1 / 26

技能 : 郵件系統維運 課程 : 郵件系統障礙處理流程 北區機房暨 IDC 維運組 鄭任峰

技能 : 郵件系統維運 課程 : 郵件系統障礙處理流程 北區機房暨 IDC 維運組 鄭任峰. Contents. MUA/MTA/MDA aptg.net 架構圖 MX Server to MS Server 架構圖 MS Server to Storage 架構圖 POP3 Server to Clients 架構圖 SMTP Server to Outside 架構圖 aptg.net ACL Input MDA & Output MDA Relay to outside with Content-Filter

alaric
Download Presentation

技能 : 郵件系統維運 課程 : 郵件系統障礙處理流程 北區機房暨 IDC 維運組 鄭任峰

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 技能:郵件系統維運課程: 郵件系統障礙處理流程北區機房暨IDC維運組 鄭任峰

  2. Contents • MUA/MTA/MDA • aptg.net 架構圖 • MX Server to MS Server 架構圖 • MS Server to Storage 架構圖 • POP3 Server to Clients 架構圖 • SMTP Server to Outside 架構圖 • aptg.net ACL • Input MDA & Output MDA • Relay to outside with Content-Filter • aptg.net log archive • Queue ID Tracking (Relay to outside) • Queue ID Tracking (Local delivery) • 常見障礙類型 • 處理流程

  3. MUA/MTA/MDA • MUA (Mail User Agent) Outlook , Thunderbird , Eudora , pine … • MTA (Mail Transfer Agent) Postfix , Qmail , Sendmail , MS Exchange … • MDA (Mail Delivery Agent) local , smtp , virtual , lmtp …

  4. aptg.net 架構圖

  5. MX Server to MS Server 架構圖 MDA : smtpx Protocol : SMTP MDA : smtpdx Port: 7777

  6. MS Server to Storage 架構圖 MDA: local

  7. POP3 Server to Clients 架構圖 Protocol: POP3 Port: 110 Clients (MUA) MDA: POP3d

  8. SMTP Server to Outside 架構圖 Clients (MUA) Protocol: SMTP Port: 25 MDA: smtp Server (MTA)

  9. aptg.net ACL • PassList • AllowIP • Deny IP • Deny Mailfrom • Deny Domain • TrustIP

  10. Input MDA & Output MDA OUTPUT MDA INPUT MDA qmgr active smtpd (mx server) smtp (Relay to outside) local (ms server) deferred incoming Bounce (mx/ms/smtp server) smtpx (Local dilivery) cleanup Internal MDA trivial- Rewrite Yellow  MDA Blue  Queue Pool Gray  Queue Manager

  11. Relay to outside with Content-Filter qmgr Port:25 smtp smtpd cleanup incoming active deferred cleanup chkmsg smtp smtpd Yellow  MDA Blue  Queue Pool Gray  Queue Manager Deep Blue  Amavis Port:10025 Port:10024 Amavis

  12. aptg.net log archive 1/3 • Log archive : [root@pop02 /]# df –k|grep 10.0.2.1 Filesystem 1k-blocks Used Available Use% Mounted on 10.0.2.1:200g_1 201674984 102503320 99171664 51% /backup 10.0.2.1:500g_2 504186984 288119680 216067304 58% /export/ms01 10.0.2.1:500g_3 504186984 264707784 239479200 53% /export/ms02 10.0.2.1:500g_4 504186984 239957976 264229008 48% /export/ms03 10.0.2.1:500g_5 540799376 63087440 477711936 12% /export/ms04 Log archive directory : /backup/maildebug & /backup/maillog

  13. aptg.net log archive 2/3 • /backup/maildebug Date,time,Queue ID,sender,recipient,source IP [Sun May 15 00:37] {DB0BB8AA81D} from (TLDCYSOYYPPB@yahoo.com) to (tsaicc@aptg.net) 200.141.131.142 [Sun May 15 00:37] {4534B8AA806} from (ezncpqbhhxk@msn.com) to (6561836@aptg.net) 84.228.61.80 [Sun May 15 00:37] {EDD788AA810} from (jnjvs.zvtjmxl@msa.hinet.net) to (helen123@aptg.net) 201.135.81.253

