IronPort - commandes en vrac
Alasta 18 Juin 2015 cisco cisco ironport cli
Description : Quelques commandes CLI pour IronPort
Forcer l’envoie des mails en attente :
(Host_IronPort)> delivernow
Please choose an option for scheduling immediate delivery.
1. By recipient host
2. All messages
[1]> 2
Rescheduling all messages for immediate delivery.
Suspendre un listener
Si vous souhaitez temporairement ne plus recevoir ou émettre de message, vous devrez suspendre le listener adéquat.
(Host_IronPort)> suspendlistener
Choose the listener(s) you wish to suspend.
Separate multiple entries with commas.
1. All
2. IncomingMail
3. OutboundMail
[1]> 2
Enter the number of seconds to wait before abruptly closing connections.
[30]>
Waiting for listeners to exit...
Receiving suspended for IncomingMail.
Note : attention, cela survie au reboot !
Relancer un listener
Si vous avez arrêté un listener et que vous souhaitez le relancer.
(Host_IronPort)> resumelistener
Choose the listener(s) you wish to resume.
Separate multiple entries with commas.
1. All
2. IncomingMail
3. OutboundMail
[1]> 2
Receiving resumed for IncomingMail.
Status
(Host_IronPort)>status
Enter "status detail" for more information.
Status as of: Thu Jun 18 12:47:47 2015 CEST
Up since: Mon Jun 10 08:43:36 2015 CEST (8d 4h 4m 11s)
Last counter reset: Never
System status: Online
Oldest Message: 6 days 13 mins 3 secs
Feature - McAfee: 30 days
Feature - Sophos Anti-Virus: 30 days
Feature - Bounce Verification: Perpetual
Feature - Centralized Management: 215 days
Feature - IronPort Anti-Spam: 198 days
Feature - IronPort Email Encryption: 30 days
Feature - RSA Email Data Loss Prevention: 30 days
Feature - Incoming Mail Handling: Perpetual
Feature - Outbreak Filters: 30 days
Counters: Reset Uptime Lifetime
Receiving
Messages Received 54,491,021 264,615 54,491,021
Recipients Received 59,018,184 296,556 59,018,184
Rejection
Rejected Recipients 597,041 1,091 597,041
Dropped Messages 42,275 2,120 42,275
Queue
Soft Bounced Events 1,858,032 6,044 1,858,032
Completion
Completed Recipients 58,973,872 293,040 58,973,872
Current IDs
Message ID (MID) 55508420
Injection Conn. ID (ICID) 169346250
Delivery Conn. ID (DCID) 27473021
Gauges: Current
Connections
Current Inbound Conn. 5
Current Outbound Conn. 2
Queue
Active Recipients 1,387
Messages In Work Queue 0
Messages In Quarantine 0
Kilobytes Used 16,736
Kilobytes In Quarantine 0
Kilobytes Free 34,586,272
Note : Pour plus d’information (CPU par feature, …), il est possible d’utiliser la commande status details
Version de l’appliance
(Host_IronPort)> version
Current Version
===============
Product: Cisco IronPort C370 Messaging Gateway(tm) Appliance
Model: C370
Version: 7.6.1
Build Date: 2012-12-02
Install Date: 2013-01-22 15:49:22
Serial #: XXLLPPLLPPXHHYGTG
BIOS: 2.1.9C
RAID: 1.21.02-0528, 2.01.00, 1.02-014B
RAID Status: Optimal
RAID Type: 1
BMC: 1.85
Licenses
(Host_IronPort)> featurekey
Module Quantity Remaining Expiration Date
Centralized Management 2 215 days Tue Jan 19 12:10:50 2016
IronPort Email Encryption 1 30 days Dormant
IronPort Anti-Spam 25000 198 days Sat Jan 2 12:13:30 2016
Sophos Anti-Virus 1 30 days Dormant
Bounce Verification 1 Perpetual N/A
Incoming Mail Handling 1 Perpetual N/A
Outbreak Filters 1 30 days Dormant
RSA Email Data Loss Prevention 1 30 days Dormant
McAfee 1 30 days Dormant
Choose the operation you want to perform:
- ACTIVATE - Activate a (pending) key.
