mdaemon时不时有退信现象，下面是发出日志，请看看是怎么回事。怎么解决

hdp

9楼解决方法。感谢！

Fri 2013-08-16 10:00:21: ----------
Fri 2013-08-16 09:59:56: Parsing message <c:\mdaemon\queues\remote\pd35000012633.msg>
Fri 2013-08-16 09:59:56: *  From: cassie@sh*****e.com
Fri 2013-08-16 09:59:56: *  To: proyectosexport@stylsaf.com
Fri 2013-08-16 09:59:56: *  Subject: Re: CABLES FIXED TO THE TABLE
Fri 2013-08-16 09:59:56: *  Size (bytes): 235836
Fri 2013-08-16 09:59:56: *  Message-ID: <201308160959515622781@sh*****e.com>
Fri 2013-08-16 09:59:56: Attempting SMTP connection to [stylsaf.com]
Fri 2013-08-16 09:59:56: Resolving MX records for [stylsaf.com] (DNS Server: 202.96.128.86)...
Fri 2013-08-16 09:59:56: *  来自 DNS 服务器的数据包无效
Fri 2013-08-16 10:00:05: *  DNS: 10 second wait for DNS response exceeded (DNS Server: 202.96.128.86)
Fri 2013-08-16 10:00:05: Resolving MX records for [stylsaf.com] (DNS Server: 202.96.128.166)...
Fri 2013-08-16 10:00:06: *  P=005 S=001 D=stylsaf.com TTL=(6) MX=[mail.stylsaf.com]
Fri 2013-08-16 10:00:06: *  P=010 S=002 D=stylsaf.com TTL=(6) MX=[correo.stylsaf.com]
Fri 2013-08-16 10:00:06: *  P=015 S=000 D=stylsaf.com TTL=(6) MX=[mail2.stylsaf.com]
Fri 2013-08-16 10:00:06: Attempting SMTP connection to [mail.stylsaf.com:25]
Fri 2013-08-16 10:00:06: Resolving A record for [mail.stylsaf.com] (DNS Server: 202.96.128.166)...
Fri 2013-08-16 10:00:15: *  DNS: 10 second wait for DNS response exceeded (DNS Server: 202.96.128.166)
Fri 2013-08-16 10:00:15: Attempting SMTP connection to [correo.stylsaf.com:25]
Fri 2013-08-16 10:00:15: Resolving A record for [correo.stylsaf.com] (DNS Server: 202.96.128.86)...
Fri 2013-08-16 10:00:25: *  DNS: 10 second wait for DNS response exceeded (DNS Server: 202.96.128.86)
Fri 2013-08-16 10:00:25: Attempting SMTP connection to [correo.stylsaf.com:25]
Fri 2013-08-16 10:00:25: Resolving A record for [correo.stylsaf.com] (DNS Server: 202.96.128.166)...
Fri 2013-08-16 10:00:35: *  DNS: 10 second wait for DNS response exceeded (DNS Server: 202.96.128.166)
Fri 2013-08-16 10:00:35: Attempting SMTP connection to [mail2.stylsaf.com:25]
Fri 2013-08-16 10:00:35: Resolving A record for [mail2.stylsaf.com] (DNS Server: 202.96.128.86)...
Fri 2013-08-16 10:00:36: *  D=mail2.stylsaf.com TTL=(1) A=[80.26.64.50]
Fri 2013-08-16 10:00:36: Attempting SMTP connection to [80.26.64.50:25]
Fri 2013-08-16 10:00:36: Waiting for socket connection...
Fri 2013-08-16 10:00:57: *  Winsock Error 10060 连接超时。
Fri 2013-08-16 10:00:57: *  80.26.64.50 added to connection failure cache for 5 minutes
Fri 2013-08-16 10:00:57: 此邮件已经过了 1 分；在这个队列还剩 119 分
Fri 2013-08-16 10:00:57: SMTP session terminated (Bytes in/out: 0/0)
Fri 2013-08-16 10:00:57: ----------
Fri 2013-08-16 10:01:22: Parsing message <c:\mdaemon\queues\remote\pd35000012633.msg>
