subject:"\[mdaemon\-l\] Mohon bantuan analisa"

[mdaemon-l] Mohon bantuan analisa

2019-06-27 Terurut Topik Syafril Hermansyah

On 28/06/19 08.42, Seno H (s...@clipan.co.id) wrote:
> Jangan di non aktifkan SPF verificationnya, karena DMARC perlu itu.
> 
> http://mdaemon.dutaint.co.id/mdaemon/19.0/index.html?security--spf__sender_id.htm
> 
> [x] Enable SPF verification
> 
> Pagi pak,
> Sudah bisa terima email, dengan menambahkan rekanan ke approved list.


Sebaiknya tetap diaktifkan SPF verification, karena domain-2x yang
hosting di office365 dan yahoo.com family (termasuk aol.com) pasti
mengaktifkan DMARC.

Untuk menjaga agar mail yang masuk lewat MX backup tidak di tolak oleh
server  mail.clipan.co.id bisa masukkan IP mx backup (103.58.102.34)
kedalam SPF whitelist.
Kalau sudah pakai MD 18.0 keatas bisa dimasukkan kedalam whitelist sbb:

wlinclude:clipan.co.id









-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 19.0.3-64 bit Beta A
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

The life so short, the craft so long to learn.
--- Hippocrates













-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 19.0.1, SG 6.0.2

[mdaemon-l] Mohon bantuan analisa

2019-06-27 Terurut Topik Seno H



>Wed 2019-06-26 09:32:15.055: 19: [643896] * SPF: verification
>disabled by administrator

Jangan di non aktifkan SPF verificationnya, karena DMARC perlu itu.

http://mdaemon.dutaint.co.id/mdaemon/19.0/index.html?security--spf__sender_id.htm

[x] Enable SPF verification

Pagi pak,
Sudah bisa terima email, dengan menambahkan rekanan ke approved list.
Terima kasih





--
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 19.0.1, SG 6.0.2

[mdaemon-l] Mohon bantuan analisa

2019-06-26 Terurut Topik Syafril Hermansyah

On June 27, 2019 8:52:17 AM GMT+07:00, "Seno H (s...@clipan.co.id)" 
 wrote:
>> Kemungkinan mail masuk lewat MX backup.
>> Untuk memastikan, periksa transaksinya dari smtp-in log.
>[Seno H]  Pagi pak, berikut sebagian dari smtp-in log:

>Wed 2019-06-26 09:32:15.055: 19: [643896] *SPF: verification
>disabled by administrator

Jangan di non aktifkan SPF verificationnya, karena DMARC perlu itu.

http://mdaemon.dutaint.co.id/mdaemon/19.0/index.html?security--spf__sender_id.htm

[x] Enable SPF verification



-- 
syafril
--
Syafril Hermansyah

Sent from my Android device with K-9 Mail. Please excuse any typo and my brevity
--
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 19.0.1, SG 6.0.2

