>> Iya benar pak Syafril, seperti link address yang bapak kirimkan error
>> messagenya, apakah ada cara untuk melimit pengiriman email dari >> mdaemon misal dalam 1 jam bisa utk 200 email saja. mohon arahan >> masukkan >Itu artinya MDaemon di set always relay to smarthost ya? > https://mdaemon.dutaint.com/mdaemon/24.5.0/default-domain-and-servers_delivery.html Betul pak >[x] Send all outbound email to a smart host >Smarthost yang punya karakteristik macam ini adalah yang pakai Exim MTA. >Exim MTA mempunyai fitur tersebut sebagai pencegahan terhadap Account yang diduga ter hijack (compromise) digunakan oleh spammer untuk broadcast spam melalui SMTPRelay server. > https://support.cpanel.net/hc/en-us/articles/360049231233-Unable-to-send-email-Domain-example-tld-has-exceeded-the-max-defers-and-failures-per-hour >Jadi selama client server (dhi MDaemon) tidak broadcast spam melalui smtprelay exim MTA tidak akan terkena limitasi tersebut. >Di MDaemon juga ada fitur yang serupa, yang disebut account hijack detection. >https://mdaemon.dutaint.com/mdaemon/24.5.0/security--hijack_detection.html >Account Hijack Detection >The options on this screen can be used to detect a possibly hijacked MDaemon account and automatically prevent it from sending messages through your server. For example, if a >spammer somehow obtained an account's email address and password then this feature could prevent the spammer from using the account to send bulk junk e-mail through your >system. You can designate a maximum number of messages that may be sent by an account in a given number of minutes, based on the IP address from which it is connecting. You >can also choose to disable accounts that reach the limit. There is also an Exempt List that can be used to exempt certain addresses from this restriction. Account Hijack Detection is >enabled by default. >Kalau dinginkan MDaemon tidak brodcast mail lebih dari 200 message per hour tinggal lakukan penyesuaian. >Limit messages sent from all other IPs to 200 msgs in 60 minutes Kalo pengiriman email lebih dari 200 messages in 60 menit maka email selanjutnya akan kepending ya pak?atau masuk folder tertentu? Kemudian akan mengirimkan kembali setelah 60 menit secara otomatis? >atau >Limit messages sent from all other IPs to 20 msgs in 6 minutes >dan pastikan tidak ada akun yang masuk dalam pengecualian (exempt list) >Exempt List >Use the Exempt List to designate any addresses that you wish to exempt from Account Hijack Detection. Wildcards are permitted. For example, " [email protected]" would >exempt example.com's "newsletters" >MDaemon account, while "*@newsletters.example.com" would exempt all MDaemon accounts belonging to the newsletters.example.com domain. The Postmaster account is >automatically exempt from Account Hijack Detection. >Hijack detection diatas adalah tindakan pencegahan setelah akun terhijack. >Akan lebih baik dilakukan pencegahan terhadap akun ter hijack, antra lain dengan >1. Semua user diharapkan pakai strong password. >https://mdaemon.dutaint.com/mdaemon/24.5.0/passwords.html >2. Membatasi akses mail berdasar lokasi > https://mdaemon.dutaint.com/mdaemon/24.5.0/screening_location-screening.html >3. Mencegah hacker melakukan usaha menebak username/password yang valid di MDaemon. >+ Mewajibkan user mengaktifkan SMTPAuthectication untuk kirim mail >melalui MDaemon >+ Mencegah authenticate on smtp port 25 > https://mdaemon.dutaint.com/mdaemon/24.5.0/security--smtp_authentication.html >+ Keharusan user pakai secure connection, mencegah penggunaan script >kiddies dari hacker. > https://mdaemon.dutaint.com/mdaemon/24.5.0/default-domain-and-servers_servers.html >[ ] Allow plain text passwords >This option governs whether or not MDaemon will accept passwords sent in >plain text to the SMTP, IMAP, or POP3 servers. If disabled, the POP3 >USER, POP3 PASS, IMAP LOGIN, IMAP AUTH LOGIN, and SMTP AUTH LOGIN >commands will return an error unless the connection is using SSL. >4. Authentication failure monitoring >https://mdaemon.dutaint.com/mdaemon/24.5.0/dynamic-screening_options.html >Enable Authentication Failure Tracking >When this option is enabled, the Dynamic Screening service will track >authentication failures for the protocols designated on the Protocols >tab and perform actions determined by the options on the Auth Failure >Tracking tab. This option is enabled by default. >Enable Dynamic Screening Block List >This option turns on the Dynamic Screening service's ability to block IP >addresses and ranges. You can manage the block list from the Dynamic >Block List tab. The block list option is on by default. >Enable Dynamic Screening Allow List >This option turns on the Dynamic Screening service's Dynamic Allow List >feature, which you can use to exempt IP addresses and ranges, to exclude >them from Dynamic Screening. The allow list