邮件系统日志查看方法

邮件收发的过程会体现在日志中,即可以通过查看日志文件来排查收发故障。日志文件在umail安装目录下的logs子目录下(umail/logs),下面的日志文件均以SMTP session successful代表成功。
在日志中,从左向右的箭头“→”代表你方服务器发送给对方的信息,从右向左的箭头“←”表示对方发送给你方的信息。
下面将以外发邮件内接邮件内部发给内部三种情况进行说明。


1
外发邮件(出站)日志查看步骤

邮件外发的过程,日志大致的经过步骤是:
SMTP-(in)→AntiVirus(
反病毒检测) →AntiSpam(反垃圾检测)→Content-Filter(内容过滤器检测)→Routing(路由)→SMTP-(out)
但一般查看SMTP-(in)→SMTP-(out)即可,详细步骤如下:

1)在邮件外发给外网邮箱没有收到的情况下,请收集发件人地址收件人地址发送时间

2)进入umail/logs目录下。 |

3)打开当天的smtpin)日志,并按快捷键“Ctrl+F”编辑---查找。输入收件人或发件人进行查找(对照时间)。

4)以下是smtpin)日志的具体分析。

Wed 2011-05-04 10:52:41: ----------
Wed 2011-05-04 10:52:50: Session 2885; child 1; thread 6648
Wed 2011-05-04 10:52:50: Accepting SMTP connection from [127.0.0.1:1122]
连接是从127.0.0.1本地发起的。

Wed 2011-05-04 10:52:50: --> 220 ESMTP READY
Wed 2011-05-04 10:52:50: <-- EHLO U-Mail 
Wed 2011-05-04 10:52:50: --> 250-mail.comingchina.com Hello U-Mail, pleased to meet
Wed 2011-05-04 10:52:50: --> 250-ETRN
Wed 2011-05-04 10:52:50: --> 250-AUTH=LOGIN
Wed 2011-05-04 10:52:50: --> 250-AUTH LOGIN
Wed 2011-05-04 10:52:50: --> 250-8BITMIME
Wed 2011-05-04 10:52:50: --> 250 SIZE 0
Wed 2011-05-04 10:52:50: <-- AUTH LOGIN
Wed 2011-05-04 10:52:50: --> 334 VXNlcm5hbWU6
Wed 2011-05-04 10:52:50: <-- bmFuY3l6aG91QHp5bC5uZXQuY24=
Wed 2011-05-04 10:52:50: --> 334 UGFzc3dvcmQ6
Wed 2011-05-04 10:52:50: <-- ******
Wed 2011-05-04 10:52:50: --> 235 Authentication successful
U-Mail
邮件系统的一些认证等系统信息

Wed 2011-05-04 10:52:50: Authenticated as [email protected]
Wed 2011-05-04 10:52:50: <-- MAIL FROM: [email protected]
发件人是[email protected]

Wed 2011-05-04 10:52:50: --> 250 <[email protected]>, Sender ok
Wed 2011-05-04 10:52:50: <-- RCPT TO: <[email protected]>
Wed 2011-05-04 10:52:50: --> 250 <[email protected]>, Recipient ok
Wed 2011-05-04 10:52:50: <-- DATA
收件人是[email protected] 

Wed 2011-05-0410:52:50:Creating tempfile(SMTP):e:\umail\queues\temp\md5003945.tmp
Wed 2011-05-04 10:52:50: --> 354 Enter mail, end with <CRLF>.<CRLF>
Wed 2011-05-04 10:52:50: Message size: 151764 bytes
创建邮件的过程

Wed 2011-05-04 10:52:50: Passing message through AntiVirus (Size: 151764)...
Wed 2011-05-04 10:52:50: *  Message is clean (no viruses found)
Wed 2011-05-04 10:52:50: ---- End AntiVirus results
Wed 2011-05-04 10:52:50: Passing message to SmtpHook plugin
Wed2011-05-0410:52:50:fnSMTPMessageFuncNowprocessing:e:\umail\queues\temp\md50003940045.tmp
Wed2011-05-0410:52:50:Messagecreationsuccessful:e:\umail\queues\inbound\md50000104217.msg
Wed2011-05-0410:52:50:-->250Ok,messagesaved<Message-ID:1ED6394AFE03482980C5D258864BD8A5@IBMX61>
Wed 2011-05-04 10:52:50: <-- QUIT
Wed 2011-05-04 10:52:50: --> 221 See ya in cyberspace
反病毒及系统方面的检测

