subject:"\[MDaemon\-L\] dapat bouncing Mailer spam"

[MDaemon-L] dapat bouncing Mailer spam

2014-05-01 Terurut Topik Syafril Hermansyah

On May 2, 2014 12:44:57 PM GMT+10:00, Riswandi  wrote:

>sudah saya cek di security settings,  text box  Global Authentication
>Password kosong gak ada isi nya apakah itu berarti tidak di setting
>password atau gimana yach.

Ya, dan sudah ok begitu.

>kasus user yang sebelumnya udah saya ubah password masih kena juga
>akhir
>nya saya rubah emailnya baru aman.

Mestinya sih tidak perlu ganti email address, cukup ganti passqors saja.
Umumnya account hijacking berasal dari webmail akibat pemilik akun tidak 
melakukan prosedur logout/sign out dengan benar setelah selesai pakai webmail 
(yang baik pilih tombol sign out aetelah selesai pakai).

Yang lain karena passwordnya terlalu mudah ditebak, gunakan strong password 
akan lebih baik (kombinasi huruf besar, huruf kecil dan angka).

-- 
syafril
--
Syafril Hermansyah

Sent from my Android device with K-9 Mail. Please excuse any typo and my 
brevity.

-- 
--[MDaemon-L]
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: http://www.netmeister.org/news/learn2quote
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 13.6.2, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 2.1.2, PP 2.0.1

[MDaemon-L] dapat bouncing Mailer spam

2014-05-01 Terurut Topik Riswandi

2014-05-02 5:48 GMT+07:00 Syafril Hermansyah :

> On April 29, 2014 4:50:05 PM GMT+10:00, Riswandi  wrote:
>
> ---
> Mohon tidak posting dengan top posting style di milis ini, merepotkan
>  bacanya di mobile devices harus scroll up/down untuk mencari tahu apa
> konteks pembicaraan.
> Selalu gunakan bottom posting style.
>
> http://en.wikipedia.org/wiki/Posting_style#Bottom-posting
>
> http://en.wikipedia.org/wiki/Posting_style#Trimming_and_reformatting
>
> >berikut smtp-in log yang mencurigakan
>
> >Tue 2014-04-29 07:46:51: [863885:6] Accepting SMTP connection from [
> >95.60.46.191:1507] to [202.152.27.180:25]
> >Tue 2014-04-29 07:46:51: [863885:6] --> 220 mail.elnusa.co.id ESMTP
> >MDaemon
> >13.0.5; Tue, 29 Apr 2014 07:46:51 +0700
>
> >Tue 2014-04-29 07:46:52: [863885:6] <-- AUTH PLAIN **
> >Tue 2014-04-29 07:46:52: [863885:6] --> 235 Authentication successful
> >Tue 2014-04-29 07:46:52: [863885:6] Authenticated as r...@elnusa.co.id
>
>
> Password akun r...@elnusa.co.id sudah pernah diganti tetapi kejadian
> berulang?
> Apakah global authentication password sudah diganti atau di non aktifkan?
>
> http://mdaemon.dutaint.co.id/14.0/security--smtp_authentication.htm
>
> Pak syafril

sudah saya cek di security settings,  text box  Global Authentication
Password kosong gak ada isi nya apakah itu berarti tidak di setting
password atau gimana yach.
kasus user yang sebelumnya udah saya ubah password masih kena juga akhir
nya saya rubah emailnya baru aman.

Terima Kasih

-- 
--[MDaemon-L]
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: http://www.netmeister.org/news/learn2quote
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 13.6.2, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 2.1.2, PP 2.0.1

[MDaemon-L] dapat bouncing Mailer spam

2014-05-01 Terurut Topik Syafril Hermansyah

On April 29, 2014 4:50:05 PM GMT+10:00, Riswandi  wrote:

---
Mohon tidak posting dengan top posting style di milis ini, merepotkan  bacanya 
di mobile devices harus scroll up/down untuk mencari tahu apa konteks 
pembicaraan.
Selalu gunakan bottom posting style.

http://en.wikipedia.org/wiki/Posting_style#Bottom-posting

http://en.wikipedia.org/wiki/Posting_style#Trimming_and_reformatting

>berikut smtp-in log yang mencurigakan

>Tue 2014-04-29 07:46:51: [863885:6] Accepting SMTP connection from [
>95.60.46.191:1507] to [202.152.27.180:25]
>Tue 2014-04-29 07:46:51: [863885:6] --> 220 mail.elnusa.co.id ESMTP
>MDaemon
>13.0.5; Tue, 29 Apr 2014 07:46:51 +0700

