phising mail/spam mail. >tapi email ini bikin sy ragu pak.. ini worm/virus mail, jadi hapus saja lalu masukkan sender IP kedalam IP screening atau dynamic blacklist. -- syafril --- Syafril Hermansyah MDaemon-L Moderators, running MDaemon 18.5.0-64 bit Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. Never give up on anything. If you fail, try, try and try again. You are learning the best ways of doing things. --- Lailah Gifty Akita -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir MD 18.0.2, SG 5.5.0
[mdaemon-l] Email Masuk Quarantine Queue
On 28/09/18 16:59, Ivan (bluesky1...@gmail.com) wrote: >> Bugnya di ClamAV engine. >> Semua mail server yang menggunakan ClamAV mengalami masalah yang sama. >> >> http://lists.clamav.net/pipermail/clamav-users/2017-April/004374.html >> http://lists.clamav.net/pipermail/clamav-users/2018-April/006071.html >> > Pak Bugs ini akan diperbaiki di MD versi berapa ? Harus tunggu clamAV developer memperbaikinya. Sebenarnya ClamAV ada 2 macam, ClamAV for linux (open source, cisco company) dan clamAV for windows (ClamWin) yang di porting dari ClamAV for linux. Yang ada bug adalah di ClamAV, sementara ClamWin tidak bermasalah dengan pdf encryption. Di SP 5.5.0 pakai ClamAV sementara di SP 5.5.2 pakai ClamWin. Tetapi di MD 18.0 (dimana Securityplus menyatu dengan MDaemon) kembali pakai ClamAV. Saya tidak tahu persis alasan Altn.com kembali ke ClamAV, tetapi besar dugaan karena ClamAV versinya selalu terkini (terbaru) yang sudah memperbaiki bug-2x yang lain yang prioritasnya lebih tinggi dibanding pdf heuristic bug. -- syafril --- Syafril Hermansyah MDaemon-L Moderators, running MDaemon 18.5.0-64 bit Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. The more that you read, the more things you will know. The more that you learn, the more places you'll go. --- Dr. Seuss, I Can Read With My Eyes Shut! -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir MD 18.0.2, SG 5.5.0