  14. aptg.net log archive 3/3 • /backup/maillog Date,time,host,MDA,Queue ID,source IP, sender,recipientsize,relay host,delay,status May 15 00:08:05 mx01 postfix/smtpd: D921D8AA811: client=adsl-123-135.37-151.net24.it[151.37.135.123] May 15 00:08:14 mx01 postfix/cleanup: D921D8AA811: message-id=Pine.5.05.@hau410.teem.smithkline.com May 15 00:08:15 mx01 postfix/qmgr: D921D8AA811: from=<ehijx@activatormail.com>, size=2078, nrcpt=2 (queue active) May 15 00:08:16 mx01 postfix/smtp: D921D8AA811: to=<chuju_lin@aptg.net>, relay=127.0.0.1[127.0.0.1], delay=11, status=sent (id=07004-91, from MTA: 250 Ok: queued as 32CF68AA823) May 15 00:08:16 mx01 postfix/smtp: D921D8AA811: to=<chunchun@aptg.net>, relay=127.0.0.1[127.0.0.1], delay=11, status=sent (id=07004-91, from MTA: 250 Ok: queued as 32CF68AA823)

  15. Queue ID Tracking (Relay to outside) 1/2

  16. Queue ID Tracking (Relay to outside) 2/2

  17. Queue ID Tracking (Local delivery) 1/2

  18. Queue ID Tracking (Local delivery) 2/2

  19. 常見障礙類型 • 用戶收不到由他網所寄進來的信件 • 用戶寄出信件後,對方收不到 • 用戶寄不出信件,Outlook跳出錯誤碼 • 用戶寄件後,對方等待很久才收到信件 • 用戶等待很久後才收到寄件方寄過來的信件 • 用戶帳號/密碼錯誤

  20. 用戶收不到由他網所寄進來的信件 • 檢查流程: (1) 詢問寄件方有無收到退信內容 (2) DenyIP  DenyMailfromDenyDomainMailCheck  於黑名單中移除 (3) 檢查 maildebug 以及maillog : (3-1) Client IP 是否連線異常 (Connection Dropped , Connection Lost)  網路品質 (3-2) amavis log , 查病毒信,廣告信記錄  通知用戶掃毒,或勸說用戶勿寄發廣告信 (3-3) 用戶Quota是否已滿  通知用戶Quota已滿 (3-4) 後端MS Server是否異常 (smtpdx , local MDA 等)  視情況處理 (4) MX & MS Server Queue是否衝高  flush queue等作業 (5) 請用戶提供近三個月曾經成功收到該寄件者的信件  查詢Header (6) 研判為他網問題 障礙資訊需提供: 他網SMTP Server IP , 雙方E-Mail , 對方寄件日期

  21. 用戶寄出信件後,對方收不到 • 檢查流程: (1) 詢問用戶有無收到退信內容 (2) 檢查 maildebug 以及maillog : (2-1) Client IP 是否連線異常 (Connection Dropped , Connection Lost)  網路品質 (2-2) amavis log , 查病毒信或廣告信記錄  通知用戶掃毒,或勸說用戶勿寄發廣告信 (2-3) 檢查是否有”暫時性失敗”或”永久性失敗”之記錄  我方/他網問題 (3) SMTP Server Queue是否衝高 flush queue等作業 (4) 研判為他網問題 障礙資訊需提供: 雙方E-Mail , 用戶寄件日期與時間 , 用戶Outlook設定的SMTP Server

  22. 用戶寄不出信件,Outlook跳出錯誤碼 • 檢查流程: (1) 檢查 DenyIP , DenyMailfrom , DenyDomain (2) 檢查TrustIP (3) Client端MUA與網路設定  SMTP/POP3 Server , DNS Server (4) Client端是否網路/軟體異常  請用戶單機測試,不接防火牆,不裝防毒軟體, 以及轉單至CM/ADSL單位檢查網路品質 (5) 派工CMTS / ADSL 障礙資訊需提供: 用戶 IP , 雙方E-Mail , 用戶 DNS Server , 用戶Outlook設定之 SMTP Server ,Outlook錯誤碼, Cable Modem型號

  23. 用戶寄件後,對方等待很久才收到信件 • 檢查流程: (1) 檢查 maillog : (1-1) 收件端Server是否異常  申告他網障礙 (1-2) 當時SMTP Server Queue是否衝高  delay值,視情況處理 障礙資訊需提供: 雙方E-Mail , 用戶寄件日期與時間

  24. 用戶等待很久後才收到寄件方寄過來的信件 • 檢查流程: (1) 檢查 maillog : (1-1) 檢查收信日期與時間是否與寄件日期時間吻合  若吻合,則為他網問題 (1-2) 我方MX Server是否異常,Queue是否衝高  視情況處理 障礙資訊需提供: 雙方E-Mail , 用戶寄件日期與時間

  25. 用戶帳號/密碼錯誤 • 檢查流程: (1) 檢查 Tercel 資料是否與用戶提供有吻合  帳務或API問題 (2) 檢查MailPass資料是否與用戶提供有吻合  API問題,請TSD協助處理 (3) 新增/修改 MailPass與MailCheck 障礙資訊需提供: 帳號,密碼

  26. Q & A

More Related