邮件收发的过程会体现在日志中,即可以通过查看日志文件来排查收发故障。日志文件在MDaemon安装目录下的Logs子目录下(MDaemon/Logs),下面的日志文件均以SMTP session successful代表成功。在日志中,从左向右的箭头“→”代表你方服务器发送给对方的信息,从右向左的箭头“←”表示对方发送给你方的信息。
下面将以“外发邮件”情况进行说明。
“外发邮件(出站)”日志查看步骤
邮件外发的过程,日志大致的经过步骤是:
Smtp In(Smtp 接收)→ AntiVirus(反病毒引擎)→ AntiSpam(反垃圾引擎)→ ContentFilter(内容过滤器)→Routing(路由)→Smtp Out(Smtp发送)
但一般查看SMTP-(in)→SMTP-(out)即可,详细步骤如下:
(1)在邮件外发给外网邮箱没有收到的情况下,请收集“发件人地址”、“收件人地址”和“发送时间”。
(2)进入MDaemon\Logs目录下
(3)打开当天的smtp(in)日志,并按快捷键“Ctrl+F”或“编辑—查找”。输入收件人或发件人进行查找(对照时间)。
(4)以下是smtp(in)日志的具体分析。
Wed 2017-03-22 22:31:02.734: 05: Session 163021; child 0001
Wed 2017-03-22 22:31:02.734: 05: Accepting SMTP connection from 120.27.38.xxx:59649 to 120.27.38.xxx:25
连接是从120.27.38.xxx发起的,这是我服务器地址,也就是本地发起的
Wed 2017-03-22 22:31:02.737: 03: –> 220 mail.yuncan.cn ESMTP MDaemon 16.5.1; Wed, 22 Mar 2017 22:31:02 +0800
Wed 2017-03-22 22:31:02.737: 02: <– EHLO WorldClient
Wed 2017-03-22 22:31:02.737: 03: –> 250-mail.yuncan.cn Hello WorldClient [120.27.38.xxx], pleased to meet you
Wed 2017-03-22 22:31:02.737: 03: –> 250-ETRN
Wed 2017-03-22 22:31:02.737: 03: –> 250-AUTH LOGIN CRAM-MD5 PLAIN
Wed 2017-03-22 22:31:02.737: 03: –> 250-8BITMIME
Wed 2017-03-22 22:31:02.737: 03: –> 250-ENHANCEDSTATUSCODES
Wed 2017-03-22 22:31:02.737: 03: –> 250 SIZE
Wed 2017-03-22 22:31:02.737: 02: <– AUTH CRAM-MD5
Wed 2017-03-22 22:31:02.737: 03: –> 334 PE1EQUVNT04tRjIwMTcwMzIyMjIzMS5BQTMxMDI3MzdNRDY4MTlAbWFpbC5tYWlsc3RvcmUuY24+
Wed 2017-03-22 22:31:02.737: 02: <– dGVzdDFAbWFpbHN0b3JlLmNuIGRmNzA1NzQ2OTI0NzdiZDA5NmU2MjY2NWJiZDdjOTJk
Wed 2017-03-22 22:31:02.738: 03: –> 235 2.7.0 Authentication successful
MDaemon邮件系统的一些认证等系统信息
Wed 2017-03-22 22:31:02.738: 01: Authenticated as test1@yuncan.cn
Wed 2017-03-22 22:31:02.739: 02: <– MAIL FROM:<test1@yuncan.cn> SIZE=955
Wed 2017-03-22 22:31:02.740: 03: –> 250 2.1.0 Sender OK
发件人是test1@yuncan.cn
Wed 2017-03-22 22:31:02.740: 02: <– RCPT TO:<xxx@qq.com>
Wed 2017-03-22 22:31:02.743: 03: –> 250 2.1.5 Recipient OK
收件人是xxx@qq.com
Wed 2017-03-22 22:31:02.743: 02: <– DATA
Wed 2017-03-22 22:31:02.743: 01: Creating temp file (SMTP): c:\mdaemon\queues\temp\md50000000747.tmp
Wed 2017-03-22 22:31:02.744: 03: –> 354 Enter mail, end with <CRLF>.<CRLF>
Wed 2017-03-22 22:31:02.744: 01: Message size: 957 bytes
创建邮件的过程
Wed 2017-03-22 22:31:02.745: 06: Passing message through AntiVirus (Size: 957)…
Wed 2017-03-22 22:31:02.754: 06: * 邮件清洁(未发现病毒)
Wed 2017-03-22 22:31:02.754: 06: —- End AntiVirus results
Wed 2017-03-22 22:31:02.754: 11: Passing message through ClamAV Plugin (c:\mdaemon\queues\temp\md50000000747.tmp)…
Wed 2017-03-22 22:31:02.754: 11: * Message-ID: <WC20170322143102.73001C@mailstore.cn>
Wed 2017-03-22 22:31:02.779: 11: * Virus result: 0 – clean
Wed 2017-03-22 22:31:02.781: 01: 邮件创建 successful:c:\mdaemon\queues\inbound\md50000002006.msg
Wed 2017-03-22 22:31:02.781: 03: –> 250 2.6.0 Ok, message saved <Message-ID: <WC20170322143102.73001C@mailstore.cn>>
Wed 2017-03-22 22:31:02.785: 02: <– QUIT
Wed 2017-03-22 22:31:02.785: 03: –> 221 2.0.0 See ya in cyberspace