Fri 2013-08-16 10:01:22: *  From: cassie@sh*****e.com
Fri 2013-08-16 10:01:22: *  To: proyectosexport@stylsaf.com
Fri 2013-08-16 10:01:22: *  Subject: Re: CABLES FIXED TO THE TABLE
Fri 2013-08-16 10:01:22: *  Size (bytes): 235836
Fri 2013-08-16 10:01:22: *  Message-ID: <201308160959515622781@sh*****e.com>
Fri 2013-08-16 10:01:22: Attempting SMTP connection to [stylsaf.com]
Fri 2013-08-16 10:01:22: Resolving MX records for [stylsaf.com] (DNS Server: 202.96.128.86)...
Fri 2013-08-16 10:01:22: *  来自 DNS 服务器的数据包无效
Fri 2013-08-16 10:01:31: *  DNS: 10 second wait for DNS response exceeded (DNS Server: 202.96.128.86)
Fri 2013-08-16 10:01:31: Resolving MX records for [stylsaf.com] (DNS Server: 202.96.128.166)...
Fri 2013-08-16 10:01:31: *  P=005 S=001 D=stylsaf.com TTL=(5) MX=[mail.stylsaf.com]
Fri 2013-08-16 10:01:31: *  P=010 S=002 D=stylsaf.com TTL=(5) MX=[correo.stylsaf.com]
Fri 2013-08-16 10:01:31: *  P=015 S=000 D=stylsaf.com TTL=(5) MX=[mail2.stylsaf.com]
Fri 2013-08-16 10:01:31: Attempting SMTP connection to [mail.stylsaf.com:25]
Fri 2013-08-16 10:01:31: Resolving A record for [mail.stylsaf.com] (DNS Server: 202.96.128.166)...
Fri 2013-08-16 10:01:31: *  D=mail.stylsaf.com TTL=(1) A=[212.111.103.65]
Fri 2013-08-16 10:01:31: Attempting SMTP connection to [212.111.103.65:25]
Fri 2013-08-16 10:01:31: Waiting for socket connection...
Fri 2013-08-16 10:01:32: *  Connection established (192.168.1.234:1346 -> 212.111.103.65:25)
Fri 2013-08-16 10:01:32: Waiting for protocol to start...
Fri 2013-08-16 10:01:34: <-- 220 stylsaf.com ESMTP MDaemon 10.0.2; Fri, 16 Aug 2013 03:59:01 +0200
Fri 2013-08-16 10:01:34: --> EHLO sh*****e.com
Fri 2013-08-16 10:01:35: <-- 250-stylsaf.com Hello sh*****e.com, pleased to meet you
Fri 2013-08-16 10:01:35: <-- 250-ETRN
Fri 2013-08-16 10:01:35: <-- 250-AUTH=LOGIN
Fri 2013-08-16 10:01:35: <-- 250-AUTH LOGIN CRAM-MD5
Fri 2013-08-16 10:01:35: <-- 250-8BITMIME
Fri 2013-08-16 10:01:35: <-- 250 SIZE 0
Fri 2013-08-16 10:01:35: --> MAIL From:<cassie@sh*****e.com> SIZE=235836
Fri 2013-08-16 10:01:36: <-- 250 <cassie@sh*****e.com>, Sender ok
Fri 2013-08-16 10:01:36: --> RCPT To:<proyectosexport@stylsaf.com>
Fri 2013-08-16 10:01:36: <-- 250 <proyectosexport@stylsaf.com>, Recipient ok
Fri 2013-08-16 10:01:36: --> DATA
Fri 2013-08-16 10:01:36: <-- 354 Enter mail, end with <CRLF>.<CRLF>
Fri 2013-08-16 10:01:36: Sending <c:\mdaemon\queues\remote\pd35000012633.msg> to [212.111.103.65]
Fri 2013-08-16 10:01:47: Transfer Complete
Fri 2013-08-16 10:01:49: <-- 250 Ok, message saved <Message-ID: 201308160959515622781@sh*****e.com>
Fri 2013-08-16 10:01:49: --> QUIT
Fri 2013-08-16 10:01:49: <-- 221 See ya in cyberspace
Fri 2013-08-16 10:01:49: SMTP session successful (Bytes in/out: 451/235971)
Fri 2013-08-16 10:01:49: ----------