[mdaemon-l] Mohon bantuan analisa

2019-06-26 Terurut Topik Seno H

> Kemungkinan mail masuk lewat MX backup.
> Untuk memastikan, periksa transaksinya dari smtp-in log.
[Seno H]  Pagi pak, berikut sebagian dari smtp-in log:
ession 643896; child 0004
Wed 2019-06-26 09:32:12.614: 05: [643896] Accepting SMTP connection from 
40.107.130.130:23520 to 10.0.0.109:25
Wed 2019-06-26 09:32:12.617: 03: [643896] --> 220 mail.clipan.co.id ESMTP 
MDaemon 17.0.2; Wed, 26 Jun 2019 09:32:12 +0700
Wed 2019-06-26 09:32:12.664: 02: [643896] <-- EHLO 
APC01-HK2-obe.outbound.protection.outlook.com
Wed 2019-06-26 09:32:12.664: 03: [643896] --> 250-mail.clipan.co.id Hello 
APC01-HK2-obe.outbound.protection.outlook.com [40.107.130.130], pleased to meet 
you
Wed 2019-06-26 09:32:12.664: 03: [643896] --> 250-ETRN
Wed 2019-06-26 09:32:12.664: 03: [643896] --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Wed 2019-06-26 09:32:12.664: 03: [643896] --> 250-8BITMIME
Wed 2019-06-26 09:32:12.664: 03: [643896] --> 250-ENHANCEDSTATUSCODES
Wed 2019-06-26 09:32:12.664: 03: [643896] --> 250-STARTTLS
Wed 2019-06-26 09:32:12.664: 03: [643896] --> 250 SIZE 3072
Wed 2019-06-26 09:32:12.711: 02: [643896] <-- STARTTLS
Wed 2019-06-26 09:32:12.711: 03: [643896] --> 220 2.7.0 Ready to start TLS
Wed 2019-06-26 09:32:12.814: 01: [643896] SSL negotiation successful (TLS 1.2, 
2048 bit key exchange, 128 bit  encryption)
Wed 2019-06-26 09:32:12.885: 02: [643896] <-- EHLO 
APC01-HK2-obe.outbound.protection.outlook.com
Wed 2019-06-26 09:32:12.886: 03: [643896] --> 250-mail.clipan.co.id Hello 
APC01-HK2-obe.outbound.protection.outlook.com [40.107.130.130], pleased to meet 
you
Wed 2019-06-26 09:32:12.886: 03: [643896] --> 250-ETRN
Wed 2019-06-26 09:32:12.886: 03: [643896] --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Wed 2019-06-26 09:32:12.886: 03: [643896] --> 250-8BITMIME
Wed 2019-06-26 09:32:12.886: 03: [643896] --> 250-ENHANCEDSTATUSCODES
Wed 2019-06-26 09:32:12.886: 03: [643896] --> 250 SIZE 3072
Wed 2019-06-26 09:32:12.969: 02: [643896] <-- MAIL 
FROM: SIZE=45623
Wed 2019-06-26 09:32:12.972: 05: [643896] Performing PTR lookup 
(130.130.107.40.IN-ADDR.ARPA)
Wed 2019-06-26 09:32:12.988: 05: [643896] *  D=130.130.107.40.IN-ADDR.ARPA 
TTL=(60) PTR=[mail-eopbgr1300130.outbound.protection.outlook.com]
Wed 2019-06-26 09:32:13.039: 05: [643896] *  
D=mail-eopbgr1300130.outbound.protection.outlook.com TTL=(10) A=[40.107.130.130]
Wed 2019-06-26 09:32:13.039: 05: [643896]  End PTR results
Wed 2019-06-26 09:32:13.042: 05: [643896] Performing IP lookup 
(APC01-HK2-obe.outbound.protection.outlook.com)
Wed 2019-06-26 09:32:13.095: 05: [643896] *  
D=APC01-HK2-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.124.49]
Wed 2019-06-26 09:32:13.095: 05: [643896] *  
D=APC01-HK2-obe.outbound.protection.outlook.com TTL=(10) A=[65.55.88.207]
Wed 2019-06-26 09:32:13.095: 05: [643896] *  
D=APC01-HK2-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.124.40]
Wed 2019-06-26 09:32:13.095: 05: [643896] *  
D=APC01-HK2-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.124.41]
Wed 2019-06-26 09:32:13.095: 05: [643896] *  
D=APC01-HK2-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.124.42]
Wed 2019-06-26 09:32:13.095: 05: [643896] *  
D=APC01-HK2-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.124.43]
Wed 2019-06-26 09:32:13.096: 05: [643896] *  
D=APC01-HK2-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.124.44]
Wed 2019-06-26 09:32:13.096: 05: [643896] *  
D=APC01-HK2-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.124.45]
Wed 2019-06-26 09:32:13.096: 05: [643896] *  
D=APC01-HK2-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.124.46]
Wed 2019-06-26 09:32:13.096: 05: [643896] *  
D=APC01-HK2-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.124.47]
Wed 2019-06-26 09:32:13.096: 05: [643896] *  
D=APC01-HK2-obe.outbound.protection.outlook.com TTL=(10) A=[104.47.124.48]
Wed 2019-06-26 09:32:13.096: 05: [643896]  End IP lookup results
Wed 2019-06-26 09:32:13.101: 05: [643896] Performing IP lookup (mpm-finance.com)
Wed 2019-06-26 09:32:13.125: 05: [643896] *  P=000 S=000 D=mpm-finance.com 
TTL=(29) MX=[mpmfinance-com0i.mail.protection.outlook.com]
Wed 2019-06-26 09:32:13.310: 05: [643896] *  
D=mpmfinance-com0i.mail.protection.outlook.com TTL=(0) A=[104.47.124.36]
Wed 2019-06-26 09:32:13.310: 05: [643896] *  
D=mpmfinance-com0i.mail.protection.outlook.com TTL=(0) A=[104.47.126.36]
Wed 2019-06-26 09:32:13.310: 05: [643896]  End IP lookup results
Wed 2019-06-26 09:32:13.317: 03: [643896] --> 250 2.1.0 Sender OK
Wed 2019-06-26 09:32:13.398: 02: [643896] <-- RCPT TO:
Wed 2019-06-26 09:32:13.426: 05: [643896] Performing DNS-BL lookup 
(40.107.130.130 - connecting IP)
Wed 2019-06-26 09:32:13.615: 05: [643896] *  zen.spamhaus.org - passed
Wed 2019-06-26 09:32:13.615: 05: [643896]  End DNS-BL results
Wed 2019-06-26 09:32:13.706: 03: [643896] --> 250 2.1.5 Recipient OK
Wed 2019-06-26 09:32:13.788: 02: [643896] <-- DATA
Wed 2019-06-26 09:32:13.792: 01: [643896] Creating temp file (SMTP): 
c:\mdaemon\queues\temp\md5

