View dropped/rejected SMTP sessions in Exchange 2010

exchange-2010logging

I am troubleshooting a problem trying to SMTP into an Exchange 2010 machine.

I would like to view SMTP logs to see dropped or rejected sessions in order to try to figure out exactly why the sessions are being rejected.

I'm familiar with the message tracking log, but doesn't it only track successful sessions?

How can I view some raw session data for Exchange 2010?

Best Answer

It tracks any SMTP connection. It also logs unsuccessful attempts like IP block. Here is an example:

2015-02-03T14:27:45.165Z,,08D177B7FDAD7212,0,10.0.0.10:25,10.0.0.11:23935,+,,
2015-02-03T14:27:45.165Z,,08D177B7FDAD7212,1,10.0.0.10:25,10.0.0.11:23935,>,421 4.3.2 Service not available,
2015-02-03T14:27:45.165Z,,08D177B7FDAD7212,2,10.0.0.10:25,10.0.0.11:23935,-,,Local

You can see here a machine is being blocked, without even reaching the Receive Connectort (the second column is empty).

So search for the troubleshooted IP, and you should be able to see all communication. Just remember to set the logging of each connector you monitor to Verbose.

Best Answer

Related Solutions

Exchange 2010 – Getting NDR’s with Relaying Denied or Firewall Error

E-mail is delivered locally but does not show up in inbox

Related Topic