Have an account?
Need an account?
This document describes how to search for log entries that show how the ESA (Email Security Appliance) processed a message.
You can search the logs to gather more information about the From, To, Subject of the emails coming from this IP address that you're interested in.
The name of the log is mail_logs. You can see this in the System Administration > Log Subscriptions > mail_logs.
There are several ways to access these logs.
The search might take a bit of time to complete. Once the output comes back, you can search either the ICID or the MID.
grep "ICID 123456" mail_logs
Once the output comes back, you can search for the MID
grep "MID 78901234" mail_logs
You should be able to see the From, To, Subject from the MID. You should see the IP address and the HAT Sender Group from the ICID.