[Mdaemon-L] MDaemon configured to drop connection on PTR record mismatch
Dear Pak Syafril, Mohon bantuannya untuk kasus kami sebagai berikut, awalnya saya periksa log karena ada bouncing email di log sbb ; Mon 2021-08-30 12:24:17.542: -- Mon 2021-08-30 12:24:20.796: [16950750] Session 16950750; child 0001 Mon 2021-08-30 12:24:20.796: [16950750] Accepting SMTP connection from 40.107.132.51:48896 to 124.81.84.135:25 Mon 2021-08-30 12:24:20.796: [16950750] Location Screen says connection is from South Korea, Asia Mon 2021-08-30 12:24:20.797: [16950750] --> 220 mail.persada.id ESMTP MDaemon 21.0.2; Mon, 30 Aug 2021 12:24:20 +0700 Mon 2021-08-30 12:24:20.867: [16950750] <-- EHLO APC01-PU1-obe.outbound.protection.outlook.com Mon 2021-08-30 12:24:20.867: [16950750] --> 250-mail.persada.id Hello APC01-PU1-obe.outbound.protection.outlook.com [40.107.132.51], pleased to meet you Mon 2021-08-30 12:24:20.867: [16950750] --> 250-ETRN Mon 2021-08-30 12:24:20.867: [16950750] Location Screening hiding AUTH from country South Korea, Asia Mon 2021-08-30 12:24:20.867: [16950750] --> 250-8BITMIME Mon 2021-08-30 12:24:20.867: [16950750] --> 250-ENHANCEDSTATUSCODES Mon 2021-08-30 12:24:20.867: [16950750] --> 250 SIZE Mon 2021-08-30 12:24:20.995: [16950750] <-- MAIL FROM: SIZE=326385 Mon 2021-08-30 12:24:21.007: [16950750] Performing PTR lookup (51.132.107.40.IN-ADDR.ARPA) Mon 2021-08-30 12:24:21.024: [16950750] * D=51.132.107.40.IN-ADDR.ARPA TTL=(60) PTR=[mail-eopbgr1320051.outbound.protection.outlook.com] Mon 2021-08-30 12:24:21.278: [16950750] * No A/ records found Mon 2021-08-30 12:24:21.278: [16950750] * MDaemon configured to drop connection on PTR record mismatch Mon 2021-08-30 12:24:21.278: [16950750] End PTR results Mon 2021-08-30 12:24:21.278: [16950750] --> 501 5.7.0 Domain must resolve Mon 2021-08-30 12:24:21.278: [16950750] SMTP session terminated (Bytes in/out: 112/275) Mon 2021-08-30 12:24:21.278: -- sebelum saya meminta tolong update file ReverseXcpt kepada Bapak, saya coba periksa lagi di log dengan kriteria mismatch, ternyata hasilnya ada 207 yang match dengan kriteria tersebut. Mohon arahannya pak, apakah ada setting MDaemon saya yang salah sehingga banyak email yang ke reject dengan error seperti log diatas. Karena lumayan juga update ReverseXcpt-nya kalo sampai 207 error :-), utamanya dari domain ericsson.com yang IP nya berubah ubah pak. Atas bantuannya diucapkan terima kasih. -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 21.0.3, SecurityGateway 8.0.2
[Mdaemon-L] 550 5.7.1 Sender unknown
Noted Pak, Terima kasih. On 30/08/2021 10.45, Syafril Hermansyah via Mdaemon-L (Mdaemon-L@dutaint.com) wrote: On 8/30/21 9:47 AM, Taufiko Wardian wrote: Mohon pencerahannya Pak, untuk case ini kira2 ke blok di mana ya ? Sun 2021-08-29 20:39:43.791: [07479661] Host screening refused connection to 122.200.144.137:25 from esa-1.idt-shipping.site [103.21.217.43:21930] (matched to line "all *.site refuse") Identitas sender host pakai nama *.site yang dulu masuk dalam daftar The World's Most Abused TLDs nya spamhaus.org https://www.spamhaus.org/statistics/tlds/ sudah dihapus *.site dari host blacklist dan diupdate ke http://ftp.dutaint.com/altn-mdaemon/miscl/HostScreen.dat -- Regards, Taufiko Wardian IT/MIS Mgr. PT. Bhumi Rantau Energi PONDOK INDAH OFFICE TOWER 3, Lt. 7, Suite 701 Jl. Sultan Iskandar Muda Kav. V-TA Pondok Pinang, Jakarta 12310 Phone : 021-7592 2993 Fax : 021-7592 2992 Ext : 173 -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 21.0.3, SecurityGateway 8.0.2
[Mdaemon-L] 550 5.7.1 Sender unknown