hdp

有时客户发邮件给我们也退信。

Kyan

Fri 2013-08-16 10:01:36: <-- 354 Enter mail, end with <CRLF>.<CRLF>

CRLF

CRLF這個字代表Carriage Return(CR, ASCII 13, \r) Line Feed(LF, ASCII 10, \n的縮寫)。這些ASCII字元在螢幕上並不會顯示，不過在Windows中常用來代表一行的結尾。在Linux/UNIX中則代表回到行的前頭。CR與LF的組合常被當成鍵盤上的Enter使用，換句話說，按下Enter會送出指令進行換行的動作。CRLF攻擊是發生在駭客將CRLF指令注入至網頁應用程式時。原因在於建立網頁的程式設計師沒有留意到這類型的攻擊而不小心留下漏洞讓駭客注入CRLF指令。

hdp

Kyan 发表于 2013-8-16 23:46
Fri 2013-08-16 10:01:36:

响应 354应该是正常的吧。

我上面的日志分两段
第一段是发不出去邮件。然后第二次发出去了，
有时一直是第一个，然后服务器就提示发不出去。

hdp

Kyan 发表于 2013-8-16 23:46
Fri 2013-08-16 10:01:36:

请看下面的日志

Fri 2013-08-16 10:00:05: *  DNS: 10 second wait for DNS response exceeded (DNS Server: 202.96.128.86)
Fri 2013-08-16 10:00:05: Resolving MX records for [stylsaf.com] (DNS Server: 202.96.128.166)...
Fri 2013-08-16 10:00:06: *  P=005 S=001 D=stylsaf.com TTL=(6) MX=[mail.stylsaf.com]
Fri 2013-08-16 10:00:06: *  P=010 S=002 D=stylsaf.com TTL=(6) MX=[correo.stylsaf.com]
Fri 2013-08-16 10:00:06: *  P=015 S=000 D=stylsaf.com TTL=(6) MX=[mail2.stylsaf.com]
Fri 2013-08-16 10:00:06: Attempting SMTP connection to [mail.stylsaf.com:25]
Fri 2013-08-16 10:00:06: Resolving A record for [mail.stylsaf.com] (DNS Server: 202.96.128.166)...
Fri 2013-08-16 10:00:15: *  DNS: 10 second wait for DNS response exceeded (DNS Server: 202.96.128.166)
Fri 2013-08-16 10:00:15: Attempting SMTP connection to [correo.stylsaf.com:25]
Fri 2013-08-16 10:00:15: Resolving A record for [correo.stylsaf.com] (DNS Server: 202.96.128.86)...
Fri 2013-08-16 10:00:25: *  DNS: 10 second wait for DNS response exceeded (DNS Server: 202.96.128.86)
Fri 2013-08-16 10:00:25: Attempting SMTP connection to [correo.stylsaf.com:25]
Fri 2013-08-16 10:00:25: Resolving A record for [correo.stylsaf.com] (DNS Server: 202.96.128.166)...
Fri 2013-08-16 10:00:35: *  DNS: 10 second wait for DNS response exceeded (DNS Server: 202.96.128.166)
Fri 2013-08-16 10:00:35: Attempting SMTP connection to [mail2.stylsaf.com:25]
Fri 2013-08-16 10:00:35: Resolving A record for [mail2.stylsaf.com] (DNS Server: 202.96.128.86)...
Fri 2013-08-16 10:00:36: *  D=mail2.stylsaf.com TTL=(1) A=[80.26.64.50]
Fri 2013-08-16 10:00:36: Attempting SMTP connection to [80.26.64.50:25]
Fri 2013-08-16 10:00:36: Waiting for socket connection...
Fri 2013-08-16 10:00:57: *  Winsock Error 10060 连接超时。
Fri 2013-08-16 10:00:57: *  80.26.64.50 added to connection failure cache for 5 minutes
Fri 2013-08-16 10:00:57: 此邮件已经过了 1 分；在这个队列还剩 119 分

Kyan

hdp 发表于 2013-8-17 09:19
请看下面的日志

Fri 2013-08-16 10:00:05: *  DNS: 10 second wait for DNS response exceeded (DNS  ...