[mdaemon-l] Mohon bantuan analisa

2019-06-26 Terurut Topik Syafril Hermansyah

On 26/06/19 13.15, Seno H (s...@clipan.co.id) wrote:
> Kami tiap kali dikirim email oleh rekanan kami selalu ditolak, dengan
> error spt dibawah ini:
> 
> *mail.clipan.co.id  rejected your message to
> the following email addresses:*
> 
> s...@clipan.co.id (s...@clipan.co.id) 
> 
> Your message wasn't delivered because the recipient's email provider
> rejected it.
> 
> *mail.clipan.co.id  gave this error:
> 40.107.131.113 does not have valid PTR record *


Periksa/cari transaksinya di smtp-in log.

>  Dan kadang error karena Dmarc nya. Ini kenapa ya pak?


Kemungkinan mail masuk lewat MX backup.
Untuk memastikan, periksa transaksinya dari smtp-in log.



-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 19.0.2-64 bit
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

It is not that I'm so smart. But I stay with the questions much longer.
--- Albert Einstein


-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 19.0.1, SG 6.0.2

[mdaemon-l] Mohon bantuan analisa

2019-06-25 Terurut Topik Seno H

Siang pak Syafril,

Kami tiap kali dikirim email oleh rekanan kami selalu ditolak, dengan error
spt dibawah ini:

  mail.clipan.co.id rejected your message to the
following email addresses:

  s...@clipan.co.id (s...@clipan.co.id)

Your message wasn't delivered because the recipient's email provider
rejected it.



  mail.clipan.co.id gave this error:
40.107.131.113 does not have valid PTR record 










Diagnostic information for administrators:

Generating server:  
SG2PR06MB2475.apcprd06.prod.outlook.com

  s...@clipan.co.id
  mail.clipan.co.id
Remote Server returned '501 5.7.0 40.107.131.113 does not have valid PTR
record'

Original message headers:

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=  mpmfinance.onmicrosoft.com;
s=selector1-mpmfinance-onmicrosoft-com;
 
