郵件收發(fā)的過程會體現(xiàn)在日志中��,即可以通過查看日志文件來排查收發(fā)故障�����。日志文件在umail安裝目錄下的logs子目錄下(umail/logs)����,下面的日志文件均以SMTP session successful代表成功。在日志中���,從左向右的箭頭“→”代表你方服務器發(fā)送給對方的信息���,從右向左的箭頭“←”表示對方發(fā)送給你方的信息。
下面將以“外發(fā)郵件”�、“內(nèi)接郵件”和“內(nèi)部發(fā)給內(nèi)部”三種情況進行說明。
1、“外發(fā)郵件(出站)”日志查看步驟
郵件外發(fā)的過程��,日志大致的經(jīng)過步驟是:
SMTP-(in)→AntiVirus(反病毒檢測) →AntiSpam(反垃圾檢測)→Content-Filter(內(nèi)容過濾器檢測)→Routing(路由)→SMTP-(out)�����。
但一般查看SMTP-(in)→SMTP-(out)即可�,詳細步驟如下:
(1)在郵件外發(fā)給外網(wǎng)郵箱沒有收到的情況下,請收集“發(fā)件人地址”�����、“收件人地址”和“發(fā)送時間”�����。
(2)進入umail/logs目錄下
(3)打開當天的smtp(in)日志�����,并按快捷鍵“Ctrl+F”或“編輯---查找”���。輸入收件人或發(fā)件人進行查找(對照時間)�����。
(4)以下是smtp(in)日志的具體分析���。
Wed 2011-05-04 10:52:41: ----------
Wed 2011-05-04 10:52:50: Session 2885; child 1; thread 6648
Wed 2011-05-04 10:52:50: Accepting SMTP connection from [127.0.0.1:1122]
連接是從127.0.0.1本地發(fā)起的���。
Wed 2011-05-04 10:52:50: --> 220 ESMTP READY
Wed 2011-05-04 10:52:50: <-- EHLO U-Mail
Wed 2011-05-04 10:52:50: --> 250-mail.comingchina.com Hello U-Mail, pleased to meet
Wed 2011-05-04 10:52:50: --> 250-ETRN
Wed 2011-05-04 10:52:50: --> 250-AUTH=LOGIN
Wed 2011-05-04 10:52:50: --> 250-AUTH LOGIN
Wed 2011-05-04 10:52:50: --> 250-8BITMIME
Wed 2011-05-04 10:52:50: --> 250 SIZE 0
Wed 2011-05-04 10:52:50: <-- AUTH LOGIN
Wed 2011-05-04 10:52:50: --> 334 VXNlcm5hbWU6
Wed 2011-05-04 10:52:50: <-- bmFuY3l6aG91QHp5bC5uZXQuY24=
Wed 2011-05-04 10:52:50: --> 334 UGFzc3dvcmQ6
Wed 2011-05-04 10:52:50: <-- ******
Wed 2011-05-04 10:52:50: --> 235 Authentication successful
U-Mail郵件系統(tǒng)的一些認證等系統(tǒng)信息
Wed 2011-05-04 10:52:50: Authenticated as zzz@comingchina.com
Wed 2011-05-04 10:52:50: <-- MAIL FROM: zzz@comingchina.com
發(fā)件人是zzz@comingchina.com
Wed 2011-05-04 10:52:50: --> 250 <zzz@comingchina.com>, Sender ok
Wed 2011-05-04 10:52:50: <-- RCPT TO: <umailtest@126.com>
Wed 2011-05-04 10:52:50: --> 250 <umailtest@126.com>, Recipient ok
Wed 2011-05-04 10:52:50: <-- DATA
收件人是umailtest@126.com
Wed 2011-05-0410:52:50:Creating tempfile(SMTP):e:\umail\queues\temp\md5003945.tmp
Wed 2011-05-04 10:52:50: --> 354 Enter mail, end with <CRLF>.<CRLF>
Wed 2011-05-04 10:52:50: Message size: 151764 bytes
創(chuàng)建郵件的過程
Wed 2011-05-04 10:52:50: Passing message through AntiVirus (Size: 151764)...
