On 21/06/2024 13:43, Syafril Hermansyah via Mdaemon-L wrote:
On 6/21/24 09:36, Agi Subagio via Mdaemon-L wrote:
Carikan transaksi banned nya di Inbound Log.
inbound log ada di attachment - truncate
Wed 2024-06-19 18:14:09: **** ALERT **** Sender has reached RSET
dynamic screening threshold
Wed 2024-06-19 18:14:09: --> 421 Too many RSET commands
Wed 2024-06-19 18:14:09: **** ALERT **** Connection from 172.16.50.16
refused by dynamic screening; 604800 second(s) remain
Ini benar dynamic screening yang memblock.
Blocking terjadi akibat adanya mail loop antara SG dengan office
(backend) server.
Wed 2024-06-19 18:14:08: --> 250 <>, Sender ok
Wed 2024-06-19 18:14:08: <-- RCPT TO:<b2b.notificat...@am.b2b.com.my>
Wed 2024-06-19 18:14:08: User <b2b.notificat...@am.b2b.com.my> is not
local
Wed 2024-06-19 18:14:08: ========== Processing RCPT scripts for
recipient: b2b.notificat...@am.b2b.com.my
Wed 2024-06-19 18:14:08: -- Executing: Blocklist --
Wed 2024-06-19 18:14:08: -- Executing: Tarpitting --
Wed 2024-06-19 18:14:08: -- Executing: Relaying Denied --
Wed 2024-06-19 18:14:08: -- Executing: Invalid Recipient --
Wed 2024-06-19 18:14:08: -- Executing: Validate Local Sender --
Wed 2024-06-19 18:14:08: -- Executing: DNS Blocklists (Client IP) --
Wed 2024-06-19 18:14:08: -- Executing: SPF --
Wed 2024-06-19 18:14:08: -- Executing: Callback Verification --
Wed 2024-06-19 18:14:08: --> 250 <b2b.notificat...@am.b2b.com.my>,
Recipient ok
Wed 2024-06-19 18:14:08: <-- DATA
Wed 2024-06-19 18:14:08: --> 354 Enter mail, end with <CRLF>.<CRLF>
Wed 2024-06-19 18:14:08: NULL return path, parsing message headers
for sender address
Wed 2024-06-19 18:14:08: Sender = mailer-dae...@mbs.co.id
Wed 2024-06-19 18:14:08: Found DISABLED user
Wed 2024-06-19 18:14:08: User is disabled: <mailer-dae...@mbs.co.id>
Wed 2024-06-19 18:14:08: Message size: 3789 bytes
Wed 2024-06-19 18:14:08: Message-ID: <receipt-121243...@mbs.co.id>
Wed 2024-06-19 18:14:08: Accepting SMTP connection from [172.16.50.16
: 41020] on port 25
Wed 2024-06-19 18:14:08: # Sender is a local domain mail server (MBS
Mail Server)
Wed 2024-06-19 18:14:08: # Sender is on allowlist (IP global : 173878)
Wed 2024-06-19 18:14:08: --> 250-mx.mbs.co.id Hello mbs.co.id,
pleased to meet you
Ini bug, karena sender IP [172.16.50.16] masuk dalam allowlist global.
Saya akan laporkan ke MDaemon Security Gateway Developer.
Untuk sementara coba masukkan host backend server [mbs.co.id] kedalam
allowlists_hosts atau disable "Ban IPs that send this many RSET command.
https://help.mdaemon.com/SecurityGateway/en/allowlists_hosts.html
https://help.mdaemon.com/SecurityGateway/en/dynamic_screening.html
Itu kenapa mailer-dae...@mbs.co.id statusnya bisa disable?
Akun MAILER-DAEMON@ (<>, Null Reverse Path) umum dipakai sebagai
system account untuk meresponse autoresponder, Return-Receive
Confirmation dls.