>Tue 2014-04-29 07:46:52: [863885:6] <-- AUTH PLAIN **
>Tue 2014-04-29 07:46:52: [863885:6] --> 235 Authentication successful
>Tue 2014-04-29 07:46:52: [863885:6] Authenticated as r...@elnusa.co.id


Password akun r...@elnusa.co.id sudah pernah diganti tetapi kejadian berulang?
Apakah global authentication password sudah diganti atau di non aktifkan?

http://mdaemon.dutaint.co.id/14.0/security--smtp_authentication.htm



-- 
syafril
--
Syafril Hermansyah

Sent from my Android device with K-9 Mail. Please excuse any typo and my 
brevity.

-- 
--[MDaemon-L]
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: http://www.netmeister.org/news/learn2quote
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 13.6.2, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 2.1.2, PP 2.0.1

[MDaemon-L] dapat bouncing Mailer spam

2014-04-28 Terurut Topik Syafril Hermansyah

On April 29, 2014 9:48:40 AM GMT+07:00, Riswandi  wrote:

>beberapa hari ini mail server di tempat saya seperti ada spam yang
>menggunakan mailserver untuk mencoba nyepam ke mail server yang lain,
>saya
>sudah coba untuk ganti password user tsb karena saya menyangka password
>tsb
>sudah ketebak sama spammer tetapi tetep saja user tsb mendapatkan
>mailer
>daemon.

>berikut mailerdaemon daemon nya :


> Tue 2014-04-29 07:56:02: [864470:18] --> MAIL From:
>SIZE=2524
> Tue 2014-04-29 07:56:06: [864470:18] <-- 250 2.1.0 
>sender ok
> Tue 2014-04-29 07:56:06: [864470:18] --> RCPT To:<
>pabash...@planning-endeco.com>

Bisa dicarikan sumber mail ini dari smtp-in log?


-- 
syafril
--
Syafril Hermansyah

Sent from my Android device with K-9 Mail. Please excuse any typo and my 
brevity.

-- 
--[MDaemon-L]
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: http://www.netmeister.org/news/learn2quote
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 13.6.2, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 2.1.2, PP 2.0.1

[MDaemon-L] dapat bouncing Mailer spam

2014-04-28 Terurut Topik Riswandi

Pak Syafril

beberapa hari ini mail server di tempat saya seperti ada spam yang
menggunakan mailserver untuk mencoba nyepam ke mail server yang lain, saya
sudah coba untuk ganti password user tsb karena saya menyangka password tsb
sudah ketebak sama spammer tetapi tetep saja user tsb mendapatkan mailer
daemon.
kira2 penyebab nya apa yach dan bagaimana mengatasi nya.

berikut mailerdaemon daemon nya :

From: *MDaemon at mail.elnusa.co.id * <
mdae...@mail.elnusa.co.id>
Date: Tue, Apr 29, 2014 at 7:56 AM
Subject: Permanent Delivery Failure
To: r...@elnusa.co.id


--
MDaemon Delivery Status Notification - http://www.altn.com/dsn/
--

The attached message had PERMANENT fatal delivery errors.

After one or more unsuccessful delivery attempts the attached message has
been removed from the MDaemon mail queue on this server.  The number and
frequency of delivery attempts are determined by local configuration.

--
YOUR MESSAGE WAS NOT DELIVERED TO ONE OR MORE RECIPIENTS
--

Failed address: pabash...@planning-endeco.com

--- Session Transcript ---
 Tue 2014-04-29 07:54:54: [864470:18] Session 864470; child 18
 Tue 2014-04-29 07:54:54: [864470:18] Parsing message

