[mdaemon-l] spam email bitcoin

2019-05-26 Terurut Topik Anjas Wahyu Nurhayanto 
> Hmmm... saya tambahkan ke host screening untuk sender host itu.

Baik, Pak. Terima kasih atas bantuan dan kerjasamanya.


-- 
Warm Regards,

Anjas
-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 19.0.1, SG 6.0.1

[mdaemon-l] spam email bitcoin

2019-05-24 Terurut Topik Syafril Hermansyah 
On 24/05/19 09.58, Anjas Wahyu Nurhayanto (an...@inticipta.co.id) wrote:
>> Mestinya ini akan ditolak oleh hostscreening.
>>
>>
>> http://mdaemon.dutaint.co.id/mdaemon/19.0/index.html?security--reverse_lookup.htm
>>
>> [x] Perform lookup on HELO/EHLO domain
>> dst
> pada setting sebelumnya menu ini sudah aktif (terlampir)


Hmmm... saya tambahkan ke host screening untuk sender host itu.


-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, MDaemon 19.0.1-64
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

The only thing that stands between you and your dream is the will to try
and the belief that it is actually possible.
---  Joel Brown


-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 19.0.1, SG 6.0

[mdaemon-l] spam email bitcoin

2019-05-23 Terurut Topik Anjas Wahyu Nurhayanto 
> Mestinya ini akan ditolak oleh hostscreening.
>
>
> http://mdaemon.dutaint.co.id/mdaemon/19.0/index.html?security--reverse_lookup.htm
>
> [x] Perform lookup on HELO/EHLO domain
> dst

pada setting sebelumnya menu ini sudah aktif (terlampir)


> Naikkan nilai spam score di Outbreak Protection.
>
>
> http://mdaemon.dutaint.co.id/mdaemon/19.0/index.html?sp_outbreak_protection.htm
>
> Spam should be...
>
> [x] accepted for filtering Score: 4.9
>
> > Wed 2019-05-22 22:23:28.587: 07: Spam Filter score/req: 11.60/12.0
>
>
> Agar total spam scorenya diatas 12.0 --> ditolak.

opsi ini sudah saya naikkan nilainya dari 3.0 menjadi 4.9 sesuai anjuran bapak

-- 
Warm Regards,

Anjas

-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 19.0.1, SG 6.0

[mdaemon-l] spam email bitcoin

2019-05-23 Terurut Topik Syafril Hermansyah 
On 24/05/19 07.11, Anjas Wahyu Nurhayanto (an...@inticipta.co.id) wrote:
> klien kami menerima email spam dengan bitcoin request. setelah saya
> cek log nya adalah sebagai berikut :
> 
> Wed 2019-05-22 22:23:23.051: 02: <-- EHLO ppp-94-66-57-110.home.otenet.gr
> Wed 2019-05-22 22:23:23.052: 03: --> 250-aksball.co.id Hello
> ppp-94-66-57-110.home.otenet.gr [94.66.57.110], pleased to meet you


Mestinya ini akan ditolak oleh hostscreening.


http://mdaemon.dutaint.co.id/mdaemon/19.0/index.html?security--reverse_lookup.htm

[x] Perform lookup on HELO/EHLO domain
dst


> Wed 2019-05-22 22:23:28.022: 11: *  Spam result: 4 - Spam (confirmed)
> Wed 2019-05-22 22:23:28.587: 07: *  3.0 MDAEMON_OP_SPAM_HIGH MDaemon: 
> spam/phish

Naikkan nilai spam score di Outbreak Protection.


http://mdaemon.dutaint.co.id/mdaemon/19.0/index.html?sp_outbreak_protection.htm

Spam should be...

[x] accepted for filtering Score: 4.9

> Wed 2019-05-22 22:23:28.587: 07: Spam Filter score/req: 11.60/12.0


Agar total spam scorenya diatas 12.0 --> ditolak.

