This page displays the current day's logging information for the anti-spam features of IMail Server. The log files also contain any text that is returned by a black list if a message’s IP address is listed. If verbose logging is enabled, the log files contain detailed information such as changes to anti-spam settings, entries in the white list or exclude list, words used in statistical filtering, HTML features found, and the URL domain links found. Other anti-spam events that are in the log file include:
Enabling/disabling phrase filtering or statistical filtering.
Initialization of phrase filtering and statistical filtering for each message.
Verification checks performed on a message and the results.
Connections to DNS black lists and the results of the connection.
Changes to the HTML feature filtering configuration.
Initialization of the URL Domain Black List.
The file format for anti-spam log lines is similar to that of the IMail Server logs, except that anti-spam log messages also contain an anti-spam message ID. The generic format of a log file entry is:
Date - Time - Thread or Process ID –Anti-Spam Message ID - Host name ?Entry Type - Message
Example
Anti-Spam Message ID
When the anti-spam engine processes a message, it assigns it a message ID. This message ID allows you to identify all log entries for specific messages. For example, if you want to identify all log entries for the above example, you would look for every entry that contains the anti-spam message ID of (00001316).
All log messages are preceded by the following line:
month:day hour:minute app_name(connection_ID)
Month: The month the message was logged.
Day: The day of the month that the message was logged.
Hour: The hour of the day (24 hour clock) that the message was logged.
Minute: The minute that the message was logged.
app_name: The application that logged the message (i.e. SMTPD, SMTP, ect.)
connection_id: The ID of the message that is used in the IMail SMTPD and SMTP log. This can be used to cross reference messages in the spam log with those in the SMTPD and SMTP logs for IMail Server.
Most log messages also have the following line:
[message_id] <domain>
message_id: Every message that is saved is assigned a message ID for logging purposes since multiple messages can be delivered on a single connection. This makes it easier to group log messages, since they will be mixed together as the spam checking is done simultaneously for all messages.
domain: This is the IMail Server domain for which the message is logged.
Many black list log messages refer to the configured black list as a service and identify the black list by the following line:
(name:server:query_domain)
name: The configured name of the black list.
server: The fully qualified domain name or IP address of the black list server.
query_domain: The area of the domain to contact on the black list server.
Note: For a complete list of all anti-spam log lines, see the IMail Administrator Help or the IMail Server User's Guide.