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-Sende
rADCheck;
 bh=96SwVsc0F3HNoaZ3xyruS8OWPlOPQSM1aPQVVGHn938=;
 
b=WTSVATrW27kvx76IKBZp5Uq1lx/TcCn9z894XGZu1FmfJ1K50k//iZtSl6zsFNvMSJNkRBCAtz
aaHF5+ufaEw1o3k2l4wPmQvkJJQXRbj0LH3cTO2yzHUAj6Nr3NLh622fLs13r9oKjlSED21e1qFM
3wMmWd8Q3zl4Uu9PwYjqo=
Received: from  
SG2PR06MB2844.apcprd06.prod.outlook.com (20.177.18.137) by
  
SG2PR06MB2475.apcprd06.prod.outlook.com (20.177.88.142) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2008.13; Wed, 26 Jun 2019 03:53:48 +
Received: from  
SG2PR06MB2844.apcprd06.prod.outlook.com
 ([fe80::f947:7d4d:8b7:c043]) by

SG2PR06MB2844.apcprd06.prod.outlook.com
 ([fe80::f947:7d4d:8b7:c043%3]) with mapi id 15.20.2008.014; Wed, 26 Jun
2019
 03:53:48 +
From: Gunawan Sukirno < 
gunawan.suki...@mpm-finance.com>
To: "  s...@clipan.co.id" <
 s...@clipan.co.id>
Subject: Test email
Thread-Topic: Test email
Thread-Index: AdUr0vqJzZYcrMATS2uh6F8557DQKw==
Date: Wed, 26 Jun 2019 03:53:48 +
Message-ID: <

sg2pr06mb28444a00491ef7abc6626a52bc...@sg2pr06mb2844.apcprd06.prod.outlook.c
om>
Accept-Language: en-ID, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is )
 smtp.mailfrom= 
gunawan.suki...@mpm-finance.com; 
x-originating-ip: [202.152.2.82]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id:
0dc48a48-276b-4f4e-4099-08d6f9e9e555
x-microsoft-antispam:
BCL:0;PCL:0;RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(20
1703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(
2017052603328)(7193020);SRVR:SG2PR06MB2475;
x-ms-traffictypediagnostic: SG2PR06MB2475:
x-microsoft-antispam-prvs: <

sg2pr06mb24758950ae3386b798cf3862bc...@sg2pr06mb2475.apcprd06.prod.outlook.c
om>
x-ms-oob-tlc-oobclassifiers: OLM:1728;
x-forefront-prvs: 00808B16F3
x-forefront-antispam-report:
SFV:NSPM;SFS:(10019020)(136003)(396003)(3984044)(366004)(376002)(346002)
(189003)(199004)(7119041)(47861)(66066001)(33656002)(6916009)(256004
)(99286004)(26005)(7696005)(86362001)(6506007)(7736002)(7120041)(9686003
)(68736007)(54896002)(6116002)(72206003)(486006)(566032)(73956011)(81166
006)(173073)(79071)(81156014)(8676002)(6306002)(3846002)(66946007)(1
02836004)(76116006)(186003)(7116003)(64756008)(66556008)(66476007)(66446008)
(2906002)(8936002)(476003)(14454004)(348075)(564073)(74316002)(55016
002)(52536014)(558084003)(221733001)(427066)(2351001)(6436002)(316002)(2
5786009)(2501003)(53936002)(91312001);DIR:OUT;SFP:1102;SCL:1;SRVR:SG2PR06MB2
475;H: 
SG2PR06MB2844.apcprd06.prod.outlook.com;FPR:;SPF:None;LANG:id;PTR:InfoNoReco
rds;MX:1;A:0;
received-spf: None ( 
protection.outlook.com:   mpm-finance.com does not
designate
 permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info:
Jxxk0pdmTGUFsq36217dC/9of4NeAJU6EtHhJ9oksSP4XloGzpTOXh/15DE+8bOY5m66sRhZ3IxZ
6K2NsScrfpHbri1UFg+0viaHGxgoxPSU6n+g7dgM4cgm3X7BOwrFCb0giPSVpOaVgkF5srDOIoA3
9R/2Uoz8+aE6pbbNBPx4Vkee8sb7DMwMtiC8UZnj2PLobA/0UeQixb1jna40wmTzatUGmduqyJqT
xMp/26iO+tymmzH+EpkMpjTVDJs+SXSNYWru1iFd3WScMCVLS06XHLZfXZK+P1giSYFFFd/P6fb9
NQJY8Ra+zYEuSKCdmFO7atnrGYRq3+sD6GTGdPnk1umUdoDJdZ6718deY5ufV5171KcK7rRQ0FSZ
0+ShrNmswYsN1pL8/ZbasZceThxRLteKc+tyELLvzBX5U30=
Content-Type: multipa

