none
Exchange 2003 - Maillöschung nachvollziehbar? RRS feed

 > 

  • Frage

  • Question
    Anmelden
    0
    Anmelden

    Guten Abend

    Es geht um einen Exchange 2003 Server, der auf einem Win 2000 Server ist.

    Nun möchte ich nachvollziehen, wie E-Mails bei einem Konto gelöscht wurden (Systemfehler oder manuelle Löschung o.Ä.) oder ob diese noch vorhanden sind.

    Zuerst bin ich über das Webacces gegangen und dort sind keine Mails mehr vorhanden.

    Dann habe ich das Logverzeichnis ergoogelt: \Programme\Exchsrvr\.

    Die Logdatei dort drinnen scheint aber nur ausgehende/eingehende Nachrichten zu loggen.

    Zitat:
    Date Time client-ip Client-hostname Partner-Name Server-hostname server-IP Recipient-Address Event-ID MSGID Priority Recipient-Report-Status total-bytes Number-Recipients Origination-Time Encryption service-Version Linked-MSGID Message-Subject Sender-Address

    Zur Verfügung steht u.A. der Blackberry Messenger, Serververwaltungskonsole.

    Weiß jemand, wie man verfolgen kann, wie/wodurch Nachrichten gelöscht wurden?
    Oder wo man direkt über den Server alle Nachrichten einsehen kann? (Vllt. sind im Webacces keine da, aber auf dem Server und es gibt einen Syncfehler o.Ä. ?)

    UPDATE:
    Logs scheinen in "Programme\Research In Motion\BlackBerry Enterprise Server\Logs\20120524" zu liegen.
    Dort habe ich alle Logs durchgeschaut und das zu diesem User gefunden:

