One Web

Analyse des fichiers des logs des emails

Cette page explique l’analyse des fichiers de logs du serveur mail. Les programmes suivant sont utilisés:

  • Postix: serveur SMTP
  • Cyrus-Imapd: serveur POP/IMAP
  • SASL: authentification
  • Amavis
  • Clamd: antivirus
  • Spamassassin: antispam

Fichier des logs

/var/log/maillog

Synopsis

Date (Jour + Heure), IP, Programme (+PID), message

Erreurs

No such file or directory

Jan 22 12:28:44 ip-188-121-62-120 lmtpunix[3412]: IOERROR: fstating sieve script /var/lib/imap/sieve/domain/o/one-web.be/a/admin/defaultbc: No such file or directory

Operation not permitted

setrlimit: Unable to set file descriptors limit to -1: Operation not permitted

Operation not supported

Jan 22 11:13:04 ip-188-121-62-120 master[26297]: unable to setsocketopt(IP_TOS): Operation not supported

 

Reject

Relay Access Denied

Mar 26 08:39:28 ip-188-121-62-120 postfix/smtpd[15509]: NOQUEUE: reject: RCPT from 114-43-8-239.dynamic.hinet.net[114.43.8.239]: 554 5.7.1 <sanjinn232@yahoo.com.tw>: Relay access denied; from=<123@yahoo.com> to=<sanjinn232@yahoo.com.tw> proto=SMTP helo=<188.121.62.120>

Sender address rejected

User unknown in virtual mailbox table

Apr  8 14:14:51 ip-188-121-62-120 postfix/smtpd[32612]: NOQUEUE: reject: RCPT from host51-80.brs.com.br[177.11.51.80]: 550 5.1.0 <mapufg@spicerack.be>: Sender address rejected: User unknown in virtual mailbox table; from=<mapufg@spicerack.be> to=<teste3.pop3@hotmail.com> proto=ESMTP helo=

Domain not found

Mar 26 10:37:21 ip-188-121-62-120 postfix/smtpd[18288]: NOQUEUE: reject: RCPT from boo2.boosthoster.com[198.57.168.145]: 450 4.1.8 <shoppi12@shoppingmadeez.net>: Sender address rejected: Domain not found; from=<shoppi12@shoppingmadeez.net> to=<info@one-web.be> proto=ESMTP helo=

Recipient address rejected

User unknown in virtual mailbox table

Apr  9 09:39:38 ip-188-121-62-120 postfix/smtpd[5252]: NOQUEUE: reject: RCPT from 3.mo58.mail-out.ovh.net[178.33.41.144]: 550 5.1.1 <nfo@prowindows.be>: Recipient address rejected: User unknown in virtual mailbox table; from=<c4-return-1-nfo=prowindows.be@up2secure.eu> to=<nfo@prowindows.be> proto=ESMTP helo=

Server configuration error

Unknown smtpd restriction

Apr  8 02:18:13 ip-188-121-62-120 postfix/smtpd[13377]: warning: unknown smtpd restriction: "reject_unauth_pipeling"
Apr  8 02:18:13 ip-188-121-62-120 postfix/smtpd[13377]: NOQUEUE: reject: RCPT from mail-pb0-f51.google.com[209.85.160.51]: 451 4.3.5 Server configuration error; from=<rips.df@gmail.com> to=<info@one-web.be> proto=ESMTP helo=

Ceci arrive quand une ligne du fichier de configuration comprend une erreur, par exemple une règle inexistante.

Warnings

Les warnings indiquent qu’il faut faire attention

Illegal address syntax

Apr  9 14:59:49 ip-188-121-62-120 postfix/smtpd[14306]: warning: Illegal address syntax from unknown[115.86.35.15] in MAIL command: <drugstore_canadian3@??????-pc.kornet>

Unknonw smtpd restriction

Apr  8 02:18:13 ip-188-121-62-120 postfix/smtpd[13377]: warning: unknown smtpd restriction: "reject_unauth_pipeling"

Cyrus

> service cyrus-imapd stop
> rm /var/lib/imap/tls_sessions.db*
> rm /var/lib/imap/deliver.db*
> rm /var/lib/imap/db/*
> service cyrus-imapd start

Administrateur