[MDaemon-L] mohon bantuan analisa header dibawah

2013-06-20 Terurut Topik Syafril Hermansyah

On 20/06/2013 11:35, Henry Kuswanto wrote:
>> Itu problem di server penerima (kelihatannya itu front end server,
>> berupa antivirus atau antispam server).
> 
> Berarti rejection terjadi di server "sparks.dentsu.co.id", di MD saya
> hanya running MDSP. Server di belakang firewall (allow port MD) tapi
> rejection berada di MD berarti sudah lolos firewall mestinya.  Apakah
> karena Default Domain Server - Delivery -
> [  ] Abort delivery if SMTP RCPT command receive 5xx error
> [v] Bounce message if recieving domain has no MX records
> [v] Bounce message on first 5xx error from any of receiving domain MX hosts

Tidak.
Rejection itu di tahap setelah transfer DATA, umumnya yang melakukan ini
adalah antivirus atau antispam service di server receiver.

> Laporan smtp-in log di reject oleh OP, kira-kira kenapa ya pak ?

Yang mereject itu Outbreak Protection.
Rejection dilakukan karena mail dikirim melalui sender host yang punya
reputasi buruk.

http://www.commtouch.com/check-ip-reputation/

IP Query Result:
IP Address: 112.78.149.50
Risk Level: High Risk
 Description:   This IP address is used for sending Spam on a regular basis

kalau memang sender adalah rekan korespondensi user Anda, masukkan
sender domain *@mic.co.id kedalam spam filter whitelist

http://mdaemon.dutaint.co.id/13.5/index.html?sf_white_list_from.htm

-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 13.5 SecurityPlus 4.1.5
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.


-- 
--[MDaemon-L]
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: http://www.netmeister.org/news/learn2quote
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 13.5.0, SP 4.1.5, BES 2.0.2, OC 2.3.1, SG 2.1.2, PP 2.0.1

[MDaemon-L] mohon bantuan analisa header dibawah

2013-06-19 Terurut Topik Henry Kuswanto

- Original Message - 
From: "Syafril Hermansyah" 

Itu problem di server penerima (kelihatannya itu front end server,
berupa antivirus atau antispam server).


Berarti rejection terjadi di server "sparks.dentsu.co.id", di MD saya hanya 
running MDSP. Server di belakang firewall (allow port MD) tapi rejection 
berada di MD berarti sudah lolos firewall mestinya.  Apakah karena Default 
Domain Server - Delivery -

[  ] Abort delivery if SMTP RCPT command receive 5xx error
[v] Bounce message if recieving domain has no MX records
[v] Bounce message on first 5xx error from any of receiving domain MX hosts


Problem persisnya tidak tahu karena tidak ada penjelasan persisnya, bisa
karena attachment file dianggap bervirus, spamscore tinggi atau problem
internal (misalkan disk space habis atau resource CPU tidak mencukupi
untuk memproses lebih lanjut).


Laporan smtp-in log di reject oleh OP, kira-kira kenapa ya pak ? Subject 
juga tidak mencurigakan.