Coba diubah statusnya dari userlist menjadi enable/normal.
https://help.mdaemon.com/SecurityGateway/en/user_list.html
Untuk sementara Dynamic Screeninng saya matikan dulu karena bug
tersebut. Sebelumnya sempat diaktifkan dengan menonaktifkan "Ban IPs
that send this many RSET", tetapi domain mail server tetap ke banned
walaupun opsi exclude sudah diaktifkan dan IP/host sudah didaftarkan ke
dalam IP Allowlist.
Ada beberapa email akun yang sengaja tidak diaktifkan di SG dg tujuan
agar tidak bisa menerima email dari luar. Alamat email tsb hanya utk
keperluan internal sesama domain mail server.
Sat 2024-06-22 06:00:03: -- Executing: Invalid Sender --
Sat 2024-06-22 06:00:03: -- Executing: IP Shield --
Sat 2024-06-22 06:00:03: -- Executing: MAIL DNS Lookup --
Sat 2024-06-22 06:00:03: -- Executing: SMTP Authentication Required --
Sat 2024-06-22 06:00:03: --> 250 <>, Sender ok
Sat 2024-06-22 06:00:03: <-- RCPT TO:<mbsctr...@mbs.co.id>
Sat 2024-06-22 06:00:03: Found DISABLED user
Sat 2024-06-22 06:00:03: User is disabled: <mbsctr...@mbs.co.id>
Sat 2024-06-22 06:00:03: ========== Processing RCPT scripts for
recipient: mbsctr...@mbs.co.id
Sat 2024-06-22 06:00:03: -- Executing: Blocklist --
Sat 2024-06-22 06:00:03: -- Executing: Tarpitting --
Sat 2024-06-22 06:00:03: -- Executing: Relaying Denied --
Sat 2024-06-22 06:00:03: -- Executing: Invalid Recipient --
Sat 2024-06-22 06:00:03: ** Reject 550 <mbsctr...@mbs.co.id>, Recipient
unknown
Sat 2024-06-22 06:00:03: --> 550 <mbsctr...@mbs.co.id>, Recipient unknown
Sat 2024-06-22 06:00:03: <-- RSET
Sat 2024-06-22 06:00:03: --> 250 RSET? Well, OK.
Sat 2024-06-22 06:00:03: <-- RSET
Sat 2024-06-22 06:00:03: --> 250 RSET? Well, OK.
Sat 2024-06-22 06:00:03: <-- MAIL FROM:<> SIZE=4885
Sat 2024-06-22 06:00:03: ========== Processing MAIL scripts
Sat 2024-06-22 06:00:03: -- Executing: Invalid Sender --
Sat 2024-06-22 06:00:03: -- Executing: IP Shield --
Sat 2024-06-22 06:00:03: -- Executing: MAIL DNS Lookup --
Sat 2024-06-22 06:00:03: -- Executing: SMTP Authentication Required --
Sat 2024-06-22 06:00:03: --> 250 <>, Sender ok
Sat 2024-06-22 06:00:03: <-- RCPT TO:<mbsctr...@mbs.co.id>
Sat 2024-06-22 06:00:03: Found DISABLED user
Sat 2024-06-22 06:00:03: User is disabled: <mbsctr...@mbs.co.id>
Sat 2024-06-22 06:00:03: ========== Processing RCPT scripts for
recipient: mbsctr...@mbs.co.id
Sat 2024-06-22 06:00:03: -- Executing: Blocklist --
Sat 2024-06-22 06:00:03: -- Executing: Tarpitting --
Sat 2024-06-22 06:00:03: -- Executing: Relaying Denied --
Sat 2024-06-22 06:00:03: -- Executing: Invalid Recipient --
Sat 2024-06-22 06:00:03: ** Reject 550 <mbsctr...@mbs.co.id>, Recipient
unknown
Sat 2024-06-22 06:00:03: --> 550 <mbsctr...@mbs.co.id>, Recipient unknown
Sat 2024-06-22 06:00:03: <-- RSET
Sat 2024-06-22 06:00:03: --> 250 RSET? Well, OK.
Sat 2024-06-22 06:00:03: <-- RSET
Sat 2024-06-22 06:00:03: --> 250 RSET? Well, OK.
