[Mdaemon-L] Block Host SPam

2022-09-25 Terurut Topik Syafril Hermansyah via Mdaemon-L 

On 9/26/22 13:33, Rievo N via Mdaemon-L wrote:

Mohon bisa di block host server di bawah ini




Mon 2022-09-26 06:13:51.854: [72238216] *  D=182.64.142.209.IN-ADDR.ARPA 
TTL=(9) PTR=[server.abntom.com]



Mon 2022-09-26 09:26:32.914: [72257951] *  D=127.8.128.78.IN-ADDR.ARPA TTL=(9) 
PTR=[server.fangtaihk.com]



Sudah diupdate ke

http://ftp.dutaint.com/altn-mdaemon/miscl/HostScreen.dat

--
syafril

Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 22.5.0 Beta B
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

We are products of our past, but we don't have to be prisoners of it.
--- Rick Warren


--
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 22.0.3, SecurityGateway 8.5.3

[Mdaemon-L] Block Host SPam

2022-09-25 Terurut Topik Rievo N via Mdaemon-L 
Selamat Siang 

 

Dear Pak Syafril, 

Mohon bisa di block host server di bawah ini 

 

Terima Kasih

Rievo

 

Host server.abntom.com

 

Mon 2022-09-26 06:13:56.162: --

Mon 2022-09-26 06:13:50.127: [72238216] Session 72238216; child 0009

Mon 2022-09-26 06:13:50.127: [72238216] Accepting SMTP connection from
209.142.64.182:59916 to 172.16.0.6:25

Mon 2022-09-26 06:13:50.127: [72238216] Location Screen says connection is
from United States, North America

Mon 2022-09-26 06:13:50.128: [72238216] --> 220 bb.ptbmi.com ESMTP MDaemon
22.0.3; Mon, 26 Sep 2022 06:13:50 +0700

Mon 2022-09-26 06:13:50.409: [72238216] <-- EHLO server.abntom.com

Mon 2022-09-26 06:13:50.409: [72238216] --> 250-bb.ptbmi.com Hello
server.abntom.com [209.142.64.182], pleased to meet you

Mon 2022-09-26 06:13:50.409: [72238216] --> 250-ETRN

Mon 2022-09-26 06:13:50.409: [72238216] Location Screening hiding AUTH from
country United States, North America

Mon 2022-09-26 06:13:50.409: [72238216] --> 250-8BITMIME

Mon 2022-09-26 06:13:50.409: [72238216] --> 250-ENHANCEDSTATUSCODES

Mon 2022-09-26 06:13:50.409: [72238216] --> 250-PIPELINING

Mon 2022-09-26 06:13:50.409: [72238216] --> 250-CHUNKING

Mon 2022-09-26 06:13:50.409: [72238216] --> 250-STARTTLS

Mon 2022-09-26 06:13:50.409: [72238216] --> 250 SIZE 2560

Mon 2022-09-26 06:13:50.694: [72238216] <-- STARTTLS

Mon 2022-09-26 06:13:50.694: [72238216] --> 220 2.7.0 Ready to start TLS

Mon 2022-09-26 06:13:51.265: [72238216] SSL negotiation successful (TLS 1.2,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256)

Mon 2022-09-26 06:13:51.549: [72238216] <-- EHLO server.abntom.com

Mon 2022-09-26 06:13:51.549: [72238216] --> 250-bb.ptbmi.com Hello
server.abntom.com [209.142.64.182], pleased to meet you

Mon 2022-09-26 06:13:51.549: [72238216] --> 250-ETRN

Mon 2022-09-26 06:13:51.549: [72238216] Location Screening hiding AUTH from
country United States, North America

Mon 2022-09-26 06:13:51.549: [72238216] --> 250-8BITMIME

Mon 2022-09-26 06:13:51.549: [72238216] --> 250-ENHANCEDSTATUSCODES

Mon 2022-09-26 06:13:51.549: [72238216] --> 250-PIPELINING

Mon 2022-09-26 06:13:51.549: [72238216] --> 250-CHUNKING

Mon 2022-09-26 06:13:51.549: [72238216] --> 250-REQUIRETLS

Mon 2022-09-26 06:13:51.549: [72238216] --> 250 SIZE 2560

Mon 2022-09-26 06:13:51.832: [72238216] <-- MAIL FROM:
SIZE=7540

Mon 2022-09-26 06:13:51.835: [72238216] Performing PTR lookup
(182.64.142.209.IN-ADDR.ARPA)

Mon 2022-09-26 06:13:51.854: [72238216] *  D=182.64.142.209.IN-ADDR.ARPA
TTL=(9) PTR=[server.abntom.com]

Mon 2022-09-26 06:13:51.871: [72238216] *  D=server.abntom.com TTL=(240)
A=[209.142.64.182]

Mon 2022-09-26 06:13:51.871: [72238216]  End PTR results

Mon 2022-09-26 06:13:51.872: [72238216] Performing IP lookup
(server.abntom.com)