- CHECKNOW - Check now for new feature keys.
[]>
Configuration des Listener
(Host_IronPort)> listenerconfig
NOTICE: This configuration command has not yet been configured for the current cluster mode (Machine IronPort-Cluster).
What would you like to do?
1. Switch modes to edit at mode "Cluster Cluster_IronPort".
2. Start a new, empty configuration at the current mode (Machine IronPort).
3. Copy settings from another cluster mode to the current mode (Machine IronPort).
[1]> 1
Currently configured listeners:
1. Adm (on ADM) SMTP TCP Port 25 Private
2. From_Priv (on Virt3_Data1) SMTP TCP Port 25 Private
3. Into_Soc1 (on Virt2_Data1) SMTP TCP Port 25 Public
4. Into_Soc2 (on Virt1_Data1) SMTP TCP Port 25 Public
Choose the operation you want to perform:
- NEW - Create a new listener.
- EDIT - Modify a listener.
- DELETE - Remove a listener.
- SETUP - Change global settings.
- CLUSTERSET - Set how listeners are configured in a cluster.
- CLUSTERSHOW - Display how listeners are configured in a cluster.
[]>
Configuration d’interface
(Host_IronPort)> interfaceconfig
Currently configured interfaces:
1. ADM (192.168.1.1/24 on Management: IronPort-ADMIN)
2. Bounce (192.168.2.2/24 on Data 1: IronPort-BOUNCE)
3. Virt1_Data1 (192.168.3.3/24 on Data 1: priv.domain.com)
4. Virt2_Data1 (192.168.4.4/24 on Data 1: soc1.domain.com)
5. Virt3_Data1 (192.168.5.5/24 on Data 1: soc2.domain.com)
Choose the operation you want to perform:
- NEW - Create a new interface.
- EDIT - Modify an interface.
- GROUPS - Define interface groups.
- DELETE - Remove an interface.
[]>
Routes SMTP
(Host_IronPort)> smtproutes
NOTICE: This configuration command has not yet been configured for the current cluster mode (Machine IronPort).
What would you like to do?
1. Switch modes to edit at mode "Cluster Cluster_IronPort".
2. Start a new, empty configuration at the current mode (Machine IronPort).
3. Copy settings from another cluster mode to the current mode (Machine IronPort).
[1]> 1
There are currently 20 routes configured.
Choose the operation you want to perform:
- NEW - Create a new route.
- EDIT - Edit destinations of an existing route.
- DELETE - Remove a route.
- PRINT - Display all routes.
- IMPORT - Import new routes from a file.
- EXPORT - Export all routes to a file.
- CLEAR - Remove all routes.
- CLUSTERSET - Set how SMTP routes are configured in a cluster.
- CLUSTERSHOW - Display how SMTP routes are configured in a cluster.
[]> print
domain1.com: 10.1.1.1
domain2.com: 10.2.2.2
domain3.fr: 10.3.3.3
domain4.com: 10.4.4.4
There are currently 4 routes configured.
Choose the operation you want to perform:
- NEW - Create a new route.
- EDIT - Edit destinations of an existing route.
- DELETE - Remove a route.
- PRINT - Display all routes.
- IMPORT - Import new routes from a file.
- EXPORT - Export all routes to a file.
- CLEAR - Remove all routes.
- CLUSTERSET - Set how SMTP routes are configured in a cluster.
- CLUSTERSHOW - Display how SMTP routes are configured in a cluster.
[]>
Backup par mail
(Host_IronPort)> mailconfig
Please enter the email address to which you want to send the configuration file.
Separate multiple addresses with commas.