Thanks pak

Tue 2013-06-04 18:02:03: --
Tue 2013-06-04 18:02:06: [665980:1] Session 665980; child 1
Tue 2013-06-04 18:02:06: [665980:1] Accepting SMTP connection from 
[112.78.149.50:42500] to [192.168.208.15:25]
Tue 2013-06-04 18:02:06: [665980:1] --> 220-mail.dentsu.co.id ESMTP MDaemon 
13.0.5; Tue, 04 Jun 2013 18:02:06 +0700
Tue 2013-06-04 18:02:06: [665980:1] --> 
220-=
Tue 2013-06-04 18:02:06: [665980:1] --> 220-  PLEASE BE GOOD WILL YOU, NO 
SPAM, NO RELAY, THANKS
Tue 2013-06-04 18:02:06: [665980:1] --> 220 
=

Tue 2013-06-04 18:02:06: [665980:1] <-- EHLO mail.mic.co.id
Tue 2013-06-04 18:02:06: [665980:1] --> 250-mail.dentsu.co.id Hello 
mail.mic.co.id, pleased to meet you

Tue 2013-06-04 18:02:06: [665980:1] --> 250-ETRN
Tue 2013-06-04 18:02:06: [665980:1] --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Tue 2013-06-04 18:02:06: [665980:1] --> 250-8BITMIME
Tue 2013-06-04 18:02:06: [665980:1] --> 250 SIZE 1500
Tue 2013-06-04 18:02:06: [665980:1] <-- MAIL FROM:  
SIZE=227442
Tue 2013-06-04 18:02:06: [665980:1] Performing PTR lookup 
(50.149.78.112.IN-ADDR.ARPA)
Tue 2013-06-04 18:02:06: [665980:1] *  Error: *  Name server reports domain 
name unknown

Tue 2013-06-04 18:02:06: [665980:1] *  No PTR records found
Tue 2013-06-04 18:02:06: [665980:1]  End PTR results
Tue 2013-06-04 18:02:06: [665980:1] Performing IP lookup (mail.mic.co.id)
Tue 2013-06-04 18:02:06: [665980:1] *  D=mail.mic.co.id TTL=(1066) 
A=[112.78.149.52]

Tue 2013-06-04 18:02:06: [665980:1]  End IP lookup results
Tue 2013-06-04 18:02:06: [665980:1] Performing IP lookup (mic.co.id)
Tue 2013-06-04 18:02:06: [665980:1] *  P=010 S=001 D=mic.co.id TTL=(1066) 
MX=[mail.mic.co.id] {112.78.149.52}
Tue 2013-06-04 18:02:06: [665980:1] *  P=020 S=000 D=mic.co.id TTL=(1066) 
MX=[mx-corp3.cbn.net.id] {202.158.81.51}

Tue 2013-06-04 18:02:06: [665980:1]  End IP lookup results
Tue 2013-06-04 18:02:06: [665980:1] --> 250 , Sender ok
Tue 2013-06-04 18:02:06: [665980:1] <-- RCPT TO: 

Tue 2013-06-04 18:02:06: [665980:1] Performing DNS-BL lookup 
(112.78.149.50 - connecting IP)

Tue 2013-06-04 18:02:07: [665980:1] *  zen.spamhaus.org - passed
Tue 2013-06-04 18:02:07: [665980:1]  End DNS-BL results
Tue 2013-06-04 18:02:07: [665980:1] --> 250 , 
Recipient ok

Tue 2013-06-04 18:02:07: [665980:1] <-- DATA
Tue 2013-06-04 18:02:07: [665980:1] Creating temp file (SMTP): 
d:\mdaemon\queues\temp\35\md5003436.tmp
Tue 2013-06-04 18:02:07: [665980:1] --> 354 Enter mail, end with 
.

Tue 2013-06-04 18:02:08: [665980:1] Message size: 227516 bytes
Tue 2013-06-04 18:02:08: [665980:1] Passing message through AntiVirus (Size: 
227516)...

