Help on smtp log

Similar Messages

• SMTP log

  Hi
  When I'm looking at the SMTP logs
  “C:\program files\Microsoft\Exchange Server\V15\TransportRoles\Logs\Hub\ProtocolLog\SmtpReceive”
  Reason complete SMTP session
  - user does not exist.
  How to obtain information that the
  user does not exist?

  Hi
  could you elaborate little bit more about your issue?
  protocol logs in the mentioned location you specified will have logs of all users who have sent and received emails internally as well as externally.
  Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com

• SMTP Log detail level 'Stuck' on Debug

  Hi,
  I have a G5 XServe running 10.4.8 Server. The smtp log level seems to be stuck on 'Debug'. If I try to reduce it to a low level (eg. Error) via Server Admin, it flips back to debug as soon as I hit save.
  I have tried the following command:-
  sudo serveradmin settings mail:postfix:log_level = "err"
  but the server just responds with: -
  mail:postfix:log_level = "debug"
  The problem existed prior to upgrading the server to 10.4.8 so that is not a factor.
  Is this normal behaviour? If possible I would like to get rid of all the spam in syslog that the smtp service is creating. Any help would be appreciated!
  Codeus
  G5 Xserve   Mac OS X (10.4.8)  

  There seems to be a bug in server admin where
  sometimes it just can't get the settings right.
  You can always edit /etc/syslog.conf manually
  See "man syslog.conf"
  Thanks for the pointer although I can't see what is wrong with my Syslog.conf - it seems to be only directing Critical mail messages to the syslog, this is what I have: -
  .err;kern.;auth.notice;authpriv,remoteauth,install.none;mail.crit /dev/console
  *.notice;authpriv,remoteauth,ftp,install.none;kern.debug;mail.crit /var/log/system.log
  #. /var/log/system.log
  # Send messages normally sent to the console also to the serial port.
  # To stop messages from being sent out the serial port, comment out this line.
  #.err;kern.;auth.notice;authpriv,remoteauth.none;mail.crit /dev/tty.serial
  # The authpriv log file should be restricted access; these
  # messages shouldn't go to terminals or publically-readable
  # files.
  authpriv.*;remoteauth.crit /var/log/secure.log
  lpr.info /var/log/lpr.log
  mail.crit /var/log/mail.log
  ftp.* /var/log/ftp.log
  netinfo.err /var/log/netinfo.log
  install.* /var/log/install.log
  install.* @127.0.0.1:32376
  local0.* /var/log/ipfw.log
  *.emerg *
  local6.err /var/log/mailaccess.log
  and yet my syslog looks like this: -
  Nov 21 14:30:47 mail imap[9141]: login: CommsIT-01-eMac1.25G [172.18.10.200] bert CRAM-MD5 User logged in
  Nov 21 14:30:52 mail imap[8994]: login: CommsIT-01-eMac1.25G [172.18.10.200] bert CRAM-MD5 User logged in
  Nov 21 14:34:06 mail imap[9561]: login: [172.18.10.105] ernie CRAM-MD5 User logged in
  Nov 21 14:34:18 mail imap[9562]: login: [172.18.10.49] fred plaintext User logged in
  Nov 21 14:35:34 mail imap[9592]: login: [172.18.10.26] sandy CRAM-MD5 User logged in
  Nov 21 14:35:35 mail imap[9144]: login: [172.18.10.34] stanley plaintext User logged in
  Nov 21 14:39:18 mail imap[9698]: login: [172.18.10.49] fred plaintext User logged in
  Is it because these messages are not handled under the 'mail' selector for some reason or have I got something else wrong in the syslog.conf?
  Thanks again,
  Codeus

• No SMTP log after upgrade to Server 4.0.3

  I just updated my server to 4.0.3 and I initially had an error message saying that a script was not owned by postfix repeated in the SMTP log file.
  First I tried to fix it with disk utility but it didn't work.
  So in Terminal I did: sudo chown _postfix /Library/Server/Mail/Data/mta/./guid_device_maps.plist
  Now I have no SMTP log showing in the server menu any ideas on how to get it back is very welcome.
  Kind regards
  Peter