[]> adm@domain1.com
Do you want to mask the password? Files with masked passwords cannot be loaded using loadconfig command. [Y]>
The configuration file has been sent to adm@domain1.com.
Affichage des filtres
(Host_IronPort)> filters
Choose the operation you want to perform:
- NEW - Create a new filter.
- DELETE - Remove a filter.
- IMPORT - Import a filter script from a file.
- EXPORT - Export filters to a file
- MOVE - Move a filter to a different position.
- SET - Set a filter attribute.
- LIST - List the filters.
- DETAIL - Get detailed information on the filters.
- LOGCONFIG - Configure log subscriptions used by filters.
- ROLLOVERNOW - Roll over a filter log file.
- CLUSTERSET - Set how filters are configured in a cluster.
- CLUSTERSHOW - Display how filters are configured in a cluster.
[]> list
Num Active Valid Name
1 N Y AltSrcInt
2 Y Y Filter_Whitelist
3 Y Y Antispoofing_Enveloppe
4 Y Y Antispoofing_Header
Choose the operation you want to perform:
- NEW - Create a new filter.
- DELETE - Remove a filter.
- IMPORT - Import a filter script from a file.
- EXPORT - Export filters to a file
- MOVE - Move a filter to a different position.
- SET - Set a filter attribute.
- LIST - List the filters.
- DETAIL - Get detailed information on the filters.
- LOGCONFIG - Configure log subscriptions used by filters.
- ROLLOVERNOW - Roll over a filter log file.
- CLUSTERSET - Set how filters are configured in a cluster.
- CLUSTERSHOW - Display how filters are configured in a cluster.
[]>
tail
(Host_IronPort)> tail
This command is restricted to run in machine mode of the machine you are logged in to. Do you want to switch to "Machine
IronPort" mode? [Y]>
Currently configured logs:
Log Name Log Type Retrieval Interval
---------------------------------------------------------------------------------
1. antispam Anti-Spam Logs Manual Download None
2. antivirus Anti-Virus Logs Manual Download None
3. asarchive Anti-Spam Archive Manual Download None
4. authentication Authentication Logs Manual Download None
5. avarchive Anti-Virus Archive Manual Download None
6. bounces Bounce Logs Manual Download None
7. encryption Encryption Logs Manual Download None
8. error_logs IronPort Text Mail Logs Manual Download None
9. euq_logs Spam Quarantine Logs Manual Download None
10. euqgui_logs Spam Quarantine GUI Logs Manual Download None
11. ftpd_logs FTP Server Logs Manual Download None
12. gui_logs HTTP Logs Manual Download None
13. mail_logs IronPort Text Mail Logs Manual Download None
14. repeng Reputation Engine Logs Manual Download None
15. reportd_logs Reporting Logs Manual Download None
16. reportqueryd_logs Reporting Query Logs Manual Download None
17. scanning Scanning Logs Manual Download None
18. snmp_logs SNMP Logs FTP Push - Host 192.168.6.6None
19. sntpd_logs NTP logs Manual Download None
20. status Status Logs Manual Download None
21. system_logs System Logs Manual Download None
22. trackerd_logs Tracking Logs Manual Download None
23. updater_logs Updater Logs Manual Download None
Enter the number of the log you wish to tail.
[]> 13
Press Ctrl-C to stop.
Thu Jun 18 12:51:42 2015 Info: MID 55508656 Message-ID '<7746D226-9967-4237-BB0A-D688888854CC@toto.com>'
Thu Jun 18 12:51:42 2015 Info: MID 55508656 Subject '=?iso-8859-1?Q?Retour
...'