    [40702] (05/24 11:43:55.523):{0x20AC} {mail@mail.de} Starting message rescan
[40703] (05/24 11:43:55.523):{0x20AC} {mail@mail.de} Message rescan completed
[...]
[40700] (05/24 11:44:23.117):{0x212C} {mail@mail.de} Receiving packet from device, size=70, TransactionId=-20200730, Tag=568270, content type=CMIME, cmd=0x3
[40698] (05/24 11:44:23.117):{0x212C} {mail@mail.de} Receiving OTAFM request from device, Tag=568270, TransactionId=-20200730
[40518] (05/24 11:44:23.117):{0x212C} {mail@mail.de} Receiving DELETE_MESSAGE request from device, Tag=568270, TransactionId=-20200730, RefId=-980893708, SrcFolderId=0
[40262] (05/24 11:44:23.133):{0x212C} {mail@mail.de} StateDb - Found RefId=-980893708
[40405] (05/24 11:44:23.398):{0x1FF0} {mail@mail.de} MAPIMailbox::HandleObjectModifiedNotification - OpenEntry (0x8004010f) failed
[40572] (05/24 11:44:23.398):{0x212C} {mail@mail.de} Receiving MESSAGE_STATUS_UPDATE request from device, Tag=568270, TransactionId=-20200730, RefId=-1729975231, MsgStatus=1
[40975] (05/24 11:44:23.398):{0x1FF0} {mail@mail.de} Queuing notification of deleted mail
[40262] (05/24 11:44:23.398):{0x212C} {mail@mail.de} StateDb - Found RefId=-1729975231
[40974] (05/24 11:44:23.414):{0x1FF0} {mail@mail.de} Queuing notification of modified mail
[40572] (05/24 11:44:23.461):{0x212C} {mail@mail.de} Receiving MESSAGE_STATUS_UPDATE request from device, Tag=568270, TransactionId=-20200730, RefId=-231812185, MsgStatus=1
[40262] (05/24 11:44:23.461):{0x212C} {mail@mail.de} StateDb - Found RefId=-231812185
[40699] (05/24 11:44:23.508):{0x212C} {mail@mail.de} OTAFM request from device processed
[40279] (05/24 11:44:23.508):{0x212C} {mail@mail.de} SubmitToRelaySendQ, Tag=568270
[40000] (05/24 11:44:23.508):{0x204C} [BIPP] Send status DATA_ACCEPTED, Tag=568270
[...]
[40000] (05/24 11:44:45.289):{0x2048} [BIPP] Received datagram, Tag=568271
[40700] (05/24 11:44:45.289):{0x20BC} {mail@mail.de} Receiving packet from device, size=59, TransactionId=-20200729, Tag=568271, content type=CMIME, cmd=0x3
[40698] (05/24 11:44:45.289):{0x20BC} {mail@mail.de} Receiving OTAFM request from device, Tag=568271, TransactionId=-20200729
[40572] (05/24 11:44:45.289):{0x20BC} {mail@mail.de} Receiving MESSAGE_STATUS_UPDATE request from device, Tag=568271, TransactionId=-20200729, RefId=-1080654630, MsgStatus=1
[40262] (05/24 11:44:45.289):{0x20BC} {mail@mail.de} StateDb - Found RefId=-1080654630
[...]
[40572] (05/24 11:44:50.508):{0x20BC} {mail@mail.de} Receiving MESSAGE_STATUS_UPDATE request from device, Tag=568271, TransactionId=-20200729, RefId=-331573107, MsgStatus=1
[40262] (05/24 11:44:50.508):{0x20BC} {mail@mail.de} StateDb - Found RefId=-331573107
[...]
[40699] (05/24 11:44:51.149):{0x20BC} {mail@mail.de} OTAFM request from device processed
[40279] (05/24 11:44:51.149):{0x20BC} {mail@mail.de} SubmitToRelaySendQ, Tag=568271
[...]
[40890] (05/24 11:56:08.264):{0x2054} GlobalRescan stats: messaging=81% (5449/6676), calendar=93% (3144/3345), pim=87% (7292/8288)
[...]
[40913] (05/24 12:01:57.034):{0x20A8} {mail@mail.de} Device 2553EA22 state: out of coverage
[...]
[40000] (05/24 12:09:17.180):{0x20B4} {mail@mail.de} Processed MULTI_STATS from Dispatcher, Tag=568285
[40000] (05/24 12:09:29.774):{0x2048} [BIPP] Received datagram, Tag=568286
[40700] (05/24 12:09:29.774):{0x212C} {mail@mail.de} Receiving packet from device, size=59, TransactionId=-20200727, Tag=568286, content type=CMIME, cmd=0x3
[40698] (05/24 12:09:29.774):{0x212C} {mail@mail.de} Receiving OTAFM request from device, Tag=568286, TransactionId=-20200727
[40518] (05/24 12:09:29.774):{0x212C} {mail@mail.de} Receiving DELETE_MESSAGE request from device, Tag=568286, TransactionId=-20200727, RefId=-1829736153, SrcFolderId=0
[40405] (05/24 12:09:29.774):{0x212C} {mail@mail.de} MAPIMailbox::OpenMessage - OpenEntry (0x8004010f) failed
[30147] (05/24 12:09:29.774):{0x212C} {mail@mail.de} MAPIMailbox::RefIDtoEntryID - FindRow (0x8004010f) failed
[40183] (05/24 12:09:29.774):{0x212C} {mail@mail.de} MAPIMailbox::RefIDtoEntryID - Could not find RefId=-1829736153
[40116] (05/24 12:09:29.774):{0x212C} {mail@mail.de} Failed to process DELETE_MESSAGE request, Tag=568286, TransactionId=-20200727
[40572] (05/24 12:09:29.774):{0x212C} {mail@mail.de} Receiving MESSAGE_STATUS_UPDATE request from device, Tag=568286, TransactionId=-20200727, RefId=-431334029, MsgStatus=1
[40405] (05/24 12:09:29.774):{0x212C} {mail@mail.de} MAPIMailbox::OpenMessage - OpenEntry (0x8004010f) failed
[30147] (05/24 12:09:29.774):{0x212C} {mail@mail.de} MAPIMailbox::RefIDtoEntryID - FindRow (0x8004010f) failed
[40183] (05/24 12:09:29.774):{0x212C} {mail@mail.de} MAPIMailbox::RefIDtoEntryID - Could not find RefId=-431334029
[40116] (05/24 12:09:29.774):{0x212C} {mail@mail.de} Failed to process MESSAGE_STATUS_UPDATE request, Tag=568286, TransactionId=-20200727
[40699] (05/24 12:09:29.774):{0x212C} {mail@mail.de} OTAFM request from device processed
[40279] (05/24 12:09:29.774):{0x212C} {mail@mail.de} SubmitToRelaySendQ, Tag=568286
[40000] (05/24 12:09:29.774):{0x204C} [BIPP] Send status DATA_ACCEPTED, Tag=568286

    Kann jemand mir damit weiterhelfen?

    Donnerstag, 24. Mai 2012 23:46
    |

Antworten

Alle Antworten