Tue 2013-06-04 18:02:08: [665980:1] *  Message is clean (no viruses found)
Tue 2013-06-04 18:02:08: [665980:1]  End AntiVirus results
Tue 2013-06-04 18:02:08: [665980:1] Passing message through Outbreak 
Protection...
Tue 2013-06-04 18:02:08: [665980:1] *  Message-ID: 
D727A6FBD9D74662A61586AF725CFBE2@AnisVaio
Tue 2013-06-04 18:02:08: [665980:1] *  Reference-ID: 
str=0001.0A150203.51ADC9E8.024D,ss=4,re=0.000,fgs=12

Tue 2013-06-04 18:02:08: [665980:1] *  Virus result: 0 - Clean
Tue 2013-06-04 18:02:08: [665980:1] *  Spam result: 4 - Spam (confirmed)
Tue 2013-06-04 18:02:08: [665980:1] *  IWF result: 0 - Clean
Tue 2013-06-04 18:02:08: [665980:1]  End Outbreak Protection results
Tue 2013-06-04 18:02:08: [665980:1] --> 554 Sorry, message looks like spam 
or phish to me (OP)
Tue 2013-06-04 18:02:08: [665980:1] SMTP session terminated (Bytes in/out: 
227629/565)

Tue 2013-06-04 18:02:08: --


--
--[MDaemon-L]
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: http://www.netmeister.org/news/learn2quote
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.

[MDaemon-L] mohon bantuan analisa header dibawah

2013-06-19 Terurut Topik Syafril Hermansyah

On 19/06/2013 17:51, Henry Kuswanto wrote:
> Mohon bantuan analisa header email dibawah. Kasusnya email dari pengirim
> tidak berhasil diterima user saya.
> Kenapa setelah '"Transfer Complete" ada "554 Transaction failed" ya ?
> Ini penyebabnya apa ?

Itu problem di server penerima (kelihatannya itu front end server,
berupa antivirus atau antispam server).

> Tue 2013-06-04 18:05:11: Transfer Complete
> Tue 2013-06-04 18:05:13: <-- 554 Transaction failed 

Problem persisnya tidak tahu karena tidak ada penjelasan persisnya, bisa
karena attachment file dianggap bervirus, spamscore tinggi atau problem
internal (misalkan disk space habis atau resource CPU tidak mencukupi
untuk memproses lebih lanjut).

-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 13.5 SecurityPlus 4.1.5
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.


-- 
--[MDaemon-L]
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: http://www.netmeister.org/news/learn2quote
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 13.5.0, SP 4.1.5, BES 2.0.2, OC 2.3.1, SG 2.1.2, PP 2.0.1

[MDaemon-L] mohon bantuan analisa header dibawah

2013-06-19 Terurut Topik Henry Kuswanto


pak Syafril,
Mohon bantuan analisa header email dibawah. Kasusnya email dari pengirim 
tidak berhasil diterima user saya.
Kenapa setelah '"Transfer Complete" ada "554 Transaction failed" ya ? Ini 
penyebabnya apa ?

Potongan report dibawah dikirim dari pihak pengirim ke saya.

Terima kasih
Henry

-Original Message- 
From: MDaemon at mail.mic.co.id

Sent: Tuesday, June 04, 2013 6:05 PM
To: a...@mic.co.id
Subject: Permanent Delivery Failure

--
MDaemon Delivery Status Notification - http://www.altn.com/dsn/
--

The attached message had PERMANENT fatal delivery errors.

After one or more unsuccessful delivery attempts the attached message has
been removed from the MDaemon mail queue on this server.  The number and
frequency of delivery attempts are determined by local configuration.