is on by default. >Block Logon Policy Violations >By default MDaemon requires accounts to use their full email address >when logging in instead of just the mailbox portion of their address >(e.g. they must use "[email protected]" instead of just "user1"). This >is controlled by the "Servers require full email address for >authentication" option on the Systems page. When that option is on, you >can also turn on this Block Logon Policy. >https://mdaemon.dutaint.com/mdaemon/24.5.0/preferences_system.html >[x] Servers require full email address for authentication >5. Penerapan HTTP Strict Transport Security di webmail dan remote >administration. > https://knowledge.mdaemon.com/enable-hsts-in-mdaemon-for-webmail-and-remote-administration >Prakteknya seperti ini di MDaemon versi lama >https://www.mail-archive.com/[email protected]/msg41277.html >https://www.mail-archive.com/[email protected]/msg41278.html >https://www.mail-archive.com/[email protected]/msg41279.html On Sat, Nov 30, 2024 at 6:35 PM Syafril Hermansyah via Mdaemon-L < [email protected]> wrote: > On 29/11/24 14.19, Reza S wrote: > --- > Mohon tidak posting dengan top posting style di milis ini, selalu > gunakan bottom (interleaved) posting untuk memudahkan pembacaan. > > https://blog.joelesler.net/2009/12/bottom-posting.html > > The particular part to pay attention to is in RFC1855 -- > > "- If you are sending a reply to a message or a posting be sure you > summarize the original at the top of the message, or include just > enough text of the original to give a context. This will make > sure readers understand when they start to read your response. > Since NetNews, especially, is proliferated by distributing the > postings from one host to another, it is possible to see a > response to a message before seeing the original. Giving context > helps everyone. But do not include the entire original!" > > http://daringfireball.net/2007/07/on_top > > The fundamental source of poor email style is the practice of quoting > the entire message you’re replying to. If that’s what you do, then it > doesn’t matter whether you put your response at the top or bottom. In > fact, if you’re going to quote the entire message, top-posting probably > is better. But both are poor form. > > Writing an email is like writing an article. Only quote the relevant > parts, interspersing your new remarks between the quoted passages. Don’t > quote anything at all from the original message if you don’t have to. > > Does it take more time to edit the portions of quoted text included in > your reply? Yes. So does spell-checking and proofreading. It also takes > time to shower and brush your teeth each day. > > Gunakan fitur di webmail gmail (atau gmail apps) untuk kemudahan > melakukan bottom posting dan pemangkasan (trimming) teks. > > > http://webapps.stackexchange.com/questions/49884/how-to-insert-a-reply-inline-in-gmail > --- > > > Iya benar pak Syafril, seperti link address yang bapak kirimkan error > > messagenya, apakah ada cara untuk melimit pengiriman email dari mdaemon > > misal dalam 1 jam bisa utk 200 email saja. mohon arahan masukkan > > > Itu artinya MDaemon di set always relay to smarthost ya? > > > https://mdaemon.dutaint.com/mdaemon/24.5.0/default-domain-and-servers_delivery.html > > [x] Send all outbound email to a smart host > > Smarthost yang punya karakteristik macam ini adalah yang pakai Exim MTA. > > Exim MTA mempunyai fitur tersebut sebagai pencegahan terhadap Account > yang diduga ter hijack (compromise) digunakan oleh spammer untuk > broadcast spam melalui SMTPRelay server. > > > https://support.cpanel.net/hc/en-us/articles/360049231233-Unable-to-send-email-Domain-example-tld-has-exceeded-the-max-defers-and-failures-per-hour > > Jadi selama client server (dhi MDaemon) tidak broadcast spam melalui > smtprelay exim MTA tidak akan terkena limitasi tersebut. > Di MDaemon juga ada fitur yang serupa, yang disebut account hijack > detection. > > https://mdaemon.dutaint.com/mdaemon/24.5.0/security--hijack_detection.html > > Account Hijack Detection > > The options on this screen can be used to detect a possibly hijacked > MDaemon account and automatically prevent it from sending messages > through your server. For example, if a spammer somehow obtained an > account's email address and password then this feature could prevent the > spammer from using the account to send bulk junk e-mail through your > system. You can designate a maximum number of messages that may be sent > by an account in a given number of minutes, based on the IP address from > which it is connecting. You can also choose to disable accounts that > reach the limit. There is also an Exempt List that can be used to exempt > certain addresses from this restriction. Account Hijack Detection is > enabled by default. > > Kalau dinginkan MDaemon tidak