grep
(Host_IronPort)> grep
Currently configured logs:
Log Name Log Type Retrieval Interval
---------------------------------------------------------------------------------
1. antispam Anti-Spam Logs Manual Download None
2. antivirus Anti-Virus Logs Manual Download None
3. asarchive Anti-Spam Archive Manual Download None
4. authentication Authentication Logs Manual Download None
5. avarchive Anti-Virus Archive Manual Download None
6. bounces Bounce Logs Manual Download None
7. encryption Encryption Logs Manual Download None
8. error_logs IronPort Text Mail Logs Manual Download None
9. euq_logs Spam Quarantine Logs Manual Download None
10. euqgui_logs Spam Quarantine GUI Logs Manual Download None
11. ftpd_logs FTP Server Logs Manual Download None
12. gui_logs HTTP Logs Manual Download None
13. mail_logs IronPort Text Mail Logs Manual Download None
14. repeng Reputation Engine Logs Manual Download None
15. reportd_logs Reporting Logs Manual Download None
16. reportqueryd_logs Reporting Query Logs Manual Download None
17. scanning Scanning Logs Manual Download None
18. snmp_logs SNMP Logs FTP Push - Host 192.168.6.6None
19. sntpd_logs NTP logs Manual Download None
20. status Status Logs Manual Download None
21. system_logs System Logs Manual Download None
22. trackerd_logs Tracking Logs Manual Download None
23. updater_logs Updater Logs Manual Download None
Enter the number of the log you wish to grep.
[]> 13
Enter the regular expression to grep.
[]> domain12.fr
Do you want this search to be case insensitive? [Y]>
Do you want to tail the logs? [N]>
Do you want to paginate the output? [N]>
Define file selection pattern.
[]>
Wed May 20 03:41:46 2015 Info: MID 53722598 ICID 161154185 RID 0 To: <titi@domain12.fr>
Wed May 20 03:41:56 2015 Info: MID 53722599 ICID 161154212 RID 0 To: <toto@domain12.fr>
....
trace
(Host_IronPort)> trace
Enter the source IP:
[]> 8.8.8.8
Enter the fully qualified domain name of the source IP (If left blank, a reverse DNS lookup will be performed on the source
IP. To clear the existing value, enter 'NONE'.):
[]>
Select the listener to trace behavior on:
1. Adm
2. Soc1
3. Soc2
4. Soc3
[1]> 3
Enter the domain name that has to be passed to HELO/EHLO.
[]> gmail.com
Fetching default SenderBase values...
Enter the SenderBase Network Owner ID of the source IP. The actual ID is N/A.
[N/A]> 2
Enter the SenderBase Reputation Score of the source IP. The actual score is N/A.
[N/A]> 2
Enter the Envelope Sender address:
[]> toto@gmail.com
Enter the Envelope Recipient addresses. Separate multiple addresses by commas.
[]> test@domain1.com
Load message from disk? [Y]> n
Enter or paste the message body here. Enter '.' on a blank line to end.
test
.
Processing HAT (Listener: Soc1)
- Fully Qualified Domain Name: google-public-dns-a.google.com
- Matched On: CLEAN_REPUTATION Sender Group (host sbrs[-1.0:10.0])
- Applying $ACCEPTED policy (ACCEPT behavior).
Policy Parameters:
- Maximum Message Size: 20M (Default)
- Maximum Number Of Connections From A Single IP: 10 (Default)
- Maximum Number Of Messages Per Connection: 10 (Default)
- Maximum Number Of Recipients Per Message: 50 (Default)
- Maximum Recipients Per Hour: Disabled (Default)
- Use SenderBase For Flow Control: Yes (Default)
- Virus Detection Enabled: Yes (Default)
- Allow TLS Connections: No (Default)
- Accept Untagged bounces: No
Processing MAIL FROM:
- Default Domain Processing: No Change
Processing Recipient List:
Processing test@domain1.com
- Default Domain Processing: No Change
- Domain Map: No Change
- RAT matched on test@domain1.Com, behavior = REJECT
Run through another debug session? [N]>
Dernière connexion admin
(Host_IronPort)> last
Username Remote Host Login Time Logout Time Total Time
======== ============= ================ ================ ==========
admin1 192.168.8.8 Thu Jun 18 12:20 still logged in 33m
admin2 192.168.9.9 Thu Jun 18 12:52 Thu Jun 18 12:53 0m
Reporting
(Host_IronPort)> tophosts
Sort results by:
1. Active Recipients
2. Connections Out
3. Delivered Recipients
4. Hard Bounced Recipients
5. Soft Bounced Events
[1]> 1
Status as of: Thu Jun 18 12:54:50 2015 CEST
Hosts marked with '*' were down as of the last delivery attempt.
