To check the Anti-Spam logs on a Exchange 2010 server, you can do this:

  • The default logs files for the antispam agents are on: %exchangeinstallpath%TransportRoles\Logs\AgentLog
  • At this location you can see a lot of files (see the image)
  • logs1
  • on this files there are each email processed
  • for example in my domain “domain.com “:

18T03:03:15.515Z,08D311EA4154AD0F, 192.168.100.8:25,151.236.48.207:58980,151.236.48.207, <80c3768608e1d9e11c129b76aed5415b@poix.medios-alternativo.com> ,re@medios-alternativo.com,pssst@medios-alternativo.com;,info@domain.com,1, Content Filter Agent,OnEndOfData,RejectMessage,550 5.7.1 Message rejected as spam by Content Filtering.,SclAtOrAboveRejectThreshold,9,DV:3.3.15601.886;SID:SenderIDStatus Pass;TIME:TimeBasedFeatures


2016-02-18T03:36:32.448Z,08D311EA4154AD1E, 192.168.100.8:25,67.23.245.38:52107,67.23.245.38, ,albari@comercialrebesco.com.br ,,comercial@domain.com,1, Connection Filtering Agent, OnRcptCommand,RejectCommand,550 5.7.1 dnsbl.sorbs.net has blocked your IP address (67.23.245.38) using the list ‘dnsbl.sorbs.net’. Please see http://www.au.sorbs.net/lookup.shtml for further information. This organization has no control over this RBL (Realtime Block List).,BlockListProvider,dnsbl.sorbs.net,


2016-02-18T04:13:42.025Z,08D311EA4154AD30,192.168.100.8:25, 207.46.100.134:52792,207.46.100.134, <56c544d85d73c_8df325c446c11350849@yammer.com>,noreply@yammer.com,noreply@yammer.com; ,test@domain.com,1,Content Filter Agent,OnEndOfData,AcceptMessage,,SCL,0,


2016-02-18T04:28:36.115Z,08D311EA4154AD38,192.168.100.8:25, 42.200.38.202:59286,42.200.38.202,, sales_02@guowaiyoujian.win,,domain@domain.com,1,Connection Filtering Agent,OnRcptCommand,RejectCommand,550 5.7.1 zen.spamhaus.org has blocked your IP address (42.200.38.202) using the list ‘zen.spamhaus.org’. Please see http://www.spamhaus.org/query/bl?ip=42.200.38.202 for further information. This organization has no control over this RBL (Realtime Block L,BlockListProvider,zen.spamhaus.org,

Facebooktwittergoogle_plusredditpinterestlinkedinmail