Wed 2011-05-04 10:52:50: SMTP session successful (Bytes in/out: 151916/435)
Wed 2011-05-04 10:52:50: ----------
如果最后提示SMTP session successful那表明in日志是成功的(即邮件已经成功发送到远程队列),接下来查看outl日志。

5)如果smtpin)日志显示“SMTP session successful”字符,那么查看smtpout)日志。

6)打开当天的smtpout)日志,并按快捷键“Ctrl+F”编辑---查找。输入收件人或发件人进行查找(对照时间)。

7)以下是smtpout)日志的具体分析。

wed 2011-05-04 10:52:47: ----------
Wed 2011-05-04 10:53:04: Session 2888; child 1
Wed2011-05-04 10:52:52: Parsing message <e:\umail\queues\remote\pd35000136919.msg>
Wed 2011-05-04 10:52:52: *  From: [email protected]
Wed 2011-05-04 10:52:52: *  To: [email protected]
Wed2011-05-0410:52:52:*Subject:=?gb2312?B?Rnc6IHtTcGFtP30gUmU6ICCxsbqj1sG38Mm9L4yOsqgvzEvW3S/J7tvaIA==?= =?gb2312?B?s/bYm8G/?=
Wed2011-05-0410:52:52:*Message-ID:<1ED6394AFE03482980C5D258864B@IBMX61>
发件人、收件人、主题等信息

Wed2011-05-0410:52:52: Attempting SMTP connection to [126.com]
Wed 2011-05-04 10:52:53: Resolving MX records for [126.com] (DNS Server: 61.144.56.101)...
Wed2011-05-0410:52:53:*P=010S=000D=126.comTTL=(55)MX=[126mx01.mxmail.netease.com] {220.181.15.138}
解析收件方域名的MX记录与A记录(这里为126.com

Wed 2011-05-04 10:52:53: Attempting SMTP connection to [220.181.15.138:25]
Wed 2011-05-04 10:52:53: Waiting for socket connection...
Wed2011-05-0410:52:53:*Connectionestablished(192.168.1.183:2612 -220.181.15.138:25)
Wed 2011-05-04 10:52:53: Waiting for protocol to start...
连接收件方服务器的25端口

Wed2011-05-0410:53:01:<--220126.comAnti-spamGTforCoremailSystem(126com[20101010])
Wed 2011-05-04 10:53:01: --> EHLO mail.comingchina.com
Wed 2011-05-04 10:53:01: <-- 250-mail
Wed 2011-05-04 10:53:01: <-- 250-PIPELINING
Wed 2011-05-04 10:53:01: <-- 250-AUTH LOGIN PLAIN
Wed 2011-05-04 10:53:01: <-- 250-AUTH=LOGIN PLAIN
Wed2011-05-0410:53:01:<--250-coremail1Uxr2xKj7kG0xkI17xGrU7I0s8FY2U3Uj8Cz28x1UUUUU7Ic2I0Y2UrU5JizUCa0xDrUUUUj
Wed 2011-05-04 10:53:01: <-- 250 8BITMIME
发件方邮件系统与收件方邮件系统的一些握手信息

Wed 2011-05-04 10:53:01: --> MAIL From:<[email protected]>
Wed 2011-05-04 10:53:01: <-- 250 Mail OK
Wed 2011-05-04 10:53:01: --> RCPT To:<[email protected]>
Wed 2011-05-04 10:53:02: <-- 250  <[email protected]>... Recipient ok
Wed 2011-05-04 10:53:02: --> DATA
Wed 2011-05-04 10:53:02: <-- 354 Enter mail, end with "." on a line by itself
上述表明收件人是[email protected],并且存在该收件人