-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 19.0.1-64 bit
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

The life so short, the craft so long to learn.
--- Hippocrates













-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 19.0.1, SG 6.0

[mdaemon-l] spam email bitcoin

2019-05-23 Terurut Topik Anjas Wahyu Nurhayanto 
Dear Pak Syafril,

klien kami menerima email spam dengan bitcoin request. setelah saya
cek log nya adalah sebagai berikut :

Wed 2019-05-22 22:23:22.786: 05: Session 698276; child 0001
Wed 2019-05-22 22:23:22.786: 05: Accepting SMTP connection from
94.66.57.110:37660 to 10.0.0.1:25
Wed 2019-05-22 22:23:22.789: 03: --> 220 aksball.co.id ESMTP Wed, 22
May 2019 22:23:22 +0700
Wed 2019-05-22 22:23:23.051: 02: <-- EHLO ppp-94-66-57-110.home.otenet.gr
Wed 2019-05-22 22:23:23.052: 03: --> 250-aksball.co.id Hello
ppp-94-66-57-110.home.otenet.gr [94.66.57.110], pleased to meet you
Wed 2019-05-22 22:23:23.052: 03: --> 250-ETRN
Wed 2019-05-22 22:23:23.052: 03: --> 250-AUTH LOGIN PLAIN
Wed 2019-05-22 22:23:23.052: 03: --> 250-8BITMIME
Wed 2019-05-22 22:23:23.052: 03: --> 250-ENHANCEDSTATUSCODES
Wed 2019-05-22 22:23:23.052: 03: --> 250 SIZE
Wed 2019-05-22 22:23:23.443: 02: <-- MAIL From:
Wed 2019-05-22 22:23:23.445: 05: Performing PTR lookup
(110.57.66.94.IN-ADDR.ARPA)
Wed 2019-05-22 22:23:23.985: 05: *  D=110.57.66.94.IN-ADDR.ARPA
TTL=(0) PTR=[ppp-94-66-57-110.home.otenet.gr]
Wed 2019-05-22 22:23:24.231: 05: *  D=ppp-94-66-57-110.home.otenet.gr
TTL=(0) A=[94.66.57.110]
Wed 2019-05-22 22:23:24.231: 05:  End PTR results
Wed 2019-05-22 22:23:24.233: 05: Performing IP lookup
(ppp-94-66-57-110.home.otenet.gr)
Wed 2019-05-22 22:23:24.233: 05: *  D=ppp-94-66-57-110.home.otenet.gr
TTL=(0) A=[94.66.57.110]
Wed 2019-05-22 22:23:24.233: 05:  End IP lookup results
Wed 2019-05-22 22:23:24.236: 05: Performing IP lookup (nisarinc.com)
Wed 2019-05-22 22:23:24.484: 05: *  D=nisarinc.com TTL=(0) A=[74.208.3.155]
Wed 2019-05-22 22:23:25.182: 05: *  P=010 S=000 D=nisarinc.com TTL=(0)
MX=[inbound30.exchangedefender.com] {206.125.40.130}
Wed 2019-05-22 22:23:25.182: 05:  End IP lookup results
Wed 2019-05-22 22:23:25.183: 09: Performing SPF lookup
(ppp-94-66-57-110.home.otenet.gr / 94.66.57.110)
Wed 2019-05-22 22:23:25.747: 09: *  Result: none; no SPF record in DNS
Wed 2019-05-22 22:23:25.747: 09:  End SPF results
Wed 2019-05-22 22:23:25.747: 09: Performing SPF lookup (nisarinc.com /
94.66.57.110)
Wed 2019-05-22 22:23:25.979: 09: *  Result: none; no SPF record in DNS
Wed 2019-05-22 22:23:25.979: 09:  End SPF results
Wed 2019-05-22 22:23:25.979: 03: --> 250 2.1.0 Sender OK