Wed 2011-05-04 10:52:50: * Message is clean (no viruses found)
Wed 2011-05-04 10:52:50: ---- End AntiVirus results
Wed 2011-05-04 10:52:50: Passing message to SmtpHook plugin
Wed2011-05-0410:52:50:fnSMTPMessageFuncNowprocessing:e:\umail\queues\temp\md50003940045.tmp
Wed2011-05-0410:52:50:Messagecreationsuccessful:e:\umail\queues\inbound\md50000104217.msg
Wed2011-05-0410:52:50:-->250Ok,messagesaved<Message-ID:1ED6394AFE03482980C5D258864BD8A5@IBMX61>
Wed 2011-05-04 10:52:50: <-- QUIT
Wed 2011-05-04 10:52:50: --> 221 See ya in cyberspace
反病毒及系統(tǒng)方面的檢測
Wed 2011-05-04 10:52:50: SMTP session successful (Bytes in/out: 151916/435)
Wed 2011-05-04 10:52:50: ----------
如果后提示SMTP session successful那表明in日志是成功的(即郵件已經(jīng)成功發(fā)送到遠程隊列),接下來查看outl日志�。
(5)如果smtp(in)日志顯示“SMTP session successful”字符��,那么查看smtp(out)日志�����。
(6)打開當天的smtp(out)日志���,并按快捷鍵“Ctrl+F”或“編輯---查找”��。輸入收件人或發(fā)件人進行查找(對照時間)��。
(7)以下是smtp(out)日志的具體分析�。
wed 2011-05-04 10:52:47: ----------
Wed 2011-05-04 10:53:04: Session 2888; child 1
Wed2011-05-04 10:52:52: Parsing message <e:\umail\queues\remote\pd35000136919.msg>
Wed 2011-05-04 10:52:52: * From: zzz@comingchina.com
Wed 2011-05-04 10:52:52: * To: umailtest@126.com
Wed2011-05-0410:52:52:*Subject:=?gb2312?B?Rnc6IHtTcGFtP30gUmU6ICCxsbqj1sG38Mm9L4yOsqgvzEvW3S/J7tvaIA==?= =?gb2312?B?s/bYm8G/?=
Wed2011-05-0410:52:52:*Message-ID:<1ED6394AFE03482980C5D258864B@IBMX61>
發(fā)件人��、收件人��、主題等信息
Wed2011-05-0410:52:52: Attempting SMTP connection to [126.com]
Wed 2011-05-04 10:52:53: Resolving MX records for [126.com] (DNS Server: 61.144.56.101)...
Wed2011-05-0410:52:53:*P=010S=000D=126.comTTL=(55)MX=[126mx01.mxmail.netease.com] {220.181.15.138}
解析收件方域名的MX記錄與A記錄(這里為126.com)
Wed 2011-05-04 10:52:53: Attempting SMTP connection to [220.181.15.138:25]
Wed 2011-05-04 10:52:53: Waiting for socket connection...
Wed2011-05-0410:52:53:*Connectionestablished(192.168.1.183:2612 -220.181.15.138:25)
Wed 2011-05-04 10:52:53: Waiting for protocol to start...
連接收件方服務器的25端口
Wed2011-05-0410:53:01:<--220126.comAnti-spamGTforCoremailSystem(126com[20101010])
Wed 2011-05-04 10:53:01: --> EHLO mail.comingchina.com
Wed 2011-05-04 10:53:01: <-- 250-mail
Wed 2011-05-04 10:53:01: <-- 250-PIPELINING
Wed 2011-05-04 10:53:01: <-- 250-AUTH LOGIN PLAIN
Wed 2011-05-04 10:53:01: <-- 250-AUTH=LOGIN PLAIN
Wed2011-05-0410:53:01:<--250-coremail1Uxr2xKj7kG0xkI17xGrU7I0s8FY2U3Uj8Cz28x1UUUUU7Ic2I0Y2UrU5JizUCa0xDrUUUUj
Wed 2011-05-04 10:53:01: <-- 250 8BITMIME
發(fā)件方郵件系統(tǒng)與收件方郵件系統(tǒng)的一些握手信息
Wed 2011-05-04 10:53:01: --> MAIL From:<zzz@comingchina.com>
Wed 2011-05-04 10:53:01: <-- 250 Mail OK
Wed 2011-05-04 10:53:01: --> RCPT To:<umailtest@126.com>
Wed 2011-05-04 10:53:02: <-- 250 <umailtest@126.com>... Recipient ok
Wed 2011-05-04 10:53:02: --> DATA