Wed2011-05-0410:53:02:Sending<e:\umail\queues\remote\pd35000136919.msg>to[220.181.15.138]
Wed 2011-05-04 10:53:03: Transfer Complete
Wed 2011-05-04 10:53:04: <-- 250 2.0.0 p441lm7L013317 Message accepted for delivery
Wed 2011-05-04 10:53:04: --> QUIT
创建邮件,并发送邮件到收件人

Wed 2011-05-04 10:53:04: <-- 221 2.0.0 ssg2 closing connection
Wed 2011-05-04 10:53:04: SMTP session successful (Bytes in/out: 505/152474)
Wed 2011-05-04 10:53:04: ----------
如果最后提示SMTP session successful那表明邮件已经发送成功了,已经到达收件方服务器了。

8)如果smtpout)日志显示“SMTP session successful”字符,那么代表邮件已成功发送给收件人(已成功从远程队列发出给收件人了)。

 

2内接邮件(入站)日志查看步骤

邮件内接(别人发给你)的过程,日志的经过步骤是:
SMTP-(in)---AntiVirus(
反病毒检测)---AntiSpam(反垃圾检测)---Content-Filter(内容过滤器检测)---Routing(路由) 
但一般查看SMTP-(in)即可,详细步骤如下:

1)在别人发送邮件给您没有收到的情况下。请收集发件人地址收件人地址发送时间

2)进入umail/logs目录下。 

3)打开当天的smtpin)日志,并按快捷键“Ctrl+F”编辑---查找。输入收件人或发件人进行查找(对照时间)。

4)以下是smtpin)日志的具体分析

Wed 2011-05-04 10:49:51: ----------
Wed 2011-05-04 10:50:28: Session 2752; child 1; thread 79944
Wed 2011-05-04 10:49:54: Accepting SMTP connection from [93.152.162.153:4443]
Wed 2011-05-04 10:49:54: --> 220 ESMTP READY
Wed 2011-05-04 10:49:55: <-- HELO 126.com
Wed 2011-05-04 10:49:55: EHLO/HELO response delayed 10 seconds
发送方连接到您们服务器

Wed 2011-05-04 10:50:05: --> 250 mail.comingchina.com Hello 126.com, pleased to meet
Wed 2011-05-04 10:50:06: <-- MAIL FROM: <[email protected]>
Wed 2011-05-04 10:50:06: Performing IP lookup (126.com)
Wed 2011-05-04 10:50:06: *  D=126.com TTL=(60) A=[207.155.222.58]
Wed2011-05-0410:50:07:*P=010S=000D=126.comTTL=(60)MX=[126mx01.mxmail.netease.com]
Wed 2011-05-04 10:50:07: *  D=126.com TTL=(52) A=[207.155.222.58]
Wed 2011-05-04 10:50:07: ---- End IP lookup results
解析发件人的MX记录与A记录(这里是126.com

Wed 2011-05-04 10:50:07: Performing SPF lookup (fujibedford.com / 93.152.162.153)
Wed 2011-05-04 10:50:17: *  DNS: 10 second wait for DNS response exceeded 
Wed 2011-05-04 10:50:17: *  Result: none; no SPF record in DNS
Wed 2011-05-04 10:50:17: ---- End SPF results
检测发件方域名的SPF记录,SPF是一项反垃圾技术

Wed 2011-05-04 10:50:17: --> 250 <[email protected]>, Sender ok
Wed 2011-05-04 10:50:18: <-- RCPT TO: [email protected]
邮件发件者、接收者地址

Wed 2011-05-04 10:50:18: Performing DNS-BL lookup (93.152.162.153 - connecting IP)
Wed 2011-05-04 10:50:18: *  zen.spamhaus.org - failed
Wed 2011-05-04 10:50:19: *  cblless.anti-spam.org.cn - failed
Wed 2011-05-04 10:50:19: ---- End DNS-BL results
对发件方域名或IP地址进行DNS-BL检测,这也是一项反垃圾技术

Wed 2011-05-04 10:50:19: --> 250 <[email protected]>, Recipient ok
Wed 2011-05-04 10:50:23: <-- DATA
Wed 2011-05-0410:50:23:Creatingtempfile(SMTP):e:\umail\queues\temp\md5003858.tmp
Wed 2011-05-04 10:50:23: --> 354 Enter mail, end with <CRLF>.<CRLF>
Wed 2011-05-04 10:50:24: Message size: 585 bytes
发件方发送邮件到U-Mail

