Analyse des fichiers des logs des emails

  • Accueil   /  Email   /  
  • Analyse des fichiers des logs des emails

Analyse des fichiers des logs des emails

Commentaires fermés sur Analyse des fichiers des logs des emails

Cette page explique l’analyse des fichiers de logs du serveur mail. Les programmes suivant sont utilisés:

  • Postix: serveur SMTP
  • Cyrus-Imapd: serveur POP/IMAP
  • SASL: authentification
  • Amavis
  • Clamd: antivirus
  • Spamassassin: antispam

Fichier des logs

/var/log/maillog

Synopsis

Date (Jour + Heure), IP, Programme (+PID), message

Erreurs

No such file or directory

Jan 22 12:28:44 ip-188-121-62-120 lmtpunix[3412]: IOERROR: fstating sieve script /var/lib/imap/sieve/domain/o/one-web.be/a/admin/defaultbc: No such file or directory

Operation not permitted

setrlimit: Unable to set file descriptors limit to -1: Operation not permitted

Operation not supported

Jan 22 11:13:04 ip-188-121-62-120 master[26297]: unable to setsocketopt(IP_TOS): Operation not supported

 

Reject

Relay Access Denied

Mar 26 08:39:28 ip-188-121-62-120 postfix/smtpd[15509]: NOQUEUE: reject: RCPT from 114-43-8-239.dynamic.hinet.net[114.43.8.239]: 554 5.7.1 <sanjinn232@yahoo.com.tw>: Relay access denied; from=<123@yahoo.com> to=<sanjinn232@yahoo.com.tw> proto=SMTP helo=<188.121.62.120>

Sender address rejected

User unknown in virtual mailbox table

Apr  8 14:14:51 ip-188-121-62-120 postfix/smtpd[32612]: NOQUEUE: reject: RCPT from host51-80.brs.com.br[177.11.51.80]: 550 5.1.0 <mapufg@spicerack.be>: Sender address rejected: User unknown in virtual mailbox table; from=<mapufg@spicerack.be> to=<teste3.pop3@hotmail.com> proto=ESMTP helo=

Domain not found

Mar 26 10:37:21 ip-188-121-62-120 postfix/smtpd[18288]: NOQUEUE: reject: RCPT from boo2.boosthoster.com[198.57.168.145]: 450 4.1.8 <shoppi12@shoppingmadeez.net>: Sender address rejected: Domain not found; from=<shoppi12@shoppingmadeez.net> to=<info@one-web.be> proto=ESMTP helo=

Recipient address rejected

User unknown in virtual mailbox table

Apr  9 09:39:38 ip-188-121-62-120 postfix/smtpd[5252]: NOQUEUE: reject: RCPT from 3.mo58.mail-out.ovh.net[178.33.41.144]: 550 5.1.1 <nfo@prowindows.be>: Recipient address rejected: User unknown in virtual mailbox table; from=<c4-return-1-nfo=prowindows.be@up2secure.eu> to=<nfo@prowindows.be> proto=ESMTP helo=

Server configuration error

Unknown smtpd restriction

Apr  8 02:18:13 ip-188-121-62-120 postfix/smtpd[13377]: warning: unknown smtpd restriction: "reject_unauth_pipeling"
Apr  8 02:18:13 ip-188-121-62-120 postfix/smtpd[13377]: NOQUEUE: reject: RCPT from mail-pb0-f51.google.com[209.85.160.51]: 451 4.3.5 Server configuration error; from=<rips.df@gmail.com> to=<info@one-web.be> proto=ESMTP helo=

Ceci arrive quand une ligne du fichier de configuration comprend une erreur, par exemple une règle inexistante.

Warnings

Les warnings indiquent qu’il faut faire attention

Illegal address syntax

Apr  9 14:59:49 ip-188-121-62-120 postfix/smtpd[14306]: warning: Illegal address syntax from unknown[115.86.35.15] in MAIL command: <drugstore_canadian3@??????-pc.kornet>

Unknonw smtpd restriction

Apr  8 02:18:13 ip-188-121-62-120 postfix/smtpd[13377]: warning: unknown smtpd restriction: "reject_unauth_pipeling"

Cyrus

> service cyrus-imapd stop
> rm /var/lib/imap/tls_sessions.db*
> rm /var/lib/imap/deliver.db*
> rm /var/lib/imap/db/*
> service cyrus-imapd start