Active Conn. Deliv. Soft Hard
# Recipient Host Recip. Out Recip. Bounced Bounced
1* toto.fr 145 0 0 0 0
2* aaa.id 114 0 0 0 0
3* dddddddd.in 110 0 0 0 0
4* eeeee.net 43 0 0 0 0
5* zzzzz.vn 36 0 0 0 0
6* deutschland.de 34 0 0 0 0
7* zdzddzdzd.fr 25 0 0 0 2
8* zdzdz.com 23 0 0 0 0
9* static.com 23 0 0 0 0
...
Status d’un domaine
(Host_IronPort)> hoststatus
Recipient host:
[]> gmail.com
Host mail status for: 'gmail.com'
Status as of: Thu Jun 18 12:55:17 2015 CEST
Host up/down: up
Counters:
Queue
Soft Bounced Events 12
Completion
Completed Recipients 1,503
Hard Bounced Recipients 64
DNS Hard Bounces 0
5XX Hard Bounces 64
Filter Hard Bounces 0
Expired Hard Bounces 0
Other Hard Bounces 0
Delivered Recipients 1,439
Deleted Recipients 0
Gauges:
Queue
Active Recipients 0
Unattempted Recipients 0
Attempted Recipients 0
Connections
Current Outbound Connections 0
Pending Outbound Connections 0
Oldest Message No Messages
Last Activity Thu Jun 18 12:55:02 2015 CEST
Ordered IP addresses: (expiring at Thu Jun 18 13:07:15 2015 CEST)
Preference IPs
5 173.194.67.27
10 64.233.162.27
20 74.125.200.27
30 74.125.23.27
40 173.194.72.27
MX Records:
Preference TTL Hostname
5 11m57s gmail-smtp-in.l.google.com
10 11m57s alt1.gmail-smtp-in.l.google.com
20 11m57s alt2.gmail-smtp-in.l.google.com
30 11m57s alt3.gmail-smtp-in.l.google.com
40 11m57s alt4.gmail-smtp-in.l.google.com
Last 5XX Error:
----------
550 5.1.1 The email account that you tried to reach does not exist. Please try
----------
SMTPPING
(Host_IronPort)> diagnostic
Choose the operation you want to perform:
- RAID - Disk Verify Utility.
- DISK_USAGE - Check Disk Usage.
- NETWORK - Network Utilities.
- REPORTING - Reporting Utilities.
- TRACKING - Tracking Utilities.
- RELOAD - Reset configuration to the initial manufacturer values.
[]> network
Choose the operation you want to perform:
- FLUSH - Flush all network related caches.
- ARPSHOW - Show system ARP cache.
- NDPSHOW - Show system NDP cache.
- SMTPPING - Test a remote SMTP server.
- TCPDUMP - Dump ethernet packets.
[]> smtpping
[]> 22.22.22.22
Select a network interface to use for the test.
1. ADM
2. Virt1_Data1
3. Virt2_Data1
4. auto
[6]> 2
Do you want to type in a test message to send? If not, the connection will be tested but no email will be sent. [N]>
Starting SMTP test of host 22.22.22.22.
Connection to 22.22.22.22 succeeded.
Command HELO succeeded
Command MAIL FROM succeeded.
Test complete. Total time elapsed 5.01 seconds
Choose the operation you want to perform:
- FLUSH - Flush all network related caches.
- ARPSHOW - Show system ARP cache.
