Products: IMail Express, IMail Server Plus, IMail Server, IMail Server Premium

How to track an email message through the SMTP log

« Go Back

Information

 
Description
It is often necessary to track a message through the SMTP log to determine the cause a delivery problem. The steps below are intended to guide you through the process of message tracking.
Solution

1)  The first step is to gather information about the message you intend to track.  If you have the actual message you would like to track, you can use the header information of the message as a starting point.  The header will look something like this:

Received: from IPSAUGKFOX [2.2.2.2] by ipswitch.com with ESMTP
  (SMTPD-11.5) id ac080004034ba6a6; Tue, 20 Sep 2011 09:56:13 -0400
From: "Joe Smith" <joesmith@domain.com>
To: "Bob Smith" <bobsmith@domain.com>
Subject: RE: test
Date: Tue, 20 Sep 2011 09:57:26 -0400
X-CTCH-RefID: str=0001.0A020201.4E789BC6.0163:SCFSTAT13417787,ss=1,re=-4.000,fgs=0
X-RCPT-TO: <bobsmith@domain.com>
Status: 
X-UIDL: 573025780
X-IMail-ThreadID: ac080004034ba6a6

The X-IMail-ThreadID highlighted in red is the unique ID that you can use to track the message through the log.

If you do not have a message header you should gather as much information about the message as possible to begin the tracking. Most importantly, you'll need :
a) The time the message was sent
b) The email address of the sender
c) The email address of the recipient
 
2)  Next you will need to find and open the SMTP log. Check the SMTP settings within the IMail Admin console to determine which log SMTP is logging to. If SMTP is set to the "SysMMDD.txt", the log file name will be sysMMDD.txt. If it is set to the "Log Server" the log file will be named logMMDD.txt, where MM is the month and DD is the day. Now go to the Logging section to select the appropriate log.  Since IMail logs roll over daily, it is important to open the correct log for the day the message was sent.
Note:  If the logs are in excess of 100 megs in size you may need to use a more advanced text editor to open the file. Some examples of these editors are Textpad, OoberViewer, and Notepad++.  In this case, it is best to navigate directly to the logs directory rather than opening the file through the admistration console.

3)  Once the log file is open in a text editor, you can begin tracking the message. 

If you were able to get the Thread ID from the header of the message, simply do  "Find" for that ID.  By Default, the find function will search from the top of the file down until it locates the first match for the Thread ID.  Keep hitting "Find Next" to jump to the next log line for that message.

If you only have time,sender, and recipient information you can do the following:
a) Jump to a page in the log that is several minutes prior to the time the message was sent and click on one of the log lines. This will ensure that your search starts from that log line.  
b) Next, do a "Find" for the sender or recipient email address.
c) Once you have found the email address, get the Thread ID from the log line and use it for the remainder of your searches.

Note: You'll need to be sure you are tracking the correct message since its possible that the sender/recipient sent more than one email during that time frame.

In the Example Log line below, "eef9000000010002" is the Thread ID:
20110510 162903 127.0.0.1       SMTPD (eef9000000010002) [1.2.3.4] MAIL FROM:<bobsmith@domain.com>

Most log information is fairly self explanatory and this tracking technique should give you more information about  any unexpected processing that occurred for the message.

For a more in depth explanation of the SMTP log file, refer to the following article:
http://ipswitchmsg.force.com/kb/articles/FAQ/Explanation-of-SMTP-log-file-1307739578442
VersionAll Versions
Attachment 

 
Customer Service Softwaresalesforce.comHome | Product