你應該先解決 Fri 2013-08-16 10:00:57: *  Winsock Error 10060 連接超時 {:soso_e160:} 。

hdp

Kyan 发表于 2013-8-18 08:07
你應該先解決 Fri 2013-08-16 10:00:57: *  Winsock Error 10060 連接超時  。

我分析了mailserver的日志发现有下面的规律
服务器stylsaf.com （62.43.189.61）的MX记录为：
correo.stylsaf.com      84.246.213.178
mail2.stylsaf.com       80.26.64.50
mail.stylsaf.com        212.111.103.65
mailserver解析到62.43和80.26时系统会退信，解析到212时能正常发出邮件
我在 编辑ms缓存文件时加了下面一条，让系统自动用212IP发信，不知对不对。
stylsaf.com 5 mail.stylsaf.com

还有个问题，我在查前几天的smtp日志是发现找不到完整日志，完整日志在哪查。

Kyan

hdp 发表于 2013-8-18 08:25
我分析了mailserver的日志发现有下面的规律
服务器stylsaf.com （62.43.189.61）的MX记录为：
correo.s ...

你有沒有查過你所謂的4個IP
服務器stylsaf.com （62.43.189.61）的MX記錄為：
correo.stylsaf.com      84.246.213.178
mail2.stylsaf.com       80.26.64.50
mail.stylsaf.com        212.111.103.65

是分屬4家不同的ISP公司
62.43.188.0 - 62.43.191.255
ONO IP MANAGER
C/ Basauri, 5
Urbanizacion La Florida
E-28023 Aravaca, Madrid
SPAIN

80.26.0.0 - 80.26.127.255
Telefonica de Espana SAU
Red de servicios IP
Spain

84.246.213.0 - 84.246.213.255
Infortelecom Hosting S.L.
Spain

212.111.96.0 - 212.111.103.255
Internet Xpress
New Services, Leased Lines, POP, etc
Spain

請問你如何去指該使用那家ISP的MX(IP)設定？

hdp

我加了这样一条，不知道行不行。


因为老是发这个电邮退信，实在找不到解决方法了。

Kyan

hdp 发表于 2013-8-18 08:58
我加了这样一条，不知道行不行。

你試試看：

1. Boot your computer in Safe Mode: Upon restart, click F8 to enter the boot-method menu. Select "Boot in Safe Mode with Networking. " When Windows boots, click "OK" when prompted that you are booting in Safe Mode.
      
2. Close all programs except for your browser. Visit the link in Resources labeled "WinSock Fix Download" to download the freeware WinSock fix. Wait a short time for your download to be completed.        

3. Click "Save File' when you are asked what to do with the file. The file will be saved to your default download location--usually the desktop or "Downloads" folder within your "My Documents" folder (click "Start" at the lower left of your screen).        

4. Reboot your computer in normal mode (simply allow it to boot regularly).        

5. Locate the downloaded WinSock XP Fix file and double-click it to install and run it.
      
6. Click "Run" at the security warning window.      

7. Click "Fix" when WinSock XP Fix opens. Click "Yes" when asked to apply the fix.      

8. Click "OK" when you are prompted that the fix is complete and you need to reboot. Allow your computer to reboot.


1. 在安全模式下啟動您的計算機重新啟動後，點擊F8進入啟動方法菜單。 選擇「在帶網絡連接的安全模式啟動。」當Windows啟動時，單擊「確定」提示時，你是在安全模式下啟動。

2. 關閉所有程序，但您的瀏覽器。 訪問參考資料中的鏈接標記為「編程修復下載」下載軟件編程修復。 等待很短的時間完成下載。

3. 點擊「保存文件」當你被要求做什麼用的文件，該文件將被保存到您的默認下載位置 - 通常在桌面或「下載」文件夾中（點擊「開始」，在「我的文檔」文件夾內降低你的屏幕的左側）。

4. 重新啟動計算機，在正常模式（只需定期允許它啟動）。

5. 找到下載的編程XP的修覆文件，並雙擊它來安裝和運行它。

6. 在安全警告窗口中點擊「運行」。

7. 單擊「修復」時，打開編程XP修復。 點擊「是」，當記者問到應用此修復程序。

8. 點擊「OK」時，系統會提示您修復完成後，您需要重新啟動。 讓你的計算機重新啟動。