Server 2008 R2,MS IIS build 7.5 仅用作传出 SMTP 中继。会话/消息限制和附件限制设置为每个附件和会话 500 MB。附件大小在 10-20 KB 之间。
当通过我们的 发送大量电子邮件时GoldMine CRM software
,附件会以 base64 编码的形式出现在正文中。如果我通过 Outlook 发送,它工作正常。通过 向GoldMine
个人发送带有附件的电子邮件时,发送正常。只有发送给多个收件人时才会这样。这也包括HTML
基于电子邮件。HTML 将以纯文本形式发送,不会被解析。
如果我将传出 SMTP 更改为使用我们的 ISP 服务器(也是 IIS 7.5 中继(relay.somedomain.com - 66.110.xx)),它就会成功通过。
xmail*.myhosting.com 是我们用来接收电子邮件的第三方电子邮件托管提供商。我们停止使用它们作为外发主机,因为我们经常被 RBL 列入黑名单。
以下是电子邮件服务器日志:
#Software: Microsoft Internet Information Services 7.5
#Version: 1.0
#Date: 2016-05-17 13:12:32
#Fields: date time c-ip cs-username s-computername s-ip s-port cs-method cs-uri-query sc-status sc-win32-status sc-bytes cs-bytes time-taken cs-version cs-host cs(User-Agent)
2016-05-17 13:12:32 192.168.x.x MAILSVR01.localdomain.com MAILSVR01 192.168.4.15 0 EHLO +MAILSVR01.localdomain.com 250 0 231 36 0 SMTP - -
2016-05-17 13:12:32 192.168.x.x MAILSVR01.localdomain.com MAILSVR01 192.168.4.15 0 MAIL +FROM:<[email protected]> 250 0 46 33 0 SMTP - -
2016-05-17 13:12:32 192.168.x.x MAILSVR01.localdomain.com MAILSVR01 192.168.4.15 0 RCPT +TO:<[email protected]> 250 0 35 32 0 SMTP - -
2016-05-17 13:12:32 192.168.x.x MAILSVR01.localdomain.com MAILSVR01 192.168.4.15 0 RCPT +TO:<[email protected]> 250 0 33 30 0 SMTP - -
2016-05-17 13:12:32 192.168.x.x MAILSVR01.localdomain.com MAILSVR01 192.168.4.15 0 RCPT +TO:<[email protected]> 250 0 32 29 0 SMTP - -
2016-05-17 13:12:32 192.168.x.x MAILSVR01.localdomain.com MAILSVR01 192.168.4.15 0 RCPT +TO:<[email protected]> 250 0 38 35 0 SMTP - -
2016-05-17 13:12:32 192.168.x.x MAILSVR01.localdomain.com MAILSVR01 192.168.4.15 0 RCPT +TO:<[email protected]> 250 0 37 34 0 SMTP - -
2016-05-17 13:12:32 192.168.x.x MAILSVR01.localdomain.com MAILSVR01 192.168.4.15 0 RCPT +TO:<[email protected]> 250 0 34 31 0 SMTP - -
2016-05-17 13:12:32 192.168.x.x MAILSVR01.localdomain.com MAILSVR01 192.168.4.15 0 DATA +<SjQ5TkVLTShMNzFHJD5QNTk3ODk5NzEy@MAILSVR01> 250 0 130 43284 15 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionResponse MAILSVR01 - 25 - 220+relay.COC.com+Microsoft+ESMTP+MAIL+Service,+Version:+7.5.7600.16385+ready+at++Tue,+17+May+2016+09:12:31+-0400+ 0 0 114 0 0 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionCommand MAILSVR01 - 25 EHLO MAILSVR01.localdomain.com 0 0 4 0 0 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionResponse MAILSVR01 - 25 - 250-relay.somedomain.com+Hello+[66.110.xx.xxx] 0 0 39 0 0 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionCommand MAILSVR01 - 25 MAIL FROM:<[email protected]>+SIZE=43574 0 0 4 0 0 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionResponse MAILSVR01 - 25 - [email protected]+OK 0 0 44 0 0 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionCommand MAILSVR01 - 25 RCPT TO:<[email protected]> 0 0 4 0 0 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionCommand MAILSVR01 - 25 RCPT TO:<[email protected]> 0 0 4 0 0 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionCommand MAILSVR01 - 25 RCPT TO:<[email protected]> 0 0 4 0 0 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionCommand MAILSVR01 - 25 RCPT TO:<[email protected]> 0 0 4 0 0 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionCommand MAILSVR01 - 25 RCPT TO:<[email