Wed 2011-05-04 10:50:24: Performing DKIM lookup
Wed 2011-05-04 10:50:24: *  File: e:\umail\queues\temp\md50003939858.tmp
Wed 2011-05-04 10:50:24: *  Message-ID: 33e28m71s90-59713048-350k4s35@tdmrdei
Wed 2011-05-04 10:50:24: *  Result: neutral
Wed 2011-05-04 10:50:24: ---- End DKIM results
Wed 2011-05-04 10:50:24: Performing DomainKeys lookup (Sender: [email protected])
Wed 2011-05-04 10:50:24: *  File: e:\umail\queues\temp\md50003939858.tmp
Wed 2011-05-04 10:50:24: *  Message-ID: 33e28m71s90-59713048-350k4s35@tdmrdei
Wed 2011-05-04 10:50:24: *  Querying for policy: 126.com
Wed 2011-05-04 10:50:24: *    Querying: _domainkey.126.com ...
Wed 2011-05-04 10:50:25: *    DNS: *  Name server reports domain name unknown
Wed 2011-05-04 10:50:25: *  Result: neutral
Wed 2011-05-04 10:50:25: ---- End DomainKeys results
系统方面的检测

Wed 2011-05-04 10:50:25: Passing message through AntiVirus (Size: 585)...
Wed 2011-05-04 10:50:25: *  Message is clean (no viruses found)
Wed 2011-05-04 10:50:25: ---- End AntiVirus results
对发件方发送过来的邮件进行反病毒检测

Wed 2011-05-04 10:50:25: Passing message through Outbreak Protection...
Wed 2011-05-04 10:50:25: *  Message-ID: 33e28m71s90-59713048-350k4s35@tdmrdei
Wed 2011-05-04 10:50:25: *  Reference-ID: fgs=0
Wed 2011-05-04 10:50:25: *  Virus result: 0 - Clean
Wed 2011-05-04 10:50:25: *  Spam result: 1 - Clean
Wed 2011-05-04 10:50:25: *  IWF result: 0 - Clean
Wed 2011-05-04 10:50:25: ---- End Outbreak Protection results
Wed 2011-05-04 10:50:25: Passing message to SmtpHook plugin
Wed2011-05-0410:50:25:fnSMTPMessageFuncNowprocessing:e:\umail\queues\temp\md50003939858.tmp
系统方面的检测

Wed 2011-05-04 10:50:25: Passing message through Spam Filter (Size: 585)...
Wed 2011-05-04 10:50:27: *  3.0 MDAEMON_DNSBL MDaemon: marked by MDaemon's DNSBL
Wed 2011-05-04 10:50:27: *  0.7 DATE_IN_PAST_06_12 Date: is 6 to 12 hours before Received: date
Wed 2011-05-04 10:50:27: *  3.1 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
Wed 2011-05-04 10:50:27: *      [93.152.162.153 listed in zen.spamhaus.org]
Wed 2011-05-04 10:50:27: *  1.0 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
Wed 2011-05-04 10:50:27: *      [93.152.162.153 listed in zen.spamhaus.org]
Wed 2011-05-04 10:50:27: *  3.0 URIBL_BLACK Contains a URL listed in the URIBL.com blacklist
Wed 2011-05-04 10:50:27: *      [URIs: penisbigmiracle.ru]
Wed 2011-05-04 10:50:27: ---- End SpamAssassin results
Wed 2011-05-04 10:50:27: Spam Filter score/req: 10.90/12.0
(前面的分小于后面的分)
Wed2011-05-0410:50:27:Messagecreationsuccessful:e:\umail\queues\inbound\md50000104212.msg
Wed2011-05-0410:50:27:-->250Ok,messagesaved<Message-ID:33e28m71s90-59713048-350k4s35@tdmrdei>
Wed 2011-05-04 10:50:28: <-- QUIT
Wed 2011-05-04 10:50:28: --> 221 See ya in cyberspace
计算邮件的分值(评分机制)