Wed 2019-05-22 22:23:26.314: 02: <-- RCPT To:
Wed 2019-05-22 22:23:26.340: 03: --> 250 2.1.5 Recipient OK
Wed 2019-05-22 22:23:26.847: 02: <-- DATA
Wed 2019-05-22 22:23:26.848: 01: Creating temp file (SMTP):
d:\mdaemon\queues\temp\md5105374.tmp
Wed 2019-05-22 22:23:26.848: 03: --> 354 Enter mail, end with .
Wed 2019-05-22 22:23:27.609: 01: Message size: 2085 bytes
Wed 2019-05-22 22:23:27.610: 10: Performing DKIM lookup
Wed 2019-05-22 22:23:27.610: 10: *  File:
d:\mdaemon\queues\temp\md5105374.tmp
Wed 2019-05-22 22:23:27.610: 10: *  Message-ID:
<689902165459230453463...@nisarinc.com>
Wed 2019-05-22 22:23:27.610: 10: *  Result: neutral
Wed 2019-05-22 22:23:27.610: 10:  End DKIM results
Wed 2019-05-22 22:23:27.614: 19: Performing DMARC processing
Wed 2019-05-22 22:23:27.614: 19: *  File:
d:\mdaemon\queues\temp\md5105374.tmp
Wed 2019-05-22 22:23:27.614: 19: *  Message-ID:
<689902165459230453463...@nisarinc.com>
Wed 2019-05-22 22:23:27.614: 19: *  Author domain: nisarinc.com
Wed 2019-05-22 22:23:27.614: 19: *  Organizational domain: nisarinc.com
Wed 2019-05-22 22:23:27.614: 19: *  Query domain: _dmarc.nisarinc.com
Wed 2019-05-22 22:23:27.842: 19: *No DMARC policy record found
Wed 2019-05-22 22:23:27.842: 19: *  Action taken: none
Wed 2019-05-22 22:23:27.842: 19: *  Result: none
Wed 2019-05-22 22:23:27.842: 19:  End DMARC results
Wed 2019-05-22 22:23:27.875: 06: Passing message through AntiVirus
(Size: 2085)...
Wed 2019-05-22 22:23:27.876: 06: *  Recipient or sender in exclusion list
Wed 2019-05-22 22:23:27.876: 06:  End AntiVirus results
Wed 2019-05-22 22:23:28.022: 11: Passing message through Outbreak Protection...
Wed 2019-05-22 22:23:28.022: 11: *  Message-ID:
<689902165459230453463...@nisarinc.com>
Wed 2019-05-22 22:23:28.022: 11: *  Reference-ID:
str=0001.0A150206.5CE56970.0002,ss=4,re=0.000,recu=0.000,reip=0.000,pt=C_5819,cl=4,cld=1,fgs=12
Wed 2019-05-22 22:23:28.022: 11: *  Virus result: 0 - Clean
Wed 2019-05-22 22:23:28.022: 11: *  Spam result: 4 - Spam (confirmed)
Wed 2019-05-22 22:23:28.022: 11: *  IWF result: 0 - Clean
Wed 2019-05-22 22:23:28.022: 11:  End Outbreak Protection results
Wed 2019-05-22 22:23:28.025: 07: Passing message through Spam Filter
(Size: 2085)...
Wed 2019-05-22 22:23:28.587: 07: *  3.0 MDAEMON_OP_SPAM_HIGH MDaemon: spam/phish
Wed 2019-05-22 22:23:28.587: 07: *  0.4 RDNS_DYNAMIC Delivered to
internal network by host with
Wed 2019-05-22 22:23:28.587: 07: *  dynamic-looking rDNS
Wed 2019-05-22 22:23:28.587: 07: *  3.2 HELO_DYNAMIC_IPADDR Relay
HELO'd using suspicious hostname (IP
Wed 2019-05-22 22:23:28.587: 07: *  addr 1)
Wed 2019-05-22 22:23:28.587: 07: *  2.5 BITCOIN_DEADLINE BitCoin wit