Wed 2011-05-04 10:53:02: <-- 354 Enter mail, end with "." on a line by itself
上述表明收件人是umailtest@126.com,并且存在該收件人
Wed2011-05-0410:53:02:Sending<e:\umail\queues\remote\pd35000136919.msg>to[220.181.15.138]
Wed 2011-05-04 10:53:03: Transfer Complete
Wed 2011-05-04 10:53:04: <-- 250 2.0.0 p441lm7L013317 Message accepted for delivery
Wed 2011-05-04 10:53:04: --> QUIT
創(chuàng)建郵件��,并發(fā)送郵件到收件人
Wed 2011-05-04 10:53:04: <-- 221 2.0.0 ssg2 closing connection
Wed 2011-05-04 10:53:04: SMTP session successful (Bytes in/out: 505/152474)
Wed 2011-05-04 10:53:04: ----------
如果后提示SMTP session successful那表明郵件已經(jīng)發(fā)送成功了���,已經(jīng)到達收件方服務器了��。
(8)如果smtp(out)日志顯示“SMTP session successful”字符�,那么代表郵件已成功發(fā)送給收件人(已成功從遠程隊列發(fā)出給收件人了)���。
2����、“內(nèi)接郵件(入站)”日志查看步驟
郵件內(nèi)接(別人發(fā)給你)的過程��,日志的經(jīng)過步驟是:
SMTP-(in)---AntiVirus(反病毒檢測)---AntiSpam(反垃圾檢測)---Content-Filter(內(nèi)容過濾器檢測)---Routing(路由)
但一般查看SMTP-(in)即可�����,詳細步驟如下:
(1)在別人發(fā)送郵件給您沒有收到的情況下�。請收集“發(fā)件人地址”、“收件人地址”和“發(fā)送時間”��。
(2)進入umail/logs目錄下�����。
(3)打開當天的smtp(in)日志,并按快捷鍵“Ctrl+F”或“編輯---查找”��。輸入收件人或發(fā)件人進行查找(對照時間)�。
(4)以下是smtp(in)日志的具體分析
Wed 2011-05-04 10:49:51: ----------
Wed 2011-05-04 10:50:28: Session 2752; child 1; thread 79944
Wed 2011-05-04 10:49:54: Accepting SMTP connection from [93.152.162.153:4443]
Wed 2011-05-04 10:49:54: --> 220 ESMTP READY
Wed 2011-05-04 10:49:55: <-- HELO 126.com
Wed 2011-05-04 10:49:55: EHLO/HELO response delayed 10 seconds
發(fā)送方連接到您們服務器
Wed 2011-05-04 10:50:05: --> 250 mail.comingchina.com Hello 126.com, pleased to meet
Wed 2011-05-04 10:50:06: <-- MAIL FROM: <umailtest@126.com>
Wed 2011-05-04 10:50:06: Performing IP lookup (126.com)
Wed 2011-05-04 10:50:06: * D=126.com TTL=(60) A=[207.155.222.58]
Wed2011-05-0410:50:07:*P=010S=000D=126.comTTL=(60)MX=[126mx01.mxmail.netease.com]
Wed 2011-05-04 10:50:07: * D=126.com TTL=(52) A=[207.155.222.58]
Wed 2011-05-04 10:50:07: ---- End IP lookup results
解析發(fā)件人的MX記錄與A記錄(這里是126.com)
Wed 2011-05-04 10:50:07: Performing SPF lookup (fujibedford.com / 93.152.162.153)
Wed 2011-05-04 10:50:17: * DNS: 10 second wait for DNS response exceeded
Wed 2011-05-04 10:50:17: * Result: none; no SPF record in DNS
Wed 2011-05-04 10:50:17: ---- End SPF results
檢測發(fā)件方域名的SPF記錄,SPF是一項反垃圾技術(shù)
Wed 2011-05-04 10:50:17: --> 250 <umailtest@126.com>, Sender ok
Wed 2011-05-04 10:50:18: <-- RCPT TO: zzz@comingchina.com
郵件發(fā)件者���、接收者地址
Wed 2011-05-04 10:50:18: Performing DNS-BL lookup (93.152.162.153 - connecting IP)
Wed 2011-05-04 10:50:18: * zen.spamhaus.org - failed
Wed 2011-05-04 10:50:19: * cblless.anti-spam.org.cn - failed
Wed 2011-05-04 10:50:19: ---- End DNS-BL results
對發(fā)件方域名或IP地址進行DNS-BL檢測����,這也是一項反垃圾技術(shù)
Wed 2011-05-04 10:50:19: --> 250 <zzz@comingchina.com>, Recipient ok
Wed 2011-05-04 10:50:23: <-- DATA