Wed 2011-05-04 10:50:28: SMTP session successful (Bytes in/out: 764/395)
Wed 2011-05-04 10:50:28: ----------
如果最后提示SMTP session successful那表明邮件已经接收成功了,已经到达您邮箱。


3
内部发给内部日志查看步骤

内部发给内部(即本域发给本域)的过程,日志的经过步骤是: 
SMTP-(in)---AntiVirus(
反病毒检测)---AntiSpam(反垃圾检测)---Content-Filter(内容过滤器检测)---Routing(路由) 
但一般查看SMTP-(in)即可,详细步骤如下:


1)在内部发给内部没有收到的情况下,请收集发件人地址收件人地址发送时间

2)进入umail/logs目录下。

3)打开当天的smtpin)日志,并按快捷键“Ctrl+F”编辑---查找。输入收件人或发件人进行查找(对照时间)。

4)以下是smtpin)日志的具体分析。

Fri 2011-07-22 17:33:47: ----------
Fri 2011-07-22 17:34:40: Session 100; child 1; thread 2372
Fri 2011-07-22 17:34:40: Accepting SMTP connection from [127.0.0.1:1921]
连接是从127.0.0.1本地发起的。

Fri 2011-07-22 17:34:40: --> 220 ESMTP READY
Fri 2011-07-22 17:34:40: <-- EHLO U-Mail WebMail
Fri 2011-07-22 17:34:40: --> 250-domain.com Hello U-Mail WebMail, pleased to meet
Fri 2011-07-22 17:34:40: --> 250-ETRN
Fri 2011-07-22 17:34:40: --> 250-AUTH=LOGIN
Fri 2011-07-22 17:34:40: --> 250-AUTH LOGIN
Fri 2011-07-22 17:34:40: --> 250-8BITMIME
Fri 2011-07-22 17:34:40: --> 250 SIZE 0
Fri 2011-07-22 17:34:40: <-- AUTH LOGIN YWFhQGRvbWFpbi5jb20=
Fri 2011-07-22 17:34:40: --> 334 UGFzc3dvcmQ6
Fri 2011-07-22 17:34:40: <-- ******
邮件服务器的一些认证等系统信息

Fri 2011-07-22 17:34:40: --> 235 Authentication successful
Fri 2011-07-22 17:34:40: Authenticated as [email protected]
Fri 2011-07-22 17:34:40: <-- MAIL FROM: <[email protected]> SIZE=880
Fri 2011-07-22 17:34:40: --> 250 <[email protected]>, Sender ok
Fri 2011-07-22 17:34:40: <-- RCPT TO: <[email protected]>
Fri 2011-07-22 17:34:40: --> 250 <[email protected]>, Recipient ok
Fri 2011-07-22 17:34:40: <-- DATA
发件人是[email protected],收件人是[email protected]

Fri2011-07-2217:34:40:Creatingtempfile(SMTP):c:\umail\queues\temp\md50000000005.tmp
Fri 2011-07-22 17:34:40: --> 354 Enter mail, end with <CRLF>.<CRLF>
Fri 2011-07-22 17:34:40: Message size: 882 bytes
创建邮件的过程

Fri 2011-07-22 17:34:40: Passing message through AntiVirus (Size: 882)...
Fri 2011-07-22 17:34:40: *  Message is clean (no viruses found)
Fri 2011-07-22 17:34:40: ---- End AntiVirus results
对邮件进行反病毒检测

Fri2011-07-2217:34:40:Messagecreationsuccessful:c:\umail\queues\inbound\md50000000004.msg
Fri2011-07-2217:34:40:-->250Ok,messagesaved<Message-ID:[email protected]>
Fri 2011-07-22 17:34:40: <-- QUIT
Fri 2011-07-22 17:34:40: --> 221 See ya in cyberspace
Fri 2011-07-22 17:34:40: SMTP session successful (Bytes in/out: 1033/415)
Fri 2011-07-22 17:34:40: ----------
如果最后提示SMTP session successful那表明邮件已经发送成功了,对方已收到。

你可能感兴趣的:(邮件服务器,邮件系统,邮件服务器软件,webmail,邮箱系统)