On 8/30/21 9:47 AM, Taufiko Wardian wrote: Mohon pencerahannya Pak, untuk case ini kira2 ke blok di mana ya ? Sun 2021-08-29 20:39:43.791: [07479661] Host screening refused connection to 122.200.144.137:25 from esa-1.idt-shipping.site [103.21.217.43:21930] (matched to line "all *.site refuse") Identitas sender host pakai nama *.site yang dulu masuk dalam daftar The World's Most Abused TLDs nya spamhaus.org https://www.spamhaus.org/statistics/tlds/ sudah dihapus *.site dari host blacklist dan diupdate ke http://ftp.dutaint.com/altn-mdaemon/miscl/HostScreen.dat -- syafril Syafril Hermansyah MDaemon-L Moderators, running MDaemon 21.5.0 64 bit Beta A Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. Competition is the keen cutting edge of business, always shaving away at costs. --- Henry Ford -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 21.0.3, SecurityGateway 8.0.2
[Mdaemon-L] 550 5.7.1 Sender unknown
Dear Pak Syafri, Mohon pencerahannya Pak, untuk case ini kira2 ke blok di mana ya ? Terima kasih atas perhatian dan kerjasamanya. Sun 2021-08-29 20:36:00.546: -- Sun 2021-08-29 20:39:43.728: [07479661] Session 07479661; child 0001 Sun 2021-08-29 20:39:43.728: [07479661] Accepting SMTP connection from 103.21.217.43:21930 to 112.215.33.117:25 Sun 2021-08-29 20:39:43.729: [07479661] --> 220 mail.suthraresources.com ESMTP MDaemon 21.0.3; Sun, 29 Aug 2021 20:39:43 +0700 Sun 2021-08-29 20:39:43.741: [07479661] <-- EHLO esa-1.idt-shipping.site Sun 2021-08-29 20:39:43.741: [07479661] --> 250-mail.suthraresources.com Hello esa-1.idt-shipping.site [103.21.217.43], pleased to meet you Sun 2021-08-29 20:39:43.741: [07479661] --> 250-ETRN Sun 2021-08-29 20:39:43.741: [07479661] --> 250-AUTH LOGIN CRAM-MD5 PLAIN Sun 2021-08-29 20:39:43.741: [07479661] --> 250-8BITMIME Sun 2021-08-29 20:39:43.741: [07479661] --> 250-ENHANCEDSTATUSCODES Sun 2021-08-29 20:39:43.741: [07479661] --> 250-STARTTLS Sun 2021-08-29 20:39:43.741: [07479661] --> 250 SIZE Sun 2021-08-29 20:39:43.748: [07479661] <-- STARTTLS Sun 2021-08-29 20:39:43.748: [07479661] --> 220 2.7.0 Ready to start TLS Sun 2021-08-29 20:39:43.773: [07479661] SSL negotiation successful (TLS 1.2, 256 bit key exchange, 256 bit AES encryption) Sun 2021-08-29 20:39:43.781: [07479661] <-- EHLO esa-1.idt-shipping.site Sun 2021-08-29 20:39:43.781: [07479661] --> 250-mail.suthraresources.com Hello esa-1.idt-shipping.site [103.21.217.43], pleased to meet you Sun 2021-08-29 20:39:43.781: [07479661] --> 250-ETRN Sun 2021-08-29 20:39:43.781: [07479661] --> 250-AUTH LOGIN CRAM-MD5 PLAIN Sun 2021-08-29 20:39:43.781: [07479661] --> 250-8BITMIME Sun 2021-08-29 20:39:43.781: [07479661] --> 250-ENHANCEDSTATUSCODES Sun 2021-08-29 20:39:43.781: [07479661] --> 250-REQUIRETLS Sun 2021-08-29 20:39:43.781: [07479661] --> 250 SIZE Sun 2021-08-29 20:39:43.789: [07479661] <-- MAIL FROM: SIZE=211824 *Sun 2021-08-29 20:39:43.791: [07479661] --> 550 5.7.1 Sender unknown** **Sun 2021-08-29 20:39:43.791: [07479661] Host screening refused connection to 122.200.144.137:25 from esa-1.idt-shipping.site [103.21.217.43:21930] (matched to line "all *.site refuse")* Sun 2021-08-29 20:39:43.793: [07479661] SMTP session terminated (Bytes in/out: 973/2269) -- Regards, Taufiko Wardian IT/MIS Mgr. PT. Bhumi Rantau Energi PONDOK INDAH OFFICE TOWER 3, Lt. 7, Suite 701 Jl. Sultan Iskandar Muda Kav. V-TA Pondok Pinang, Jakarta 12310 Phone : 021-7592 2993 Fax : 021-7592 2992 Ext : 173 -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 21.0.3, SecurityGateway 8.0.2
[Mdaemon-L] Socket error 10054 - Connection was reset by the other side!