brodcast mail lebih dari 200 message per > hour tinggal lakukan penyesuaian. > > Limit messages sent from all other IPs to 200 msgs in 60 minutes > > atau > > Limit messages sent from all other IPs to 20 msgs in 6 minutes > > dan pastikan tidak ada akun yang masuk dalam pengecualian (exempt list) > > Exempt List > > Use the Exempt List to designate any addresses that you wish to exempt > from Account Hijack Detection. Wildcards are permitted. For example, > "[email protected]" would exempt example.com's "newsletters" > MDaemon account, while "*@newsletters.example.com" would exempt all > MDaemon accounts belonging to the newsletters.example.com domain. The > Postmaster account is automatically exempt from Account Hijack Detection. > > Hijack detection diatas adalah tindakan pencegahan setelah akun terhijack. > Akan lebih baik dilakukan pencegahan terhadap akun ter hijack, antra > lain dengan > > 1. Semua user diharapkan pakai strong password. > > https://mdaemon.dutaint.com/mdaemon/24.5.0/passwords.html > > 2. Membatasi akses mail berdasar lokasi > > > https://mdaemon.dutaint.com/mdaemon/24.5.0/screening_location-screening.html > > 3. Mencegah hacker melakukan usaha menebak username/password yang valid > di MDaemon. > > + Mewajibkan user mengaktifkan SMTPAuthectication untuk kirim mail > melalui MDaemon > + Mencegah authenticate on smtp port 25 > > > https://mdaemon.dutaint.com/mdaemon/24.5.0/security--smtp_authentication.html > > + Keharusan user pakai secure connection, mencegah penggunaan script > kiddies dari hacker. > > > https://mdaemon.dutaint.com/mdaemon/24.5.0/default-domain-and-servers_servers.html > > > [ ] Allow plain text passwords > > This option governs whether or not MDaemon will accept passwords sent in > plain text to the SMTP, IMAP, or POP3 servers. If disabled, the POP3 > USER, POP3 PASS, IMAP LOGIN, IMAP AUTH LOGIN, and SMTP AUTH LOGIN > commands will return an error unless the connection is using SSL. > > 4. Authentication failure monitoring > > https://mdaemon.dutaint.com/mdaemon/24.5.0/dynamic-screening_options.html > > Enable Authentication Failure Tracking > > When this option is enabled, the Dynamic Screening service will track > authentication failures for the protocols designated on the Protocols > tab and perform actions determined by the options on the Auth Failure > Tracking tab. This option is enabled by default. > > Enable Dynamic Screening Block List > > This option turns on the Dynamic Screening service's ability to block IP > addresses and ranges. You can manage the block list from the Dynamic > Block List tab. The block list option is on by default. > > Enable Dynamic Screening Allow List > > This option turns on the Dynamic Screening service's Dynamic Allow List > feature, which you can use to exempt IP addresses and ranges, to exclude > them from Dynamic Screening. The allow list is on by default. > > Block Logon Policy Violations > > By default MDaemon requires accounts to use their full email address > when logging in instead of just the mailbox portion of their address > (e.g. they must use "[email protected]" instead of just "user1"). This > is controlled by the "Servers require full email address for > authentication" option on the Systems page. When that option is on, you > can also turn on this Block Logon Policy. > > https://mdaemon.dutaint.com/mdaemon/24.5.0/preferences_system.html > > [x] Servers require full email address for authentication > > 5. Penerapan HTTP Strict Transport Security di webmail dan remote > administration. > > > https://knowledge.mdaemon.com/enable-hsts-in-mdaemon-for-webmail-and-remote-administration > > Prakteknya seperti ini di MDaemon versi lama > > https://www.mail-archive.com/[email protected]/msg42185.html > https://www.mail-archive.com/[email protected]/msg42186.html > https://www.mail-archive.com/[email protected]/msg43055.html > > > > -- > syafril > ------- > Syafril Hermansyah > > MDaemon-L Moderator, run MDaemon 24.5.2 > Mohon tidak kirim private mail (atau cc:) untuk masalah MDaemon. > > To live is to change, and to be perfect is to change often. > -- John Henry > > > -- > --[mdaemon-l]---------------------------------------------------------- > Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia > > Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette > Arsip: http://mdaemon-l.dutaint.com > Dokumentasi : http://mdaemon.dutaint.com > Berlangganan: Kirim mail ke [email protected] > Henti Langgan: Kirim mail ke [email protected] > Versi terakhir: MDaemon 24.5.2, SecurityGateway 10.5.2 > > > -- --[mdaemon-l]---------------------------------------------------------- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.com Berlangganan: Kirim mail ke [email protected] Henti Langgan: Kirim mail ke [email protected] Versi terakhir: MDaemon 24.5.2, SecurityGateway 10.5.2
