SMTP Logging
Logging
SMTP protocol activity provides administrators with a powerful tool
when troubleshooting issues with message delivery. By enabling SMTP
logging, administrators can capture the SMTP conversations with email
servers during message transport. Each Receive and Send Connector in an
Exchange 2007 environment has the capability of logging
SMTP activity, providing information regarding messaging commands that
a user sends to the Exchange Server 2007 server. This includes, but is
not limited to, such information as IP address, bytes sent, data, time,
protocol, and domain name.
To enable SMTP
protocol logging, administrators must enable the feature on each Send
and Receive Connector on each 2007 Exchange server where logging is
desired. By default, SMTP logging is disabled on all Send and Receive
Connectors.
Configure SMTP Logging from the Exchange Management Console
The
configuration of SMTP protocol logging utilizing the Exchange
Management Console is limited to enabling or disabling the feature. To
enable or disable SMTP protocol logging from the Exchange Management
Console, perform the following tasks:
1. | Start
the Exchange Management Console by selecting Start, All Programs,
Microsoft Exchange Server 2007, Exchange Management Console.
|
2. | Locate the Send or Receive Connector on which you want to enable logging.
- For Hub Transport Send Connectors—
In the console tree, select Organization Configuration, then Hub
Transport. In the results pane, click the Send Connectors tab, and then
select the appropriate Send Connector.
- For Hub Transport Receive Connectors—
In the console tree, select Server Configuration, then Hub Transport.
Select the appropriate server in the results pane, and then select the
appropriate connector in the bottom half of the results pane.
- For Edge Transport Connectors—
On the Edge Transport server, select Edge Transport in the console
tree. Select the appropriate server in the results pane, and then
select the Receive Connectors or Send Connectors tab in the bottom half
of the results pane. Select the desired connector from those displayed.
|
3. | After you have selected the appropriate connector, select Properties from the action pane.
|
4. | On the General tab, configure the desired protocol logging level. By default, all connectors are set to None.
|
Configure SMTP Logging from the Exchange Management Shell
Most
of the configuration settings for SMTP protocol logging must be
accomplished from the Exchange Management Shell. All of the following
commands must be performed from within the Exchange Management Shell.
For all following commands, arguments that contain a space must be in quotes. For example, where the command says <connector name>, an administrator might put "Default Receive Connector", or where the command says <LogPath>, the administrator might put "C:\Receive Log Files".
To enable SMTP protocol logging on a Receive Connector:
Set-ReceiveConnector <ConnectorName> -ProtocolLoggingLevel Basic
To disable SMTP protocol logging on a Receive Connector:
Set-ReceiveConnector <ConnectorName> -ProtocolLoggingLevel None
To enable or disable SMTP protocol logging on a Send Connector:
Use the same commands as previously shown, but replace Set-ReceiveConnector with Set-SendConnector.
Sample command: To enable SMTP protocol logging on a Receive Connector called Default Receive Connector, use the following command:
Set-ReceiveConnector "Default Receive Connector" –ProtocolLoggingLevel Basic
Changing the Protocol Log Path
Exchange
Server 2007 allows administrators to specify the location of the Send
and Receive log files. The log files for all Send Connectors on a
particular server are in one location, and the log files for all
Receive Connectors are in another.
By default, these files are located in the following locations:
To change the default location for these log files, use the following commands in the Exchange Management Shell:
Change log file location for the Receive Connectors:
Set-TransportServer <Identity> -ReceiveProtocolLogPath <LogPath>
Change log file location for the Send Connectors:
Set-TransportServer <Identity> -SendProtocolLogPath <LogPath>
Sample command: To set the Receive SMTP protocol log path for all Receive Connectors on Server1 to C:\SMTP Receive Logs, use the following command:
Set-TransportServer Server1 -ReceiveProtocolLogPath "C:\SMTP Receive Logs"
Configuring Log File and Log Directory Maximum Size
To
prevent log files from growing so large that they deplete all available
disk space, Exchange Server 2007 allows administrators to configure
maximum log file and directory sizes. This
configuration setting is a per-server setting and, by default, the
maximum directory size is 250MB, whereas the maximum log file size is
10MB. When the maximum file size is reached, Exchange opens a new log
file. When the maximum directory size is reached, Exchange overwrites
the log files, starting with the oldest logs first.
To
configure SMTP protocol log directory and file sizes, use the following
commands in the Exchange Management Shell. Be aware, these commands
must be performed for each server that you want to modify. The <DirectorySize> and <FileSize> arguments should be entered as a number followed by one of the following:
B (bytes)
KB (kilobytes)
MB (megabytes)
GB (gigabytes)
TB (terabytes)
Change maximum size for Receive SMTP protocol log directory:
Set-TransportServer <Identity> -ReceiveProtocolMaxDirectorySize <DirectorySize>
Change maximum size for Send SMTP protocol log directory:
Set-TransportServer <Identity> -SendProtocolMaxDirectorySize <DirectorySize>
Change maximum size for Receive SMTP protocol log files:
Set-TransportServer <Identity> -ReceiveProtocolMaxFileSize <FileSize>
Change maximum size for Send SMTP protocol log files:
Set-TransportServer <Identity> -SendProtocolMaxFileSize <FileSize>
Sample command: To set the maximum size for the Receive SMTP protocol log directory on Server1 to 1 Gigabyte, use the following command:
Set-TransportServer Server1 –ReceiveProtocolMaxDirectorySize 1GB
Configuring the Maximum Age for the SMTP Protocol Log
In
addition to having the ability to configure the maximum file and
directory sizes for SMTP protocol logs, administrators can also
configure a maximum age for each SMTP protocol log file. The default
age for all log files is set to 30 days, and any log files that exceed
this age are deleted by Exchange.
To change the maximum age of SMTP protocol log files, use the following commands in the Exchange Management Shell. The <Age> argument is entered in the following format: DD.HH:MM:SS, for Days, Hours, Minutes, Seconds.
Change maximum age for the Receive SMTP protocol log file:
Set-TransportServer <Identity> -ReceiveProtocolLogMaxAge <Age>
Change maximum age for the Send SMTP protocol log file:
Set-TransportServer <Identity> -SendProtocolLogMaxAge <Age>
Sample command: To set the maximum age of the Send SMTP protocol log file on Server1 to 60 days, use the following command:
Set-TransportServer Server1 –SendProtocolLogMaxAge 60.00:00:00