Sat 2024-06-22 06:00:03: <-- MAIL FROM:<> SIZE=23907 BODY=8BITMIME
Sat 2024-06-22 06:00:03: ========== Processing MAIL scripts
Sat 2024-06-22 06:00:03: -- Executing: Invalid Sender --
Sat 2024-06-22 06:00:03: -- Executing: IP Shield --
Sat 2024-06-22 06:00:03: -- Executing: MAIL DNS Lookup --
Sat 2024-06-22 06:00:03: -- Executing: SMTP Authentication Required --
Sat 2024-06-22 06:00:03: --> 250 <>, Sender ok
Sat 2024-06-22 06:00:03: <-- RCPT TO:<mbsctr...@mbs.co.id>
Sat 2024-06-22 06:00:03: Found DISABLED user
Sat 2024-06-22 06:00:03: User is disabled: <mbsctr...@mbs.co.id>
Sat 2024-06-22 06:00:03: ========== Processing RCPT scripts for
recipient: mbsctr...@mbs.co.id
Sat 2024-06-22 06:00:03: -- Executing: Blocklist --
Sat 2024-06-22 06:00:03: -- Executing: Tarpitting --
Sat 2024-06-22 06:00:03: -- Executing: Relaying Denied --
Sat 2024-06-22 06:00:03: -- Executing: Invalid Recipient --
Sat 2024-06-22 06:00:03: ** Reject 550 <mbsctr...@mbs.co.id>, Recipient
unknown
Sat 2024-06-22 06:00:03: --> 550 <mbsctr...@mbs.co.id>, Recipient unknown
Sat 2024-06-22 06:00:03: <-- RSET
Sat 2024-06-22 06:00:03: --> 250 RSET? Well, OK.
Sat 2024-06-22 06:00:04: <-- RSET
Sat 2024-06-22 06:00:04: --> 250 RSET? Well, OK.
Sat 2024-06-22 06:00:04: <-- MAIL FROM:<> SIZE=40807 BODY=8BITMIME
Sat 2024-06-22 06:00:04: ========== Processing MAIL scripts
Sat 2024-06-22 06:00:04: -- Executing: Invalid Sender --
Sat 2024-06-22 06:00:04: -- Executing: IP Shield --
Sat 2024-06-22 06:00:04: -- Executing: MAIL DNS Lookup --
Sat 2024-06-22 06:00:04: -- Executing: SMTP Authentication Required --
Sat 2024-06-22 06:00:04: --> 250 <>, Sender ok
Sat 2024-06-22 06:00:04: <-- RCPT TO:<mbsctr...@mbs.co.id>
Sat 2024-06-22 06:00:04: Found DISABLED user
Sat 2024-06-22 06:00:04: User is disabled: <mbsctr...@mbs.co.id>
Sat 2024-06-22 06:00:04: ========== Processing RCPT scripts for
recipient: mbsctr...@mbs.co.id
Sat 2024-06-22 06:00:04: -- Executing: Blocklist --
Sat 2024-06-22 06:00:04: -- Executing: Tarpitting --
Sat 2024-06-22 06:00:04: -- Executing: Relaying Denied --
Sat 2024-06-22 06:00:04: -- Executing: Invalid Recipient --
Sat 2024-06-22 06:00:04: ** Reject 550 <mbsctr...@mbs.co.id>, Recipient
unknown
Sat 2024-06-22 06:00:04: --> 550 <mbsctr...@mbs.co.id>, Recipient unknown
Sat 2024-06-22 06:00:04: <-- RSET
Sat 2024-06-22 06:00:04: **** ALERT **** Sender has reached RSET dynamic
screening threshold
Sat 2024-06-22 06:00:04: --> 421 Too many RSET commands
Sat 2024-06-22 06:00:04: **** ALERT **** Connection from 172.16.100.14
refused by dynamic screening; 604800 second(s) remain
Sat 2024-06-22 06:00:04: SMTP session successful (Bytes in/out: 23194/1547)
--
--[mdaemon-l]----------------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia
Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.com
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 24.0.0, SecurityGateway 10.0.1