--
YOUR MESSAGE WAS NOT DELIVERED TO ONE OR MORE RECIPIENTS
--

Failed address: veron...@sparks.dentsu.co.id

--- Session Transcript ---
Tue 2013-06-04 18:05:11: Parsing message

Tue 2013-06-04 18:05:11: *  From: a...@mic.co.id
Tue 2013-06-04 18:05:11: *  To: veron...@sparks.dentsu.co.id
Tue 2013-06-04 18:05:11: *  Subject: Fw: acc prof biaya pemotretan iklan
pigeon & honor model umbrella campaig dan peristaltic plus nipple
Tue 2013-06-04 18:05:11: *  Size (bytes): 227442
Tue 2013-06-04 18:05:11: *  Message-ID:

Tue 2013-06-04 18:05:11: Attempting SMTP connection to [sparks.dentsu.co.id]
Tue 2013-06-04 18:05:11: Resolving MX records for [sparks.dentsu.co.id] (DNS
Server: 10.1.50.253)...
Tue 2013-06-04 18:05:11: *  P=010 S=000 D=sparks.dentsu.co.id TTL=(98)
MX=[mail.sparks.dentsu.co.id]
Tue 2013-06-04 18:05:11: *  P=020 S=001 D=sparks.dentsu.co.id TTL=(98)
MX=[mx-corp3.cbn.net.id]
Tue 2013-06-04 18:05:11: Attempting SMTP connection to
[mail.sparks.dentsu.co.id:25]
Tue 2013-06-04 18:05:11: Resolving A record for [mail.sparks.dentsu.co.id]
(DNS Server: 10.1.50.253)...
Tue 2013-06-04 18:05:11: *  D=mail.sparks.dentsu.co.id TTL=(98)
A=[202.158.0.158]
Tue 2013-06-04 18:05:11: Attempting SMTP connection to [202.158.0.158:25]
Tue 2013-06-04 18:05:11: Waiting for socket connection...
Tue 2013-06-04 18:05:11: *  Connection established (10.1.51.2:3037 ->
202.158.0.158:25)
Tue 2013-06-04 18:05:11: Waiting for protocol to start...
Tue 2013-06-04 18:05:11: <-- 220 mail.dentsu.co.id ESMTP Service ready
Tue 2013-06-04 18:05:11: --> EHLO mail.mic.co.id
Tue 2013-06-04 18:05:11: <-- 250-Requested mail action okay, completed
Tue 2013-06-04 18:05:11: <-- 250-ETRN
Tue 2013-06-04 18:05:11: <-- 250-AUTH LOGIN CRAM-MD5 PLAIN
Tue 2013-06-04 18:05:11: <-- 250-8BITMIME
Tue 2013-06-04 18:05:11: <-- 250-SIZE 1500
Tue 2013-06-04 18:05:11: <-- 250 OK
Tue 2013-06-04 18:05:11: --> MAIL From: SIZE=227442
Tue 2013-06-04 18:05:11: <-- 250 Requested mail action okay, completed
Tue 2013-06-04 18:05:11: --> RCPT To:
Tue 2013-06-04 18:05:11: <-- 250 Requested mail action okay, completed
Tue 2013-06-04 18:05:11: --> DATA
Tue 2013-06-04 18:05:11: <-- 354
Tue 2013-06-04 18:05:11: Sending
 to [202.158.0.158]
Tue 2013-06-04 18:05:11: Transfer Complete
Tue 2013-06-04 18:05:13: <-- 554 Transaction failed
Tue 2013-06-04 18:05:13: --> QUIT
--- End Transcript --- 



--
--[MDaemon-L]
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: http://www.netmeister.org/news/learn2quote
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 13.5.0, SP 4.1.5, BES 2.0.2, OC 2.3.1, SG 2.1.2, PP 2.0.1

[mdaemon-l] Mohon bantuan analisa

[mdaemon-l] Mohon bantuan analisa

[mdaemon-l] Mohon bantuan analisa

[mdaemon-l] Mohon bantuan analisa

[mdaemon-l] Mohon bantuan analisa

[mdaemon-l] Mohon bantuan analisa

[MDaemon-L] mohon bantuan analisa header dibawah

[MDaemon-L] mohon bantuan analisa header dibawah

[MDaemon-L] mohon bantuan analisa header dibawah

[MDaemon-L] mohon bantuan analisa header dibawah

10 matches

Site Navigation

Mail list logo

Footer information