定位问题出在什么环节(手段)

1) 查询网关上面的日志;

2)查询Exchange的传输日志

3)看客户端的邮件头信息

4)搞懂整个邮件的投递环节

5)善于利用退信代码,Google搜索投递代码


实际操作

1)如何看网关日志(省略)

这部分无法实际截图和演示,下图是梭子鱼网关查看日志的截图。

clipboard

2)如何看传输日志(上节课内容)

3)如何看客户端邮件头信息

比如zengchuixin给administrator发了一封邮件,那么可以到administrator打开收件箱,打开收到的邮件,查看邮件头,如图。

clipboard

选择下图的三角符号,打开后如图。

clipboard

4)对邮件投递环节进行分析,分段排错

clipboard


实战案例

451 4.4.0 Primary target IP address responded with: "454 4.7.0 Temporary authentication failure." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.

Additionally, you may find the following error message in the Application log file on the Exchange server that is receiving the e-mail message:

Event Type: Error Event Source: MSExchangeTransport Event Category: SmtpReceive Event ID: 1035 Description: Inbound authentication failed with error IllegalMessage for Receive connector Default <Server> . The authentication mechanism is ExchangeAuth. The source IP address of the client who tried to authenticate to Microsoft Exchange is [xxx.xxx.xxx.xxx].

原因

This issue occurs if the Exchange server cannot authenticate with the remote Exchange server. Exchange servers requires authentication to route internal user messages between servers. The issue can be caused by one of the following reasons:

The Exchange server is experiencing Time synchronization issues

There is a replication issue between the domain controllers

The Exchange server is experiencing Service Principal Name (SPN) issues

The required TCP/UDP ports for the Kerberos protocol are blocked by the firewall


获取更多IT资讯,您也可以关注下方的微信公众号:
Exchange Server 2016管理系列课件28.导出用户邮箱
曾垂鑫的网络课堂,曾垂鑫大讲堂 - 51CTO学院

http://edu.51cto.com/lecturer/639838.html