  Okay I reinstalled the Server from App Store and we're back to square one with the message:
  postfix/postfix-script[2941]: warning: not owned by _postfix: /Library/Server/Mail/Data/mta/./guid_device_maps.plist
  However, http://topicdesk.com/faqs/os-x-server-mail-services-faq/166-what-is-virtual-mail -hosting-or-are-virtual-mail-domains say the message doesn't matter.
  So I apologise for the false alarm.
  Kind regards
  Peter

• Error in the SMTP log of the mail service regarding "master.lock"

  I am getting the following error in the SMTP log of the mail service, Anybody might have any suggestions:
  postfix/master[87670]: fatal: open lock file /var/lib/postfix/master.lock: cannot open file: Permission denied.
  The permissions of the master.lock file are as follows:
  -rw-------  1 _postfix  mail  33 Jul  7 10:25 master.lock
  The Mail service stops after a few minutes from starting it
  I appreciate your feedback

  I found the problem.. the executable job was referring to a none existing batch file..
  I have refreshed the database from production some time ago and the jobs I have setup are referring to production scripts and paths (which we didnt have on dev)..
  This is now resolved.
  Thanks

• SharePoint SMTP logs

  Trying to diagnose incoming email issue and I wonder if Sharepoint has its own SMTP logs. I was told by email admin that I have to look at sharepoint SMTP logs for he could not see any logs from MAIN SMTP server. I am new to this and I thought logging is
  only done in the main smtp server. Can sharepoint be configured as SMTP server as well for incoming email. Where can I find SMTP logs? Thanks in advance.
  Hubble

  Yes its the default logs location.
  You can install SMTP on SharePoint server but again you will need a Mail server (e.g. exchange) where these message will be forwarded and thus it will be used to deliver email to end user.
  Make sure the Mail server admin has add exception to receive and forward email from SharePoint server.
  If you feel the answer is right, please make is answered.

• Repetitive error in SMTP log: illegal address syntax

  Hello I keep getting this error message in the SMTP log:
  Dec 17 22:33:36 chucklepunt postfix/smtpd[2909]: connect from
  unknown[10.0.0.12]
  Dec 17 22:33:36 chucklepunt postfix/smtpd[2909]: warning: Illegal address
  syntax from unknown[10.0.0.12] in MAIL command: <W Server>
  Dec 17 22:33:36 chucklepunt postfix/smtpd[2909]: disconnect from
  unknown[10.0.0.12]
  my mail server has this IP listed above, so it obviusoly looks like some kind of internet connection, but I don't know why it keeps happining, and I have 10.0.0.12 listed in the local hosts alias.
  Thanks

  I thought my problem was solved once I added 10.0.0/24 to my relay and 10.0.0.12 to local hosts in the mail setup but I am getting the error again.
  You say is it in my /etc/main.cf?
  Should I have that config file, because I do not, at least not in that path.
  suggestions please
  Thanks!

• Smtp log/email tracking on iphone?

  Is that possible to get an SMTP log on iphone? Basically we get an issue that sent email was disppeared nowhere, not in the sent folder on the iphone, on the server side nothing was recorded, and that only happened when the iphone is on 3G, never happened when connected on WIFI. If there is a local SMTP log on the iphone we can pull out, I can get the log and check with my telco company.
  any other suggestion to troubleshoot this issue is welcome.

  No

• I had something called backupd-helper cancel my log out last night.  I was wondering it this is spyware?  Can anyone help?

  This morning I had a information window that read "The application backupd-helper cancled logout.  To try again, quit backupd-helper and choose log out form the Apple menu."  I look for this app on my dock, but it was not there.  I used spot light to try to find it but it did not show up.  I checked in my applications folder and utilities folder, but again no luck.  Finally I used Activity Monitor and there it was, but as soon as I "inspected" it the process terminated and disappeared.  It's parent app is Launchd.  Any information would be very helpful, thanks.

  This is part of Time Machine. It is a daemon helper, part of the backup process.
  It is not spyware.