Mon 2022-09-26 06:13:51.899: [72238216] *  D=server.abntom.com TTL=(240)
A=[209.142.64.182]

Mon 2022-09-26 06:13:51.899: [72238216]  End IP lookup results

Mon 2022-09-26 06:13:51.902: [72238216] Performing IP lookup (abntom.com)

Mon 2022-09-26 06:13:51.921: [72238216] *  D=abntom.com TTL=(240)
A=[209.142.64.182]

Mon 2022-09-26 06:13:51.921: [72238216]  End IP lookup results

Mon 2022-09-26 06:13:51.921: [72238216] Performing SPF lookup
(server.abntom.com / 209.142.64.182)

Mon 2022-09-26 06:13:52.172: [72238216] *  Policy: v=spf1 +mx +a
+ip4:209.142.64.182 ~all

Mon 2022-09-26 06:13:52.737: [72238216] *  Evaluating +mx: no match - zero
'mx' type records

Mon 2022-09-26 06:13:52.757: [72238216] *  Evaluating +a: match

Mon 2022-09-26 06:13:52.757: [72238216] *  Result: pass

Mon 2022-09-26 06:13:52.757: [72238216]  End SPF results

Mon 2022-09-26 06:13:52.758: [72238216] Performing SPF lookup (abntom.com /
209.142.64.182)

Mon 2022-09-26 06:13:53.014: [72238216] *  Policy: v=spf1 +a +mx
+ip4:209.142.64.182 ~all

Mon 2022-09-26 06:13:53.033: [72238216] *  Evaluating +a: match

Mon 2022-09-26 06:13:53.033: [72238216] *  Result: pass

Mon 2022-09-26 06:13:53.033: [72238216]  End SPF results

Mon 2022-09-26 06:13:53.033: [72238216] --> 250 2.1.0 Sender OK

Mon 2022-09-26 06:13:53.034: [72238216] <-- RCPT
TO:

Mon 2022-09-26 06:13:53.073: [72238216] Performing DNS-BL lookup
(209.142.64.182 - connecting IP)

Mon 2022-09-26 06:13:53.339: [72238216] *  b.barracudacentral.org - passed

Mon 2022-09-26 06:13:53.357: [72238216] *  zen.spamhaus.org - passed

Mon 2022-09-26 06:13:53.357: [72238216]  End DNS-BL results

Mon 2022-09-26 06:13:53.359: [72238216] --> 250 2.1.5 Recipient OK

Mon 2022-09-26 06:13:53.361: [72238216] <-- DATA

Mon 2022-09-26 06:13:53.363: [72238216] --> 354 Enter mail, end with
.

Mon 2022-09-26 06:13:53.644: [72238216] Message size: 7725 bytes

Mon 2022-09-26 06:13:53.647: [72238216] Performing DKIM verification

Mon 2022-09-26 06:13:53.647: [72238216] *  File:
d:\mdaemon\queues\temp\19\md500100266.tmp

Mon 2022-09-26 06:13:53.647: [72238216] *  Message-ID:
<20220925231327.fd56928349ba7...@abntom.com>

Mon 2022-09-26 06:13:53.928

[mdaemon-l] Block Host Spam

2020-02-05 Terurut Topik Syafril Hermansyah 
On 05/02/20 15.53, Rievo Niemrod E (edp.r...@ptbmi.com) wrote:
> Mohon bisa di block host email Spam terlampir
> 
> Berikut Headernya


> Authentication-Results: bb.ptbmi.com;
> 
> spf=none smtp.mailfrom=ca...@biso.cz;
> 
> dkim=fail (DKIM_SELECTOR_DNS_PERM_FAILURE) header.d=biso.cz 
> header.b=v1qIM9SkNz;
> 
> iprev=pass policy.iprev=193.165.126.203 (PTR 
> bisost-mail.biso.cz);
> 
> iprev=pass policy.iprev=193.165.126.203 (HELO 
> bisost-mail.biso.cz);
> 
> iprev=fail policy.iprev=193.165.126.203 reason="does not 
> match" (MAIL ca...@biso.cz)
> 


Sender host sudah diblock di

ftp://ftp.dutaint.com/altn-mdaemon/miscl/HostScreen.dat


-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 19.5.4-64 bit
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

Banyak yang tidak menyadari bahwa untuk bisa menjadi pemimpin yang baik
sebenarnya harus pernah membuktikan dirinya pernah menjadi orang yang dipimpin.
--- Dahlan Iskan


-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 19.5.4, SecurityGateway 6.5.1

[mdaemon-l] Block Host Spam

2020-02-05 Terurut Topik Syafril Hermansyah 
On 05/02/20 15.53, Rievo Niemrod E (edp.r...@ptbmi.com) wrote:
> Mohon bisa di block host email Spam terlampir
> 
> Berikut Headernya





-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 19.5.4-64 bit
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

We are products of our past, but we don't have to be prisoners of it.
--- Rick Warren


-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 19.5.4, SecurityGateway 6.5.1

[mdaemon-l] Block Host Spam

2020-02-05 Terurut Topik Rievo Niemrod E 
Selamat Sore Pak 

 