protected]> 0 0 4 0 0 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionCommand MAILSVR01 - 25 RCPT TO:<[email protected]> 0 0 4 0 0 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionResponse MAILSVR01 - 25 - [email protected]+ 0 0 33 0 0 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionResponse MAILSVR01 - 25 - [email protected]+ 0 0 31 0 16 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionResponse MAILSVR01 - 25 - [email protected]+ 0 0 35 0 16 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionResponse MAILSVR01 - 25 - [email protected]+ 0 0 31 0 16 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionCommand MAILSVR01 - 25 BDAT 43574+LAST 0 0 4 0 16 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionResponse MAILSVR01 - 25 - 250+2.6.0+<[email protected]>+Queued+mail+for+delivery 0 0 78 0 344 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionCommand MAILSVR01 - 25 QUIT - 0 0 4 0 344 SMTP - -
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionResponse MAILSVR01 - 25 - 221+2.0.0+relay.somedomain.com+Service+closing+transmission+channel 0 0 60 0 344 SMTP - -
2016-05-17 13:12:34 192.168.x.x MAILSVR01.localdomain.com MAILSVR01 192.168.4.15 0 QUIT MAILSVR01.localdomain.com 240 1794 79 4 0 SMTP - -
接收带有标题的电子邮件的方式如下:
Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: (qmail 26071 invoked from network); 17 May 2016 12:33:54 -0000
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on xsa04.softcom.biz
X-Spam-Level:
X-Spam-DCC: : xsa04 1323; Body=1 Fuz1=1
X-Spam-Pyzor:
X-Spam-Status: No, score=-0.1 hits=-0.1 required=5.0 tests=AWL,BAYES_00,
MISSING_HEADERS,RDNS_NONE,URIBL_BLOCKED autolearn=no version=3.3.1
Received: from unknown (HELO relay.somedomain.com) ([66.110.xx.xx])
(envelope-sender <[email protected]>)
by xmail04.myhosting.com (qmail-ldap-1.03) with SMTP
for <[email protected]>; 17 May 2016 12:33:48 -0000
Received: from MAILSVR01.localdomain.com ([66.110.xx.xx]) by relay.somedomain.com with Microsoft SMTPSVC(7.5.7600.16385);
Tue, 17 May 2016 08:30:14 -0400
Received: from MAILSVR01.localdomain.com ([192.168.x.xx]) by MAILSVR01.localdomain.com with Microsoft SMTPSVC(7.5.7601.17514);
Tue, 17 May 2016 08:30:15 -0400
Date: Tue, 17 May 2016 08:30:15 -0400
From: Travis <[email protected]>
Subject: Test Day 2 #1
Bcc:
Return-Path: [email protected]
Message-ID: <[email protected]>
X-OriginalArrivalTime: 17 May 2016 12:30:14.0665 (UTC) FILETIME=[DCECC790:01D1B037]
To: ---redacted--
Message-ID: <SjQ5S09PSyFKWDEgJD5QNTk1MzYyNTEy@MAILSVR01>
Mime-Version: 1.0
Organization: Company Name
X-Mailer: GoldMine [2014.1.0.489]
X-GM-Attachments-Sync-Time: 20160517083014
Content-Type: multipart/mixed; boundary="nqp=nb64=()17phzZSPf"
Return-Path: [email protected]
X-OriginalArrivalTime: 17 May 2016 12:30:15.0874 (UTC) FILETIME=[DDA54220:01D1B037]
--nqp=nb64=()17phzZSPf
Content-Type: text/plain
Test day 2
--nqp=nb64=()17phzZSPf
Content-Type: image/jpeg; name="image9.jpeg"
Content-Disposition: attachment; filename="image9.jpeg"
Content-Transfer-Encoding: base64
/9j/4Q/+RXhpZgAATU0AKgAAAAgACwEPAAIAAAAGAAAAkgEQAAIAAAAJAAAAmAESAAMAAAAB
AAYAAAEaAAUAAAABAAAAogEbAAUAAAABAAAAqgEoAAMAAAABAAIAAAExAAIAAAAGAAAAsgEy
-----removed fluff to cut down for Server Fault character limit----