• Need help with log4j logging tool (org.apache.log4j.*) to log into database

  Hi,
  I need help with log4j logging tool (org.apache.log4j.*) to log into database using JDBCAppender. Have look at my logger code and corresponding log4j.properties file stated below. I'm running this program using Eclipse IDE and it's giving me the following error (highlighted in red) at the end:
  log4j: Parsing for [root] with value=[debug, stdout, Roll, CRSDBAPPENDER].
  log4j: Level token is [debug].
  log4j: Category root set to DEBUG
  log4j: Parsing appender named "stdout".
  log4j: Parsing layout options for "stdout".
  log4j: Setting property [conversionPattern] to [%x %d{HH:mm:ss,SSS} %5p [%t] (%c:%-4L %M) - %m%n].
  log4j: End of parsing for "stdout".
  log4j: Parsed "stdout" options.
  log4j: Parsing appender named "Roll".
  log4j: Parsing layout options for "Roll".
  log4j: Setting property [conversionPattern] to [%x %d{yyyy.MM.dd HH:mm:ss,SSS} %5p [%t] (%c:%-4L %M) - %m%n].
  log4j: End of parsing for "Roll".
  log4j: Setting property [file] to [HelloWorld.log].
  log4j: Setting property [maxBackupIndex] to [10].
  log4j: Setting property [maxFileSize] to [20KB].
  log4j: setFile called: HelloWorld.log, true
  log4j: setFile ended
  log4j: Parsed "Roll" options.
  log4j: Parsing appender named "CRSDBAPPENDER".
  {color:#ff0000}
  Can't find class HelloWorld{color}
  import org.apache.log4j.*;
  public class HelloWorld {
  static Logger log = Logger.getLogger(HelloWorld.class.getName());
  public static void main(String[] args) {
  try{
  // Now, try a few logging methods
  MDC.put("myComputerName", "Ravinder");
  MDC.put("crsServerName", "ARNDEV01");
  log.debug("Start of main()");
  log.info("Just testing a log message with priority set to INFO");
  log.warn("Just testing a log message with priority set to WARN");
  log.error("Just testing a log message with priority set to ERROR");
  log.fatal("Just testing a log message with priority set to FATAL");
  catch(Exception e){
  e.printStackTrace();
  ------------------------- log4j.properties file ------------------------------
  #### Use three appenders - log to console, file and database
  log4j.rootCategory=debug, stdout, Roll, CRSDBAPPENDER
  log4j.debug=true
  # Print only messages of priority WARN or higher for your category
  # log4j.category.your.category.name=WARN
  # Specifically inherit the priority level
  # log4j.category.your.category.name=INHERITED
  #### stdout - First appender writes to console
  log4j.appender.stdout=org.apache.log4j.ConsoleAppender
  log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
  log4j.appender.stdout.layout.ConversionPattern=%x %d{HH:mm:ss,SSS} %5p [%t] (%c:%-4L %M) - %m%n
  #### Roll - Second appender writes to a file
  log4j.appender.Roll=org.apache.log4j.RollingFileAppender
  ##log4j.appender.Roll.File=${InstanceName}.log
  log4j.appender.Roll.File=HelloWorld.log
  log4j.appender.Roll.MaxFileSize=20KB
  log4j.appender.Roll.MaxBackupIndex=10
  log4j.appender.Roll.layout=org.apache.log4j.PatternLayout
  log4j.appender.Roll.layout.ConversionPattern=%x %d{yyyy.MM.dd HH:mm:ss,SSS} %5p [%t] (%c:%-4L %M) - %m%n
  #### CRSDBAPPENDER - third appender writes to the database
  log4j.appender.CRSDBAPPENDER=org.apache.log4j.jdbc.JDBCAppender
  log4j.appender.CRSDBAPPENDER.Driver=net.sourceforge.jtds.jdbc.Driver
  log4j.appender.CRSDBAPPENDER.URL=jdbc:jtds:sqlserver:/arncorp15:1433;DatabaseName=LOG
  log4j.appender.CRSDBAPPENDER.USER=sa
  log4j.appender.CRSDBAPPENDER.PASSWORD=p8ss3doff
  log4j.appender.CRSDBAPPENDER.layout=org.apache.log4j.PatternLayout
  log4j.appender.CRSDBAPPENDER.sql=INSERT INTO LOG (computername, crsservername, logtime, loglevel, threadname, filename, linenumber, logtext) VALUES ('%X{myComputerName}', '%X{crsServerName}', '%d{dd MMM yyyy HH:mm:ss,SSS}', '%p', '%t', '%F', '%L', '%m')
  #log4j.appender.CRSDBAPPENDER.sql=INSERT INTO LOG(COMPUTERNAME,CRSSERVERNAME,LOGTIME,LOGLEVEL,THREADNAME,FILENAME,LINENUMBER,LOGTEXT) select host_name(),'${CRSServerName}${InstanceName}','%d','%5p','%t','%F','%L','%m%n'
  #log4j.appender.CRSDBAPPENDER.sql=INSERT INTO LOG (computername, crsservername, logtime, loglevel, threadname, filename, linenumber, logtext) VALUES ("%X{myComputerName}", "%X{crsServerName}", "%d{dd MMM yyyy HH:mm:ss,SSS}", "%p", "%t", "%F", "%L", "%m")
  ------------------------------- end of log4j.properties file ------------------------------
  Here is the directory structure of my program. My log4j.properties file and HelloWorld.class file are residing in folder HelloWorld\bin.
  HelloWorld\bin
  HelloWorld\lib
  HelloWorld\src
  Please note - The same program works fine for console and file appender when I comment the database appender part in my properties file.
  Thanks
  Ravinder

