MDaemon日志查看方法——外发邮件

  • 2017-03-22 23:02:56
邮件收发的过程会体现在日志中,即可以通过查看日志文件来排查收发故障。日志文件在MDaemon安装目录下的Logs子目录下(MDaemon/Logs),下面的日志文件均以SMTP session successful代表成功。在日志中,从左向右的箭头“→”代表你方服务器发送给对方的信息,从右向左的箭头“←”表示对方发送给你方的信息。 下面将以“外发邮件”情况进行说明。 “外发邮件(出站)”日志查看步骤 邮件外发的过程,日志大致的经过步骤是: Smtp In(Smtp 接收)→ AntiVirus(反病毒引擎)→ AntiSpam(反垃圾引擎)→   ContentFilter(内容过滤器)→Routing(路由)→Smtp Out(Smtp发送) 但一般查看SMTP-(in)→SMTP-(out)即可,详细步骤如下: (1)在邮件外发给外网邮箱没有收到的情况下,请收集“发件人地址”、“收件人地址”和“发送时间”。 (2)进入MDaemon\Logs目录下 (3)打开当天的smtp(in)日志,并按快捷键“Ctrl+F”或“编辑---查找”。输入收件人或发件人进行查找(对照时间)。 (4)以下是smtp(in)日志的具体分析。 Wed 2017-03-22 22:31:02.734: 05: Session 163021; child 0001 Wed 2017-03-22 22:31:02.734: 05: Accepting SMTP connection from 120.27.38.xxx:59649 to 120.27.38.xxx:25 连接是从120.27.38.xxx发起的,这是我服务器地址,也就是本地发起的 Wed 2017-03-22 22:31:02.737: 03: --> 220 mail.yuncan.cn ESMTP MDaemon 16.5.1; Wed, 22 Mar 2017 22:31:02 +0800 Wed 2017-03-22 22:31:02.737: 02: <-- EHLO WorldClient Wed 2017-03-22 22:31:02.737: 03: --> 250-mail.yuncan.cn Hello WorldClient [120.27.38.xxx], pleased to meet you Wed 2017-03-22 22:31:02.737: 03: --> 250-ETRN Wed 2017-03-22 22:31:02.737: 03: --> 250-AUTH LOGIN CRAM-MD5 PLAIN Wed 2017-03-22 22:31:02.737: 03: --> 250-8BITMIME Wed 2017-03-22 22:31:02.737: 03: --> 250-ENHANCEDSTATUSCODES Wed 2017-03-22 22:31:02.737: 03: --> 250 SIZE Wed 2017-03-22 22:31:02.737: 02: <-- AUTH CRAM-MD5 Wed 2017-03-22 22:31:02.737: 03: --> 334 PE1EQUVNT04tRjIwMTcwMzIyMjIzMS5BQTMxMDI3MzdNRDY4MTlAbWFpbC5tYWlsc3RvcmUuY24+ Wed 2017-03-22 22:31:02.737: 02: <-- dGVzdDFAbWFpbHN0b3JlLmNuIGRmNzA1NzQ2OTI0NzdiZDA5NmU2MjY2NWJiZDdjOTJk Wed 2017-03-22 22:31:02.738: 03: --> 235 2.7.0 Authentication successful MDaemon邮件系统的一些认证等系统信息 Wed 2017-03-22 22:31:02.738: 01: Authenticated as test1@yuncan.cn Wed 2017-03-22 22:31:02.739: 02: <-- MAIL FROM:<test1@yuncan.cn> SIZE=955 Wed 2017-03-22 22:31:02.740: 03: --> 250 2.1.0 Sender OK 发件人是test1@yuncan.cn Wed 2017-03-22 22:31:02.740: 02: <-- RCPT TO:<xxx@qq.com> Wed 2017-03-22 22:31:02.743: 03: --> 250 2.1.5 Recipient OK 收件人是xxx@qq.com Wed 2017-03-22 22:31:02.743: 02: <-- DATA Wed 2017-03-22 22:31:02.743: 01: Creating temp file (SMTP): c:\mdaemon\queues\temp\md50000000747.tmp Wed 2017-03-22 22:31:02.744: 03: --> 354 Enter mail, end with <CRLF>.<CRLF> Wed 2017-03-22 22:31:02.744: 01: Message size: 957 bytes 创建邮件的过程 Wed 2017-03-22 22:31:02.745: 06: Passing message through AntiVirus (Size: 957)... Wed 2017-03-22 22:31:02.754: 06: * 邮件清洁(未发现病毒) Wed 2017-03-22 22:31:02.754: 06: ---- End AntiVirus results Wed 2017-03-22 22:31:02.754: 11: Passing message through ClamAV Plugin (c:\mdaemon\queues\temp\md50000000747.tmp)... Wed 2017-03-22 22:31:02.754: 11: * Message-ID: <WC20170322143102.73001C@mailstore.cn> Wed 2017-03-22 22:31:02.779: 11: * Virus result: 0 - clean Wed 2017-03-22 22:31:02.781: 01: 邮件创建 successful:c:\mdaemon\queues\inbound\md50000002006.msg Wed 2017-03-22 22:31:02.781: 03: --> 250 2.6.0 Ok, message saved <Message-ID: <WC20170322143102.73001C@mailstore.cn>> Wed 2017-03-22 22:31:02.785: 02: <-- QUIT Wed 2017-03-22 22:31:02.785: 03: --> 221 2.0.0 See ya in cyberspace 反病毒及系统方面的检测   Wed 2017-03-22 22:31:02.785: 01: SMTP session successful (Bytes in/out: 1145/563)   如果最后提示SMTP session successful那表明in日志是成功的(即邮件已经成功发送到远程队列),接下来查看outl日志。   (5)如果smtp(in)日志显示“SMTP session successful”字符,那么查看smtp(out)日志。 (6)打开当天的smtp(out)日志,并按快捷键“Ctrl+F”或“编辑---查找”。输入收件人或发件人进行查找(对照时间)。 (7)以下是smtp(out)日志的具体分析。 Wed 2017-03-22 22:31:06.431: 05: Session 163022; child 0001 Wed 2017-03-22 22:31:06.431: 01: Parsing message <c:\mdaemon\queues\remote\pd35000004366.msg> Wed 2017-03-22 22:31:06.431: 01: * From: test1@yuncan.cn Wed 2017-03-22 22:31:06.431: 01: * To: xxx@qq.com Wed 2017-03-22 22:31:06.431: 01: * Subject: 测试 Wed 2017-03-22 22:31:06.431: 01: * Size (bytes): 1628 Wed 2017-03-22 22:31:06.431: 01: * Message-ID: <WC20170322143102.73001C@yuncan.cn> Wed 2017-03-22 22:31:06.433: 05: Resolving MX record for qq.com (DNS Server: 10.202.72.118)... Wed 2017-03-22 22:31:06.434: 05: * P=010 S=001 D=qq.com TTL=(30) MX=[mx3.qq.com] Wed 2017-03-22 22:31:06.434: 05: * P=020 S=002 D=qq.com TTL=(30) MX=[mx2.qq.com] Wed 2017-03-22 22:31:06.434: 05: * P=030 S=000 D=qq.com TTL=(30) MX=[mx1.qq.com] 发件人、收件人、主题,查找收件人的MX记录等信息 Wed 2017-03-22 22:31:06.434: 05: Attempting SMTP connection to mx3.qq.com Wed 2017-03-22 22:31:06.451: 05: Resolving A record for mx3.qq.com (DNS Server: 10.202.72.118)... Wed 2017-03-22 22:31:06.451: 05: * D=mx3.qq.com TTL=(1) A=[183.57.48.35] 解析收件方域名的MX记录与A记录(这里为mx3.qq.com) Wed 2017-03-22 22:31:06.451: 05: Attempting SMTP connection to 183.57.48.35:25 Wed 2017-03-22 22:31:06.452: 05: Waiting for socket connection... Wed 2017-03-22 22:31:06.494: 05: * Connection established 120.27.38.xxx:59651 --> 183.57.48.35:25 Wed 2017-03-22 22:31:06.494: 05: Waiting for protocol to start... 连接收件方服务器的25端口 Wed 2017-03-22 22:31:06.538: 02: <-- 220 newmx.qq.com MX QQ Mail Server Wed 2017-03-22 22:31:06.539: 03: --> EHLO mail.yuncan.cn Wed 2017-03-22 22:31:06.581: 02: <-- 250-newmx.qq.com Wed 2017-03-22 22:31:06.581: 02: <-- 250-SIZE 73400320 Wed 2017-03-22 22:31:06.581: 02: <-- 250-STARTTLS Wed 2017-03-22 22:31:06.582: 02: <-- 250 OK 发件方邮件系统与收件方邮件系统的一些握手信息 Wed 2017-03-22 22:31:06.582: 03: --> MAIL From:<test1@yuncan.cn> SIZE=1628 Wed 2017-03-22 22:31:06.631: 02: <-- 250 Ok Wed 2017-03-22 22:31:06.631: 03: --> RCPT To:<xxx@qq.com> Wed 2017-03-22 22:31:06.712: 02: <-- 250 Ok Wed 2017-03-22 22:31:06.712: 03: --> DATA Wed 2017-03-22 22:31:06.754: 02: <-- 354 End data with <CR><LF>.<CR><LF> 上述表明收件人是xxx@qq.com,并且存在该收件人 Wed 2017-03-22 22:31:06.754: 01: Sending <c:\mdaemon\queues\remote\pd35000004366.msg> to [183.57.48.35] Wed 2017-03-22 22:31:06.754: 01: Transfer Complete Wed 2017-03-22 22:31:07.152: 02: <-- 250 Ok: queued as Wed 2017-03-22 22:31:07.152: 03: --> QUIT 创建邮件,并发送邮件到收件人 Wed 2017-03-22 22:31:07.195: 02: <-- 221 Bye Wed 2017-03-22 22:31:07.195: 01: SMTP session successful (Bytes in/out: 177/1740) 如果最后提示SMTP session successful那表明邮件已经发送成功了,已经到达收件方服务器了。   (8)如果smtp(out)日志显示“SMTP session successful”字符,那么代表邮件已成功发送给收件人(已成功从远程队列发出给收件人了)。 下次给大家带来“内接邮件”的情况分析!