AKGhrCvfip8DkRkktNfYf9d7fj6/uqwm+K/wSBaSHT9dcdCDcwdPUYhqPrstbN/cy3RXl+B/
/9l=
--nqp=nb64=()17phzZSPf--
通过我们的 ISP 的 SMTP 成功发送电子邮件附件的标题。
Subject:Test Day 2 #2
Date:Tuesday, May 17, 2016 8:43 am
From:Travis <[email protected]>
To:<redcated recipients>
Org:Western Plastics
X-Mailer:GoldMine [2014.1.0.489]
MIME Version:1.0
MIME Type:multipart/mixed; boundary="nqp=nb64=()J6Ske6A0R"
Message-id:<SjQ5TEtDMSA5QF9JJD5QNTk2MTgyODU4@MAILSVR1>
Return-Path:<[email protected]>
Delivered-To:[email protected]
Received:(qmail 1683 invoked from network); 17 May 2016 12:47:28
-0000
X-Spam-Checker-Version:SpamAssassin 3.3.1 (2010-03-16) on
xsa09.softcom.biz
X-Spam-DCC:: xsa09 1323; Body=1 Fuz1=1
X-Spam-Status:No, score=0.5 hits=0.5 required=5.0
tests=AWL,BAYES_50, RDNS_NONE,URIBL_BLOCKED autolearn=no
version=3.3.1
Received:from unknown (HELO relay.COC.com) ([66.110.220.12])
(envelope-sender <[email protected]>) by
xmail08.myhosting.com (qmail-ldap-1.03) with SMTP for
<[email protected]>; 17 May 2016 12:47:24 -0000
Received:from MAILSVR1.localdomain.com ([66.110.xx.xx]) by
relay.somedomain.com with Microsoft SMTPSVC(7.5.7600.16385); Tue, 17 May
2016 08:43:54 -0400
Return-Path:[email protected]
X-OriginalArrivalTime:17 May 2016 12:43:54.0806 (UTC)
FILETIME=[C5C45D60:01D1B039]
Attachments:\\192.168.x.x\MailBox\Attach\TRAVIS\image7.jpeg
Test Email 2
答案1
经过大量仔细检查日志文件后终于弄明白了。
电子邮件客户端正在发送,DATA
但内部 SMTP 服务器通过智能主机将其发送出去BDAT
,显然这是一个潜在的 DDoS 问题,我猜想在某个地方它不允许它正确处理。我们的SonicWall
防火墙也可能以某种方式搞砸了它。
违规台词:
2016-05-17 13:12:32 66.110.xx.xxx OutboundConnectionCommand MAILSVR01 - 25 BDAT 43574+LAST 0 0 4 0 16 SMTP - -
因此解决方案是在本地 SMTP 服务器上禁用 BDAT、BINARYMIME 和 CHUNKING。
信用/来源链接:
https://adaptivethinking.wordpress.com/2010/12/21/smtp-esmtp-and-the-bdat-baddie/
https://joekiller.com/2007/09/19/bdat-causing-smtp-service-to-drop-email/
如果链接不再可用,这里是他们概述的步骤。
Telnet 到邮件主机并发出ehlo
命令。检查服务器返回的动词。它应该有BINARYMIME
和CHUNKING
列出。完成这些步骤后,您将不会看到这些。
验证BINARYMIME
并CHUNKING
已打开。:
telnet localhost 25
Type ehlo
220 MAILSVR Microsoft ESMTP MAIL Service, Version: 7.5.76
01.17514 ready at Tue, 14 Mar 2017 12:18:50 -0400
ehlo
250-MAILSVR Hello [168.1.1.1]
250-TURN
250-SIZE 51200000
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-BINARYMIME
250-CHUNKING
250-8bitmime
250-VRFY
250-TLS
250-STARTTLS
250 OK
打开IIS Metabase Explorer
导航LM\SmtpSvc\1
寻找SmtpInboundCommandSupportOptions
这里的默认值是7697601
。我知道我想禁用 BINARYMIME 和 CHUNKING 动词,因此使用此处有表格我从中减去了2097152
(BINARYMIME)和1048576
(CHUNKING)7697601
:
7697601 - (2097152 + 1048576) = 4551873
将值设置SmtpInboundCommandSupportOptions
为4551873
禁用 BDAT
导航LM\SmtpSvc
将值SmtpOutboundCommandSupportOptions
从更改7
为5
关闭IIS Metabase Explorer
并重新启动IIS Admin Service
(这反过来会重新启动Simple Mail Transfer Protocol
(SMTP) 服务)。
重复上述步骤,通过 连接到服务器telnet
并验证它们是否已被删除。如果尚未删除,请确保您\1
在进行更改时处于子目录中。
答案2
我想补充@Travis 的精彩回答。
就我而言,我正在运行 IIS6 SMTP 服务器将邮件中继到 IBM Domino 服务器。
我们希望允许一封电子邮件中包含多个附件,但发现多个附件会导致BDAT
在中继时调用 IIS,而 Domino 服务器不支持这种情况,因此会默默丢弃整封电子邮件。
我SmtpOutboundCommandSupportOptions
按照建议进行了更改并重新启动了IIS Admin Service
。
奇怪的是,我们最多可以传递 4 个附件,但在传递第五个附件时,它会恢复为调用BDAT
。
每这篇 Peer Wisdom 博客文章SmtpInboundCommandSupportOptions
,和的值SmtpOutboundCommandSupportOptions
实际上应该遵循相同的模式。
设置SmtpOutboundCommandSupportOptions
解决4551873
了我的问题。