  try this :
  log4j.appender.PROJECT.Append=false

• I cant access my ymail PLEASE HELP I can log into yahoo but cant get to mail? Think the words configure & rand flash in address bar

  I cant access my ymail PLEASE HELP I can log into yahoo but cant get to mail? Think the words configure & rand flash in address bar

  Hi Acrylik,
  Welcome to the Apple Support Communities!
  For assistance resetting your Apple ID password, please use the information in the following article. I understand you have already attempted to reset via email and security questions, but the article also includes a link to contact Apple support if necessary.
  If you forgot your Apple ID password
  http://support.apple.com/kb/HT5787
  Have a great day,
  Joe

• Smtp log entry, bounces, or does the mail server send bounce backscatter?

  Today, I received two bounces from mail I did not send, and they reference a subdomain of a virtual domain on my machine that doesn't exist...
  server is set up with domain:  server.domain.com
  web and mail services are available for virtual domain:  service.com
  So, I got what I at first thought were phishing bounces, but then when I looked in my mail logs today, I found my first ever SMTP log entries:
  Feb 16 07:33:42 server.domain.com postfix/smtpd[----]: warning: hostname #.#.#.#.reverse.someone.net does not resolve to address #.#.#.#: nodename nor servname provided, or not known
  I have four of those at various times this morning.
  I've checked the mail logs and seen that there are connection attempts, particularly people trying plain text.  I have used mxtoolbox and a few other relay checkers to be sure there is not an open smtp relay.  none.
  I have one site on the service.com and it has its own malware checking (wordpress install).  It reports that it is clean and feeling good.
  The default sites are unaccessible without http authentication.
  Do those SMTP log entires mean someone has gained access?  or was my server trying to process backscatter spam?  I'm lost on how this could happen.

  What do the bounce messages say? Was the mail rejected by a remote server? If so, which one? What are some of the other log entries in the mail log? Does MX Toolbox say your email server is or is not an open relay? Are the IP addresses in your log post an internal or external address? Someone might be using your domain to send spam email but they may not be using your email server and when the messages bounce they get returned to your server.

• UCCX SMTP Logs

  Anyone have any ideas which logs I should be searching to find outbound smtp logs?  Looking for logging from a UCCX Script when an email is sent.  Looked through a number of logs but not seen anything I could id as smtp.
  Thanks
  Nathan

  Hi
  This step should be logged in the MIVR logs like any other step. If there's no failure, then you might not see anything on the default logging levels. Try turning up the traces...
  Do you have some kind of failure?
  Aaron

• I keep getting this error in the SMTP logs, What's wrong?