 Tue 2014-04-29 07:54:54: [864470:18] *  From: nakil...@hotmail.com
 Tue 2014-04-29 07:54:54: [864470:18] *  To: pabash...@planning-endeco.com
 Tue 2014-04-29 07:54:54: [864470:18] *  Subject:
 Tue 2014-04-29 07:54:54: [864470:18] *  Size (bytes): 2524
 Tue 2014-04-29 07:54:54: [864470:18] *  Message-ID:
<020c47e8c406$624aebab$891727aa$@hotmail.com>
 Tue 2014-04-29 07:54:54: [864470:18] Attempting SMTP connection to [
planning-endeco.com]
 Tue 2014-04-29 07:54:54: [864470:18] Resolving MX records for [
planning-endeco.com] (DNS Server: 202.152.0.2)...
 Tue 2014-04-29 07:55:53: [864470:18] *  DNS: 60 second wait for DNS
response exceeded (DNS Server: 202.152.0.2)
 Tue 2014-04-29 07:55:53: [864470:18] Resolving MX records for [
planning-endeco.com] (DNS Server: 202.152.5.36)...
 Tue 2014-04-29 07:55:56: [864470:18] *  P=000 S=001
D=planning-endeco.comTTL=(59) MX=[
smtp.secureserver.net]
 Tue 2014-04-29 07:55:56: [864470:18] *  P=010 S=000
D=planning-endeco.comTTL=(59) MX=[
mailstore1.secureserver.net]
 Tue 2014-04-29 07:55:56: [864470:18] Attempting SMTP connection to [
smtp.secureserver.net:25]
 Tue 2014-04-29 07:55:56: [864470:18] Resolving A record for [
smtp.secureserver.net] (DNS Server: 202.152.5.36)...
 Tue 2014-04-29 07:55:56: [864470:18] *  D=smtp.secureserver.net TTL=(4)
A=[68.178.213.37]
 Tue 2014-04-29 07:55:56: [864470:18] Attempting SMTP connection to [
68.178.213.37:25]
 Tue 2014-04-29 07:55:56: [864470:18] Waiting for socket connection...
 Tue 2014-04-29 07:55:56: [864470:18] *  Connection established (
202.152.27.180:3583 -> 68.178.213.37:25)
 Tue 2014-04-29 07:55:56: [864470:18] Waiting for protocol to start...
 Tue 2014-04-29 07:56:02: [864470:18] <-- 220
p3plibsmtp02-09.prod.phx3.secureserver.net bizsmtp ESMTP server ready
 Tue 2014-04-29 07:56:02: [864470:18] --> EHLO mail.elnusa.co.id
 Tue 2014-04-29 07:56:02: [864470:18] <--
250-p3plibsmtp02-09.prod.phx3.secureserver.net hello [202.152.27.180],
pleased to meet you
 Tue 2014-04-29 07:56:02: [864470:18] <-- 250-HELP
 Tue 2014-04-29 07:56:02: [864470:18] <-- 250-SIZE 104857600
 Tue 2014-04-29 07:56:02: [864470:18] <-- 250-ENHANCEDSTATUSCODES
 Tue 2014-04-29 07:56:02: [864470:18] <-- 250-8BITMIME
 Tue 2014-04-29 07:56:02: [864470:18] <-- 250 OK
 Tue 2014-04-29 07:56:02: [864470:18] --> MAIL From:
SIZE=2524
 Tue 2014-04-29 07:56:06: [864470:18] <-- 250 2.1.0 
sender ok
 Tue 2014-04-29 07:56:06: [864470:18] --> RCPT To:<
pabash...@planning-endeco.com>
 Tue 2014-04-29 07:56:07: [864470:18] <-- 250 2.1.5 <
pabash...@planning-endeco.com> recipient ok
 Tue 2014-04-29 07:56:07: [864470:18] --> DATA
 Tue 2014-04-29 07:56:07: [864470:18] <-- 354 enter mail, end with "." on a
line by itself
 Tue 2014-04-29 07:56:07: [864470:18] Sending
 to [68.178.213.37]
 Tue 2014-04-29 07:56:07: [864470:18] Transfer Complete
 Tue 2014-04-29 07:56:07: [864470:18] <-- 552 5.2.0 vcvp1n00n3t9PB601 -
vcvp1n00n3t9PB601cvvvu  IB212 msg rejected as spam
 Tue 2014-04-29 07:56:07: [864470:18] --> QUIT
--- End Transcript ---

terima kasih

-- 
--[MDaemon-L]
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: http://www.netmeister.org/news/learn2quote
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 13.6.2, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 2.1.2, PP 2.0.1

[MDaemon-L] dapat bouncing Mailer spam

[MDaemon-L] dapat bouncing Mailer spam

[MDaemon-L] dapat bouncing Mailer spam

[MDaemon-L] dapat bouncing Mailer spam

[MDaemon-L] dapat bouncing Mailer spam

5 matches

Site Navigation

Mail list logo

Footer information