Wed 2011-05-0410:50:23:Creatingtempfile(SMTP):e:\umail\queues\temp\md5003858.tmp
Wed 2011-05-04 10:50:23: --> 354 Enter mail, end with <CRLF>.<CRLF>
Wed 2011-05-04 10:50:24: Message size: 585 bytes
發(fā)件方發(fā)送郵件到U-Mail
Wed 2011-05-04 10:50:24: Performing DKIM lookup
Wed 2011-05-04 10:50:24: * File: e:\umail\queues\temp\md50003939858.tmp
Wed 2011-05-04 10:50:24: * Message-ID: 33e28m71s90-59713048-350k4s35@tdmrdei
Wed 2011-05-04 10:50:24: * Result: neutral
Wed 2011-05-04 10:50:24: ---- End DKIM results
Wed 2011-05-04 10:50:24: Performing DomainKeys lookup (Sender: umailtest@126.com)
Wed 2011-05-04 10:50:24: * File: e:\umail\queues\temp\md50003939858.tmp
Wed 2011-05-04 10:50:24: * Message-ID: 33e28m71s90-59713048-350k4s35@tdmrdei
Wed 2011-05-04 10:50:24: * Querying for policy: 126.com
Wed 2011-05-04 10:50:24: * Querying: _domainkey.126.com ...
Wed 2011-05-04 10:50:25: * DNS: * Name server reports domain name unknown
Wed 2011-05-04 10:50:25: * Result: neutral
Wed 2011-05-04 10:50:25: ---- End DomainKeys results
系統(tǒng)方面的檢測
Wed 2011-05-04 10:50:25: Passing message through AntiVirus (Size: 585)...
Wed 2011-05-04 10:50:25: * Message is clean (no viruses found)
Wed 2011-05-04 10:50:25: ---- End AntiVirus results
對發(fā)件方發(fā)送過來的郵件進行反病毒檢測
Wed 2011-05-04 10:50:25: Passing message through Outbreak Protection...
Wed 2011-05-04 10:50:25: * Message-ID: 33e28m71s90-59713048-350k4s35@tdmrdei
Wed 2011-05-04 10:50:25: * Reference-ID: fgs=0
Wed 2011-05-04 10:50:25: * Virus result: 0 - Clean
Wed 2011-05-04 10:50:25: * Spam result: 1 - Clean
Wed 2011-05-04 10:50:25: * IWF result: 0 - Clean
Wed 2011-05-04 10:50:25: ---- End Outbreak Protection results
Wed 2011-05-04 10:50:25: Passing message to SmtpHook plugin
Wed2011-05-0410:50:25:fnSMTPMessageFuncNowprocessing:e:\umail\queues\temp\md50003939858.tmp
系統(tǒng)方面的檢測
Wed 2011-05-04 10:50:25: Passing message through Spam Filter (Size: 585)...
Wed 2011-05-04 10:50:27: * 3.0 MDAEMON_DNSBL MDaemon: marked by MDaemon's DNSBL
Wed 2011-05-04 10:50:27: * 0.7 DATE_IN_PAST_06_12 Date: is 6 to 12 hours before Received: date
Wed 2011-05-04 10:50:27: * 3.1 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
Wed 2011-05-04 10:50:27: * [93.152.162.153 listed in zen.spamhaus.org]
Wed 2011-05-04 10:50:27: * 1.0 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
Wed 2011-05-04 10:50:27: * [93.152.162.153 listed in zen.spamhaus.org]
Wed 2011-05-04 10:50:27: * 3.0 URIBL_BLACK Contains a URL listed in the URIBL.com blacklist
Wed 2011-05-04 10:50:27: * [URIs: penisbigmiracle.ru]
Wed 2011-05-04 10:50:27: ---- End SpamAssassin results
Wed 2011-05-04 10:50:27: Spam Filter score/req: 10.90/12.0(前面的分小于后面的分)
Wed2011-05-0410:50:27:Messagecreationsuccessful:e:\umail\queues\inbound\md50000104212.msg
Wed2011-05-0410:50:27:-->250Ok,messagesaved<Message-ID:33e28m71s90-59713048-350k4s35@tdmrdei>