- NDPSHOW - Show system NDP cache.
- SMTPPING - Test a remote SMTP server.
- TCPDUMP - Dump ethernet packets.
[]>
netstat
(Host_IronPort)> netstat
Choose the information you want to display:
1. List of active sockets.
2. State of network interfaces.
3. Contents of routing tables.
4. Size of the listen queues.
5. Packet traffic information.
[1]> 1
1. IPv4 only.
2. IPv6 only.
[1]> 1
Show network addresses as numbers? [N]> y
Avoid truncating addresses? [N]>
nternet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 0 192.168.2.2.25 62.210.13.31.50360 ESTABLISHED
tcp4 0 0 192.168.3.3.25 22.22.22.22.48835 ESTABLISHED
Utilisation disque
(Host_IronPort)> diagnostic
Choose the operation you want to perform:
- RAID - Disk Verify Utility.
- DISK_USAGE - Check Disk Usage.
- NETWORK - Network Utilities.
- REPORTING - Reporting Utilities.
- TRACKING - Tracking Utilities.
- RELOAD - Reset configuration to the initial manufacturer values.
[]> disk_usage
Services Disk Usage (GB) Quota(GB)
----------------------------------------------------------
Spam Quarantine 0.0 2.5
Reporting 4.1 17.0
Tracking 0.1 20.0
Total 4.2 39.5
Choose the operation you want to perform:
- RAID - Disk Verify Utility.
- DISK_USAGE - Check Disk Usage.
- NETWORK - Network Utilities.
- REPORTING - Reporting Utilities.
- TRACKING - Tracking Utilities.
- RELOAD - Reset configuration to the initial manufacturer values.
[]>
nslookup
(Host_IronPort)> nslookup
Please enter the host or IP address to resolve.
[]> www.free.fr
Choose the query type:
1. A the host's IP address
2. AAAA the host's IPv6 address
3. CNAME the canonical name for an alias
4. MX the mail exchanger
5. NS the name server for the named zone
6. PTR the hostname if the query is an Internet address,
otherwise the pointer to other information
7. SOA the domain's "start-of-authority" information
8. TXT the text information
[1]> 1
A=212.27.48.10 TTL=4h 1m 1s
Stats en cours pour un domaine
(Host_IronPort)> hostrate
Recipient host:
[]> free.fr
Enter the number of seconds between displays.
[10]> 3
Type Ctrl-C to return to the main prompt.
Time Host CrtCncOut ActvRcp ActvRcp DlvRcp HrdBncRcp SftBncEvt
Status Delta Delta Delta Delta
08:51:07 up 3 41 0 0 0 0
08:51:10 up 3 44 3 0 0 0
08:51:13 up 3 45 1 0 0 0
08:51:16 up 3 47 2 1 0 0
08:51:19 up 3 47 0 0 0 0
^C
Mails en file d’attente
(Host_IronPort)> workqueue status
Status as of: Fri Jun 19 08:52:42 2015 CEST
Status: Operational
Messages: 0
Status et information de la SenderBase
(Host_IronPort)> sbstatus
SenderBase Host Status
Status as of: Fri Jun 19 08:52:27 2015 CEST
Host success/fail: success
SBRS Status
Status as of: Fri Jun 19 08:52:27 2015 CEST
Host success/fail: success
SenderBase Network Participation Status
Time of last SenderBase upload: never
Stats en cours sur la file d’attente
(Host_IronPort)> workqueue rate
Type Ctrl-C to return to the main prompt.