  I keep getting this error in SMTP, and for some reason the server is unable to send messages. It's a fresh setup, so i'm not sure what i'm missing..
  fatal: file /etc/postfix/main.cf: parameter myhostname: bad parameter value: mini.socialgraphics.com.
  Any advice would help, Thanks!

  From the server's webmail interface i can log in and send messages to outside accounts.
  But i can't recieve any messages on the server, everything i send to the server gets a error of:
  Delivery to the following recipient failed permanently:
      [email protected]
  Technical details of permanent failure:
  Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 554 554 5.7.1 <[email protected]>: Relay access denied (state 14).

• Help Understanding the Log - status=sent to status=bounced

  Hello,
  This is a very newb question and I'm very sorry to have to ask this here. I attempted googling it and searching for it, and I just can't seem to find a clear answer on this issue, so I'm hoping someone can just help me understand 2 messages in my log here quickly.
  First, we send emails to Company A all the time and have no problem doing so; however, recently we had the need to email a new employee at Company A that we've never emailed before and anything we email to him gets bounced back.
  At looking at the logs I have the following 2 messages (and what I think they mean), can someone confirm with me what these messages mean. Sorry, again I know, newbie.
  Nov 3 09:51:30 xxxx postfix/smtp[3785]: 72C2CCC203A: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.18, delays=0.01/0/0/0.17, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 9C61DCC2049)
  This means my server sent the message out to the Internet without issue correct?
  Nov 3 09:51:33 xxxx postfix/smtp[3792]: 9C61DCC2049: to=<[email protected]>, relay=mail.global.frontbridge.com[216.32.181.22]:25, delay=3.3, delays=0/0/3.1/0.21, dsn=5.0.0, status=bounced (host mail.global.frontbridge.com[216.32.181.22] said: 554 <[email protected]>: Recipient address rejected: Access denied (in reply to RCPT TO command))
  Does this mean another server (mail.global.frontbridge.com) flagged it as spam or blocked the email from going through?
  If so, I'm really confused why we can email everyone else at companya.com but not this particular person. Then I don't even know who to blame as far as the problem goes, is my company blocked from sending out or is Company A blocked from receiving. (I'm thinking a blacklist)
  I'm just looking for verification I guess and maybe what I should look at doing to resolve the issue.
  In googling this issue, it did appear others out there are having this issue with mail.global.frontbridge.com, but that doesn't mean my server is setup correctly I guess ... even though I'm fairly certain it is .... :/
  Thank you anyways to whoever can help me confirm what's going on here.
  -Jessee

  The problem is most likely on their end. If your mail server was blacklisted by them, you would not be able to mail any address on their server.
  That said:
  Nov 3 09:51:30 xxxx postfix/smtp3785: 72C2CCC203A: to=<[email protected]>, relay=127.0.0.1http://127.0.0.1:10024, delay=0.18, delays=0.01/0/0/0.17, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 9C61DCC2049)
  This means my server sent the message out to the Internet without issue correct?
  No, it means the e-mail was delivered to the content filter (spam/virus)) on your server (relay=127.0.0.1 = localhost = your server).
  Nov 3 09:51:33 xxxx postfix/smtp3792: 9C61DCC2049: to=<[email protected]>, relay=mail.global.frontbridge.comhttp://216.32.181.22:25, delay=3.3, delays=0/0/3.1/0.21, dsn=5.0.0, status=bounced (host mail.global.frontbridge.comhttp://216.32.181.22 said: 554 <[email protected]>: Recipient address rejected: Access denied (in reply to RCPT TO command))
  The receiving server (mail.global.frontbridge.com) is rejecting the e-mail. Since they only give a generic error, you will need to ask them why. (Chances are they have not defined the new user on their gateway.)
  HTH,
  Alex
  Message was edited by: pterobyte