Wed 2011-05-04 10:50:28: <-- QUIT
Wed 2011-05-04 10:50:28: --> 221 See ya in cyberspace
計算郵件的分值(評分機制)
Wed 2011-05-04 10:50:28: SMTP session successful (Bytes in/out: 764/395)
Wed 2011-05-04 10:50:28: ----------
如果后提示SMTP session successful那表明郵件已經(jīng)接收成功了�,已經(jīng)到達您郵箱���。
3�����、“內(nèi)部發(fā)給內(nèi)部”日志查看步驟
內(nèi)部發(fā)給內(nèi)部(即本域發(fā)給本域)的過程�����,日志的經(jīng)過步驟是:
SMTP-(in)---AntiVirus(反病毒檢測)---AntiSpam(反垃圾檢測)---Content-Filter(內(nèi)容過濾器檢測)---Routing(路由)
但一般查看SMTP-(in)即可�����,詳細步驟如下:
(1)在內(nèi)部發(fā)給內(nèi)部沒有收到的情況下����,請收集“發(fā)件人地址”、“收件人地址”和“發(fā)送時間”�����。
(2)進入umail/logs目錄下����。
(3)打開當天的smtp(in)日志,并按快捷鍵“Ctrl+F”或“編輯---查找”���。輸入收件人或發(fā)件人進行查找(對照時間)����。
(4)以下是smtp(in)日志的具體分析�。
Fri 2011-07-22 17:33:47: ----------
Fri 2011-07-22 17:34:40: Session 100; child 1; thread 2372
Fri 2011-07-22 17:34:40: Accepting SMTP connection from [127.0.0.1:1921]
連接是從127.0.0.1本地發(fā)起的。
Fri 2011-07-22 17:34:40: --> 220 ESMTP READY
Fri 2011-07-22 17:34:40: <-- EHLO U-Mail WebMail
Fri 2011-07-22 17:34:40: --> 250-domain.com Hello U-Mail WebMail, pleased to meet
Fri 2011-07-22 17:34:40: --> 250-ETRN
Fri 2011-07-22 17:34:40: --> 250-AUTH=LOGIN
Fri 2011-07-22 17:34:40: --> 250-AUTH LOGIN
Fri 2011-07-22 17:34:40: --> 250-8BITMIME
Fri 2011-07-22 17:34:40: --> 250 SIZE 0
Fri 2011-07-22 17:34:40: <-- AUTH LOGIN YWFhQGRvbWFpbi5jb20=
Fri 2011-07-22 17:34:40: --> 334 UGFzc3dvcmQ6
Fri 2011-07-22 17:34:40: <-- ******
郵件服務器的一些認證等系統(tǒng)信息
Fri 2011-07-22 17:34:40: --> 235 Authentication successful
Fri 2011-07-22 17:34:40: Authenticated as aaa@domain.com
Fri 2011-07-22 17:34:40: <-- MAIL FROM: <aaa@domain.com> SIZE=880
Fri 2011-07-22 17:34:40: --> 250 <aaa@domain.com>, Sender ok
Fri 2011-07-22 17:34:40: <-- RCPT TO: <test99@domain.com>
Fri 2011-07-22 17:34:40: --> 250 <test99@domain.com>, Recipient ok
Fri 2011-07-22 17:34:40: <-- DATA
發(fā)件人是aaa@domain.com�����,收件人是test99@domain.com
Fri2011-07-2217:34:40:Creatingtempfile(SMTP):c:\umail\queues\temp\md50000000005.tmp
Fri 2011-07-22 17:34:40: --> 354 Enter mail, end with <CRLF>.<CRLF>
Fri 2011-07-22 17:34:40: Message size: 882 bytes
創(chuàng)建郵件的過程
Fri 2011-07-22 17:34:40: Passing message through AntiVirus (Size: 882)...
Fri 2011-07-22 17:34:40: * Message is clean (no viruses found)
Fri 2011-07-22 17:34:40: ---- End AntiVirus results
對郵件進行反病毒檢測
Fri2011-07-2217:34:40:Messagecreationsuccessful:c:\umail\queues\inbound\md50000000004.msg
Fri2011-07-2217:34:40:-->250Ok,messagesaved<Message-ID:WorldClient-F201107221734.AA34400003@domain.com>
Fri 2011-07-22 17:34:40: <-- QUIT
Fri 2011-07-22 17:34:40: --> 221 See ya in cyberspace
Fri 2011-07-22 17:34:40: SMTP session successful (Bytes in/out: 1033/415)
Fri 2011-07-22 17:34:40: ----------
如果后提示SMTP session successful那表明郵件已經(jīng)發(fā)送成功了,對方已收到��。