Time Pending In Out
08:53:28 0 0 0
08:53:38 0 11 11
08:53:48 0 10 10
Stats DNS
(Host_IronPort)> dnsstatus
Status as of: Fri Jun 19 08:54:42 2015 CEST
Counters: Reset Uptime Lifetime
DNS Requests 467,385,596 467,182,112 467,385,596
Network Requests 93,374,333 93,345,897 93,374,333
Cache Hits 472,032,963 471,815,454 472,032,963
Cache Misses 72,603,929 72,599,109 72,603,929
Cache Exceptions 209,096,293 208,897,940 209,096,293
Cache Expired 15,835,352 15,835,266 15,835,352
Afficher les messages dans la file d’attente
(Host_IronPort)> showrecipients
Please select how you would like to show messages:
1. By recipient host.
2. By Envelope From address.
3. All.
[1]> 3
Showing messages, please wait..
MID/ Bytes/ Sender/ Subject
[RID] [Atmps] Recipient
56155715 1848 Delivery Status Notification (Failure)
[0] [49] zezezezezez@doma1.com
56164658 1850 (Failure)
[0] [48] zezsdfsdgdfg@sdqsd.com
Affiche un message via son MID
(Host_IronPort)> showmessage
Enter the MID to show.
[]> 56345400
MID 56345400: 39 secs old
From unknown Fri Jun 19 14:57:25 2015
Received: from localhost by ;
...
Recherche d’un mail
(Host_IronPort)> findevent
Please choose which type of search you want to perform:
1. Search by envelope FROM
2. Search by Message ID
3. Search by Subject
4. Search by envelope TO
[1]> 2
Enter the Message ID (MID) to search for.
[]> 56345398
Currently configured logs:
Log Name Log Type Retrieval Interval
---------------------------------------------------------------------------------
1. mail_logs IronPort Text Mail Logs Manual Download None
Enter the number of the log you wish to use for message tracking.
[1]>
Please choose which set of logs to search:
1. All available log files
2. Select log files by date list
3. Current log file
[3]> 3
Fri Jun 19 14:57:17 2015 Info: New SMTP ICID 171520023 interface Virt1_Data1 (192.168.18.9) address 189.2.98.232 reverse dns host mail.domain.net verified yes
Fri Jun 19 14:57:17 2015 Info: ICID 171520023 ACCEPT SG SUSPECT_and_UNKNOWN_LIST match sbrs[none] SBRS unable to retrieve
Fri Jun 19 14:57:22 2015 Info: Start MID 56345398 ICID 171520023
Fri Jun 19 14:57:22 2015 Info: MID 56345398 ICID 171520023 From: <user1@titi.fr>
Fri Jun 19 14:57:22 2015 Info: MID 56345398 ICID 171520023 RID 0 To: <user2@soc1.fr>
Fri Jun 19 14:57:22 2015 Info: MID 56345398 Message-ID '<kLko0Nzg0MzA4NQA@domain88.com>'
Fri Jun 19 14:57:22 2015 Info: MID 56345398 Subject "Coucou IronPort"
Fri Jun 19 14:57:22 2015 Info: MID 56345398 ready 3165 bytes from <user1@titi.fr>
Fri Jun 19 14:57:22 2015 Info: MID 56345398 matched all recipients for per-recipient policy DEFAULT in the inbound table
Fri Jun 19 14:57:22 2015 Info: MID 56345398 queued for delivery
Fri Jun 19 14:57:22 2015 Info: ICID 171520023 close
Fri Jun 19 14:57:10 2015 Info: New SMTP DCID 27801964 interface 192.168.180.2 address 10.10.10.10 port 25