反病毒及系统方面的检测
Wed 2017-03-22 22:31:02.785: 01: SMTP session successful (Bytes in/out: 1145/563)
如果最后提示SMTP session successful那表明in日志是成功的(即邮件已经成功发送到远程队列),接下来查看outl日志。
(5)如果smtp(in)日志显示“SMTP session successful”字符,那么查看smtp(out)日志。
(6)打开当天的smtp(out)日志,并按快捷键“Ctrl+F”或“编辑—查找”。输入收件人或发件人进行查找(对照时间)。
(7)以下是smtp(out)日志的具体分析。
Wed 2017-03-22 22:31:06.431: 05: Session 163022; child 0001
Wed 2017-03-22 22:31:06.431: 01: Parsing message <c:\mdaemon\queues\remote\pd35000004366.msg>
Wed 2017-03-22 22:31:06.431: 01: * From: test1@yuncan.cn
Wed 2017-03-22 22:31:06.431: 01: * To: xxx@qq.com
Wed 2017-03-22 22:31:06.431: 01: * Subject: 测试
Wed 2017-03-22 22:31:06.431: 01: * Size (bytes): 1628
Wed 2017-03-22 22:31:06.431: 01: * Message-ID: <WC20170322143102.73001C@yuncan.cn>
Wed 2017-03-22 22:31:06.433: 05: Resolving MX record for qq.com (DNS Server: 10.202.72.118)…
Wed 2017-03-22 22:31:06.434: 05: * P=010 S=001 D=qq.com TTL=(30) MX=[mx3.qq.com]
Wed 2017-03-22 22:31:06.434: 05: * P=020 S=002 D=qq.com TTL=(30) MX=[mx2.qq.com]
Wed 2017-03-22 22:31:06.434: 05: * P=030 S=000 D=qq.com TTL=(30) MX=[mx1.qq.com]
发件人、收件人、主题,查找收件人的MX记录等信息
Wed 2017-03-22 22:31:06.434: 05: Attempting SMTP connection to mx3.qq.com
Wed 2017-03-22 22:31:06.451: 05: Resolving A record for mx3.qq.com (DNS Server: 10.202.72.118)…
Wed 2017-03-22 22:31:06.451: 05: * D=mx3.qq.com TTL=(1) A=[183.57.48.35]
解析收件方域名的MX记录与A记录(这里为mx3.qq.com)
Wed 2017-03-22 22:31:06.451: 05: Attempting SMTP connection to 183.57.48.35:25
Wed 2017-03-22 22:31:06.452: 05: Waiting for socket connection…
Wed 2017-03-22 22:31:06.494: 05: * Connection established 120.27.38.xxx:59651 –> 183.57.48.35:25
Wed 2017-03-22 22:31:06.494: 05: Waiting for protocol to start…
连接收件方服务器的25端口
Wed 2017-03-22 22:31:06.538: 02: <– 220 newmx.qq.com MX QQ Mail Server
Wed 2017-03-22 22:31:06.539: 03: –> EHLO mail.yuncan.cn
Wed 2017-03-22 22:31:06.581: 02: <– 250-newmx.qq.com
Wed 2017-03-22 22:31:06.581: 02: <– 250-SIZE 73400320
Wed 2017-03-22 22:31:06.581: 02: <– 250-STARTTLS
Wed 2017-03-22 22:31:06.582: 02: <– 250 OK
发件方邮件系统与收件方邮件系统的一些握手信息
Wed 2017-03-22 22:31:06.582: 03: –> MAIL From:<test1@yuncan.cn> SIZE=1628
Wed 2017-03-22 22:31:06.631: 02: <– 250 Ok
Wed 2017-03-22 22:31:06.631: 03: –> RCPT To:<xxx@qq.com>
Wed 2017-03-22 22:31:06.712: 02: <– 250 Ok
Wed 2017-03-22 22:31:06.712: 03: –> DATA
Wed 2017-03-22 22:31:06.754: 02: <– 354 End data with <CR><LF>.<CR><LF>
上述表明收件人是xxx@qq.com,并且存在该收件人
Wed 2017-03-22 22:31:06.754: 01: Sending <c:\mdaemon\queues\remote\pd35000004366.msg> to [183.57.48.35]
Wed 2017-03-22 22:31:06.754: 01: Transfer Complete
Wed 2017-03-22 22:31:07.152: 02: <– 250 Ok: queued as
Wed 2017-03-22 22:31:07.152: 03: –> QUIT
创建邮件,并发送邮件到收件人
Wed 2017-03-22 22:31:07.195: 02: <– 221 Bye
Wed 2017-03-22 22:31:07.195: 01: SMTP session successful (Bytes in/out: 177/1740)
如果最后提示SMTP session successful那表明邮件已经发送成功了,已经到达收件方服务器了。
(8)如果smtp(out)日志显示“SMTP session successful”字符,那么代表邮件已成功发送给收件人(已成功从远程队列发出给收件人了)。
下次给大家带来“内接邮件”的情况分析!