On 29/08/21 14.32, Dedet Saputra wrote: Email yang dikirim dari arm...@bukitmakmur.com ini masuk, tapi sender menerima pesan "your message wasn't delivered because the recipients email provider rejected it" ini juga dialami oleh beberapa sender domain lain, Perlihatkan beberapa DSN of failure notification message lengkap dari sender yang kirim mail ke @eurotruktransindo.com kesini. Dalam bentuk teks, jangan gambar, agar tampil lengkap (termasuk lampiran filenya) dan memudahkan analisis. penyebabnya kenapa ya pak Umumnya terjadi jika Name Server recipient domain (eurotruktransindo.com) ada yang down atau sibuk (busy) sehingga sender host kirim ke server yang salah (kirim ke web server (http server) eurotruktransindo.com bukan ke MX server). -- syafril Syafril Hermansyah MDaemon-L Moderator, run MDaemon 21.5.0 64bit Beta A Mohon tidak kirim private mail (atau cc:) untuk masalah MDaemon. Pengetahuan tidak dicapai secara kebetulan, tapi harus dicari dengan semangat yang tinggi dan diselesaikan dengan tekun -- Abigail Adams, 1790 -- --[mdaemon-l]-- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com Versi terakhir: MDaemon 21.0.3, SecurityGateway 8.0.2
[Mdaemon-L] Socket error 10054 - Connection was reset by the other side!
Yth Pak Syafril,
Email yang dikirim dari arm...@bukitmakmur.com ini masuk, tapi sender
menerima pesan "your message wasn't delivered because the recipients
email provider rejected it"
ini juga dialami oleh beberapa sender domain lain,
penyebabnya kenapa ya pak,
Log:
Sun 2021-08-29 07:21:21.756: Session 28895116; child 0003
Sun 2021-08-29 07:21:21.756: Accepting SMTP connection from
40.107.132.43:20064 to 202.150.137.87:25
Sun 2021-08-29 07:21:21.756: Location Screen says connection is from
South Korea, Asia
Sun 2021-08-29 07:21:21.758: --> 220 mailhub.kobexindo.com ESMTP MDaemon
20.0.2; Sun, 29 Aug 2021 07:21:21 +0700
Sun 2021-08-29 07:21:21.831: <-- EHLO
APC01-PU1-obe.outbound.protection.outlook.com
Sun 2021-08-29 07:21:21.832: --> 250-mailhub.kobexindo.com Hello
APC01-PU1-obe.outbound.protection.outlook.com [40.107.132.43], pleased
to meet you
Sun 2021-08-29 07:21:21.832: --> 250-ETRN
Sun 2021-08-29 07:21:21.832: --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Sun 2021-08-29 07:21:21.832: --> 250-8BITMIME
Sun 2021-08-29 07:21:21.832: --> 250-ENHANCEDSTATUSCODES
Sun 2021-08-29 07:21:21.832: --> 250-STARTTLS
Sun 2021-08-29 07:21:21.832: --> 250 SIZE
Sun 2021-08-29 07:21:21.905: <-- STARTTLS
Sun 2021-08-29 07:21:21.905: --> 220 2.7.0 Ready to start TLS
Sun 2021-08-29 07:21:22.060: SSL negotiation successful (TLS 1.2, 256
bit key exchange, 256 bit AES encryption)
Sun 2021-08-29 07:21:22.134: <-- EHLO
APC01-PU1-obe.outbound.protection.outlook.com
Sun 2021-08-29 07:21:22.134: --> 250-mailhub.kobexindo.com Hello
APC01-PU1-obe.outbound.protection.outlook.com [40.107.132.43], pleased
to meet you
Sun 2021-08-29 07:21:22.134: --> 250-ETRN
Sun 2021-08-29 07:21:22.134: --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Sun 2021-08-29 07:21:22.134: --> 250-8BITMIME
Sun 2021-08-29 07:21:22.134: --> 250-ENHANCEDSTATUSCODES
