The following table lists the log fields that can be included in
SMTP Message Screener log entries by setting the corresponding bit
in the LogFieldSelection
property of the FPCLog
object for SMTP Message Screener logging.
| Bit number |
Field name |
Description |
| 0 |
Log Date |
The date on which the logged event occurred. |
| 1 |
Log Time |
The time when the logged event occurred. In W3C format, this is
the Coordinated Universal Time (UTC). |
| 2 |
Sender |
The name of the sender as specified, for example, in the FROM:
field of the SMTP header. Only the first seventy two characters are
included in a log entry. |
| 3 |
Recipient |
The list of recipients as specified, for example, in the TO:
field of the SMTP header. Only the first seventy two characters are
included in a log entry. |
| 4 |
Subject |
The subject of the message as specified in the SUBJECT: field
of the SMTP header. Only the first seventy two characters are
included in a log entry. |
| 5 |
Message ID |
The unique identifier of the message as specified in the
MESSAGE-ID field of the SMTP header. Only the first seventy two
characters are included in a log entry. |
| 6 |
Action |
The action taken by ISA Server. This field may contain one of
the following possible actions:
- Delete. (The message is deleted.)
- Hold. (The message is stored in the BadMail queue.)
- Forward. (The message is forwarded to a different recipient
that is not specified in the original message).
- Pass. (The message is sent to the recipient specified in the
Recipient field.)
|
| 7 |
Reason |
The reason why ISA Server performed the action specified in the
Action field. This field may contain one of the following possible
reasons:
- Some message properties could not be read. Taking default
action. (The default action is Hold.)
- Policy rule stamp could not be found in the message. Taking
default action. (The default action is Hold. The policy rule stamp
is an indication that ISA Server puts in the message to let the
message screener know which rule should be applied to the message.
This is generated if the message did not pass via the SMTP
application filter before being passed to the SMTP message
screener.)
- Logger is not initialized yet. Taking default action. (Default
action is Hold.)
- Policy rule could not be read. Taking default action. (Default
action is Hold).
- Failed while trying to forward the message. (The specific error
code is also listed here).
- The SMTP message screener policy rule does not allow messages
from sender.
- The SMTP message screener policy rule does not allow
attachment.
- The SMTP message screener policy rule does not allow attachment
extension.
- The SMTP message screener policy rule does not allow
attachments of specified size.
- The SMTP message screener policy rule does not allow messages
with specified subject.
- The SMTP message screener policy rule does not allow messages
with specified message body.
|