Fri Jun 19 14:57:25 2015 Info: Delivery start DCID 27801964 MID 56345398 to RID [0]
Fri Jun 19 14:57:25 2015 Info: Message done DCID 27801964 MID 56345398 to RID [0]
Fri Jun 19 14:57:25 2015 Info: MID 56345398 RID [0] Response '2.6.0 <kLko0Nzg0MzA4NQA@domain88.com> Queued mail for delivery'
Fri Jun 19 14:57:25 2015 Info: Message finished MID 56345398 done
Fri Jun 19 14:57:31 2015 Info: DCID 27801964 close
Informations hardware
> ipcheck
Ipcheck Rev 1
Date Thu Jul 14 10:00:03 2015
Model C370
Platform R710 (80AE)
LCD Setting custom
LCD Text Cisco IronPort C370
MGA Version Version: 7.5.1-111
Build Date 2012-11-02
Install Date 2012-11-22 15:49:22
Burn-in Date Unknown
Serial No. 76A43456B789-G78917Y
BIOS Version 2.2.17C
RAID Version 1.21.02-0528, 2.01.03, 1.02-012B
RAID Status Optimal
RAID Type 1
RAID Chunk Unknown
BMC Version 1.85
Disk 0 278GB SEAGATE ST3300657SS ES656DE6339K
Disk 1 278GB SEAGATE ST3300657SS ES656DE33BQC
Disk 2
Disk 3
Disk 4
Disk 5
Disk 6
Disk 7
Disk Total 556GB
Root 400MB 45%
Nextroot 400MB 44%
Var 400MB 1%
Log 222GB 6%
DB 12GB 0%
Swap 8GB
Mail Queue 35GB
RAM 1 A Empty
RAM 1 B Empty
RAM 2 A 2048M ECC 1333MHz
RAM 2 B Empty
RAM 3 A 2048M ECC 1333MHz
RAM 3 B Empty
RAM 4 A Empty
RAM 4 B Empty
RAM 5 A 2048M ECC 1333MHz
RAM 5 B Empty
RAM 6 A 2048M ECC 1333MHz
RAM 6 B Empty
RAM 7 A Empty
RAM 7 B Empty
RAM 8 A Empty
RAM 8 B Empty
RAM 9 A Empty
RAM 9 B Empty
RAM Total 8G
CPU 1 Xeon 2G 4800FSB 1M Cache
CPU 2 Empty
PCI 1 PCI-e g2 x8, 4x Empty
PCI 2 PCI-e g2 x8, 4x Empty
PCI 3 PCI-e g2 8x Empty
PCI 4 PCI-e g2 8x Empty
NIC Management 84:2b:2b:89:ab:22, NetXtreme II Gigabit Ethernet (BCM5709)
NIC Data 1 84:2b:2b:89:ab:24, NetXtreme II Gigabit Ethernet (BCM5709)
NIC Data 2 84:2b:2b:89:ab:26, NetXtreme II Gigabit Ethernet (BCM5709)
NIC Data 3 84:2b:2b:89:ab:28, NetXtreme II Gigabit Ethernet (BCM5709)
PS1 Unknown
PS2 Unknown
Key 999day, IronPort Anti-Spam
Key 999day, Central Mgmt
Key 999day, IronPort Email Encryption
Key 999day, McAfee
Key 999day, Outbreak Filters
Key 999day, RSA Email Data Loss Prevention
Key 999day, Sophos
Key Perpetua, Bounce Verification
Key Perpetua, Receiving
les credits
# credits
CREDITS
===========================
This product proudly hand crafted by...
Lou "Has a kid" Zechtzer
Rich "Lord of Evil" Fielder
David Veach
Ben "Tamino" Cottrell
Martin "kemokid" Baker
Jeremy "FIPS" Felix
Drue Loewenstern
Krishna "Saint" Srinivasan
Sam "Edgar the Bug" Rushing
Bennett "You have a call" Ting
Eric "ListBot" Huss
James "Nightfall" Moore
Jesse Montrose
Andrew "Judge and Jury" Flury
Larry Rosenstein
Jan "chemosabe" Lindner
Lonhyn Jasinskyj
Katy "dakini" Burns
Michael "Pryankster" Cuddy
Naseem "Crystal Meth Chef" Choudhury
Brian "q" Harrison
Charlie Slater
Scott "S." Hutton
Nachiket "Peppersteak" Bahekar
Brennan Evans
Bernie "Milkshake" Hackett
Ben "Tsutomu" Hartwell
Gabe "DJ Malloc" Mahoney
...Paul
Mark Peek