Sun 2021-08-29 07:21:22.134: --> 250-REQUIRETLS
Sun 2021-08-29 07:21:22.134: --> 250 SIZE
Sun 2021-08-29 07:21:22.264: <-- MAIL FROM:
SIZE=1247956
Sun 2021-08-29 07:21:22.276: Performing PTR lookup
(43.132.107.40.IN-ADDR.ARPA)
Sun 2021-08-29 07:21:22.300: * D=43.132.107.40.IN-ADDR.ARPA TTL=(60)
PTR=[mail-eopbgr1320043.outbound.protection.outlook.com]
Sun 2021-08-29 07:21:23.311: *
D=mail-eopbgr1320043.outbound.protection.outlook.com TTL=(10)
A=[40.107.132.43]
Sun 2021-08-29 07:21:23.311: End PTR results
Sun 2021-08-29 07:21:23.313: Performing IP lookup
(APC01-PU1-obe.outbound.protection.outlook.com)
Sun 2021-08-29 07:21:23.939: *
D=APC01-PU1-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.126.44]
Sun 2021-08-29 07:21:23.939: *
D=APC01-PU1-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.126.41]
Sun 2021-08-29 07:21:23.939: *
D=APC01-PU1-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.126.42]
Sun 2021-08-29 07:21:23.939: *
D=APC01-PU1-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.126.48]
Sun 2021-08-29 07:21:23.939: *
D=APC01-PU1-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.126.46]
Sun 2021-08-29 07:21:23.939: *
D=APC01-PU1-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.126.45]
Sun 2021-08-29 07:21:23.939: *
D=APC01-PU1-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.126.43]
Sun 2021-08-29 07:21:23.939: *
D=APC01-PU1-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.126.47]
Sun 2021-08-29 07:21:23.939: *
D=APC01-PU1-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.126.49]
Sun 2021-08-29 07:21:23.939: *
D=APC01-PU1-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.126.40]
Sun 2021-08-29 07:21:23.939: End IP lookup results
Sun 2021-08-29 07:21:23.950: Performing IP lookup (bukitmakmur.com)
Sun 2021-08-29 07:21:23.955: * D=bukitmakmur.com TTL=(48) A=[103.115.32.5]
Sun 2021-08-29 07:21:23.961: * P=010 S=000 D=bukitmakmur.com TTL=(50)
MX=[mx.bukitmakmur.com] {103.115.32.9}
Sun 2021-08-29 07:21:23.961: End IP lookup results
Sun 2021-08-29 07:21:23.978: Performing SPF lookup
(APC01-PU1-obe.outbound.protection.outlook.com / 40.107.132.43)
Sun 2021-08-29 07:21:24.780: * Policy: v=spf1
include:spf.protection.outlook.com -all
Sun 2021-08-29 07:21:24.781: * Evaluating
include:spf.protection.outlook.com: performing lookup
Sun 2021-08-29 07:21:24.959: * Policy: v=spf1 ip4:40.92.0.0/15
ip4:40.107.0.0/16 ip4:52.100.0.0/14 ip4:104.47.0.0/17
ip6:2a01:111:f400::/48 ip6:2a01:111:f403::/48
include:spfd.protection.outlook.com -all
Sun 2021-08-29 07:21:24.959: * Evaluating ip4:40.92.0.0/15: no match
Sun 2021-08-29 07:21:24.959: * Evaluating ip4:40.107.0.0/16: match
Sun 2021-08-29 07:21:24.959: * Evaluating
include:spf.protection.outlook.com: match
Sun 2021-08-29 07:21:24.959: * Result: pass
Sun 2021-08-29 07:21:24.959: End SPF results
Sun 2021-08-29 07:21:24.959: Performing SPF lookup (bukitmakmur.com /
40.107.132.43)
Sun 2021-08-29 07:21:24.959: * Policy (cache): v=spf1
ip4:103.115.32.0/24 include:spf.protection.outlook.com -all
Sun 2021-08-29 07:21:24.959: * Evaluating ip4:103.115.32.0/24: no match
Sun 2021-08-2