Mohon bisa di block host email Spam terlampir

Berikut Headernya

 

X-MDAV-Result: clean

X-MDAV-Processed: bb.ptbmi.com, Wed, 05 Feb 2020 12:17:45 +0700

Return-path: 

Authentication-Results: bb.ptbmi.com;

spf=none smtp.mailfrom=ca...@biso.cz;

dkim=fail (DKIM_SELECTOR_DNS_PERM_FAILURE) header.d=biso.cz
header.b=v1qIM9SkNz;

iprev=pass policy.iprev=193.165.126.203 (PTR
bisost-mail.biso.cz);

iprev=pass policy.iprev=193.165.126.203 (HELO
bisost-mail.biso.cz);

iprev=fail policy.iprev=193.165.126.203 reason="does not
match" (MAIL ca...@biso.cz)

Received: from bisost-mail.biso.cz (bisost-mail.biso.cz [193.165.126.203])
by bb.ptbmi.com (MDaemon PRO v19.5.3) 

with ESMTPS id 13-md5085902.msg; Wed, 05 Feb 2020
12:17:44 +0700

X-Spam-Flag: YES

X-Spam-Level: *

X-Spam-Status: Yes, score=5.20 required=5.0

X-Spam-Report:

*  1.6 BAYES_50 BODY: Bayes spam probability is 40 to 60%

*  [score: 0.5001]

*  2.5 MDAEMON_OP_SPAM_HIGH MDaemon: spam/phish

*  0.0 HTML_MESSAGE BODY: HTML included in message

*  1.1 MAY_BE_FORGED Relay IP's reverse DNS does not resolve
to IP

X-Spam-Processed: bb.ptbmi.com, Wed, 05 Feb 2020 12:17:44 +0700

(processed during SMTP session)

X-MDOP-RefID:
str=0001.0A15020E.5E3A4A0A.008C,ss=4,sh,re=0.000,recu=0.000,reip=0.000,cl=4,
cld=1,fgs=8 (_st=4 _vt=0 _iwf=0)

X-MDRemoteIP: 193.165.126.203

X-MDHelo: bisost-mail.biso.cz

X-MDArrival-Date: Wed, 05 Feb 2020 12:17:44 +0700

X-Rcpt-To: i...@ptbmi.com

X-MDRcpt-To: i...@ptbmi.com

X-Return-Path: ca...@biso.cz

X-Envelope-From: ca...@biso.cz

X-MDaemon-Deliver-To: edp.r...@ptbmi.com

Received: from [104.168.125.136] (104-168-125-136-host.colocrossing.com
[104.168.125.136] (may be forged))

(authenticated bits=0)

by bisost-mail.biso.cz (8.15.2/8.15.2) with ESMTPSA id
0155CjVn005533

(version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256
verify=NOT)

for ; Wed, 5 Feb 2020 06:17:34 +0100

DKIM-Filter: OpenDKIM Filter v2.11.0 bisost-mail.biso.cz 0155CjVn005533

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=biso.cz; s=default;

t=1580879854;
bh=udkJ7VF3wXtK/q4FKuPKOGhXaZEDBQTKv+5sZwcoboU=;

h=Subject:To:From:Date:From;

 
b=v1qIM9SkNzAJgBhvdA0N6jumIsxgsGNmmwGW4XNrnCMiEJLJuv/q66PurL7dYJ6KU

 
557hB3bzs7lqdpRKrAVNanqRf8Wo2OlI4utzwgbjY0HwyCFsLQYvthvhoS9pUeCUit

oCZzPiNdGhqoRC3x6ozk4jPp9gfggqjrDakjqVh8=

Message-Id: <202002050517.0155cjvn005...@bisost-mail.biso.cz>

Content-Type: multipart/alternative; boundary="===0658904961=="

MIME-Version: 1.0

Subject:  VERY: URGENT: i...@ptbmi.com,

GREMA GROUP LLC would like to do business with you.

To: i...@ptbmi.com

From: "ca...@biso.cz (LinkedIn)" 

Date: Tue, 04 Feb 2020 21:17:32 -0800

X-Antivirus: AVG (VPS 200204-0, 02/04/2020), Inbound message

X-Antivirus-Status: Clean

X-Antivirus: avast! (VPS 200204-0, 2/4/2020), Inbound message

X-Antivirus-Status: Clean

 

 

Terima Kasih

Rievo

--- Begin Message ---






  

















Dear [[i...@ptbmi.com]],



I am Harzat Ursman from (GREMA GROUP LLC) from Parkistan, i will like to go
into a business relationship with your firm we are new in trading business
here in pakistan. 
We are ready to place a trial order this week if your prices are good
enough. And please can you make shipment to Punjab Parkistan?






 

 

  View
Profile »   











  Connect






You are receiving Invitation emails. Unsubscribe  . 


This email was intended for you Learn why we included this  .
© 2020, LinkedIn Corporation. 9029 Stierlin Ct. Mountain View, CA 90093, USA

--- End Message ---