Link to home
Create AccountLog in
Avatar of wlasner
wlasnerFlag for United States of America

asked on

Delayed incoming e-mails to our exchange 2007 server

Random incoming e-mails seem to arrive hours after they are actually sent.  I would say it happens 1 out of 20 e-mails.  Only afew users on my network have complained.
I did notice that tyesterdays e-mail was received 4 hours later from a yahoo sender.  I had them test with me this morning, the first one has not arrived (1 hour so far), a second one sent 10 minutes after the first one arrived in 10 seconds.
Any ideas on what might be the issue and if it could be on our side would be appreciated.

thanks
Wayne
Avatar of Jon Brelie
Jon Brelie
Flag of United States of America image

Can you scrub and post a copy of the headers from one of these messages?  They should show where the delay occurred.
Avatar of wlasner

ASKER

Not sure what you need.
 User generated image
So if the message I received 5 hours later shows smtp received and delivered (stored) as the same time, does that mean the issue is not our fault but the senders providor (Yahoo)?
Please check options in outlook for a delivered message and copy the message headers.  

http://email.about.com/od/outlooktips/qt/How_to_View_All_Message_Headers_in_Outlook.htm
Avatar of wlasner

ASKER

Sorry, we are on OL 2010, I searched options and do not see view options for the headers, still looking
Okay.  I am about to leave town for a week so I invite any experts reading this to jump in and assist.

If you comb through the headers when you find them, you will see the timestamp for each server that touched the message on it's way from Yahoo to you.  Look for the big gaps and you will find your delay.
Avatar of wlasner

ASKER

Here we go - took abit - sorry....

Received: from nm14.access.bullet.mail.mud.yahoo.com (192.168.0.102) by
 exch.AbleHC.local (192.168.0.206) with Microsoft SMTP Server id 8.3.213.0;
 Thu, 3 Nov 2011 13:27:11 -0400
Received: from [66.94.237.126] by nm14.access.bullet.mail.mud.yahoo.com with
 NNFMP; 03 Nov 2011 13:28:33 -0000
Received: from [66.94.237.110] by tm1.access.bullet.mail.mud.yahoo.com with
 NNFMP; 03 Nov 2011 13:28:33 -0000
Received: from [127.0.0.1] by omp1015.access.mail.mud.yahoo.com with NNFMP; 03
 Nov 2011 13:28:33 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 636109.40857.bm@omp1015.access.mail.mud.yahoo.com
Received: (qmail 2964 invoked by uid 60001); 3 Nov 2011 13:28:33 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1320326913; bh=jE0ffJsYNirjycv7mBQsMCq16PH4URes9XyE6Xoc8S4=; h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type; b=Q9rPxHjLpXSm77GxWKZfymX3ZR7GpBZcdnNRni3MPUVbIX178W5tb8nN7xYLl6MIvsR9bHpeki/OPsAVqeh8lrs+LkBkik3LptuIlMnP5oIVO9gMkgdneUP/a8mDKAOn7ZwOlbr7F9xBLoZoBTP63xe5t7oVi8E8+pLK5Sdmo5o=
X-YMail-OSG: pu6.Do8VM1lNo.TDw_Ylw.aheyIdsLea63Zq6Tm0e8XSUfw
 1B811mxJYhl9v7.ey2Eb.u.jduUn7NsAm55CmdL_JF.WF6uUB919UGNu3Hyd
 T2vxmhEKcG88gAk7w3al2Nslf7djtnGCRTSzr_Lhfd2lrtc2MCAc5JogUHwD
 NI8f_dP.1.V1TYegSWxf9jvo47clCB5h7PxGNBQW7f7AxSuyiz5bK7tKa.HQ
 sLo0FINRDF1da1.dpNySD6LsjZmCrc53rzl9z.Kim4Ievi5H6te1MnKlszzs
 FcEBLb5bbUkWl1fhqoOZDKGKZ98AFsJzYw7ZeFCc_gT2c46UVVZpuKTRxCwm
 .oBpEjSADRojrab880GCgQlzEH3v3CzcZKt21isA9xdKivHz_O7Bu.7JCf7c
 9pJfLyxmEp_Si09LtvYMdp.XXPZo5ryM9wWVxpq2FZ0Dvha2EK2nFqq4WSX4
 VuiJEp88wDC0l.kl6isHGTzMkIF.5JzRjTwuQ_tisLg--
Received: from [173.220.3.205] by web508.biz.mail.mud.yahoo.com via HTTP; Thu,
 03 Nov 2011 06:28:32 PDT
X-Mailer: YahooMailWebService/0.8.114.317681
Message-ID: <1320326912.2957.YahooMailNeo@web508.biz.mail.mud.yahoo.com>
Date: Thu, 3 Nov 2011 06:28:32 -0700
From: Natalie Halpin <natalie@tdconsult.com>
Reply-To: Natalie Halpin <natalie@tdconsult.com>
Subject: its me
To: Wayne Lasner <waynel@ablehealthcare.com>
MIME-Version: 1.0
Content-Type: multipart/alternative;
      boundary="0-1959626592-1320326912=:2957"
Return-Path: natalie@tdconsult.com
X-Brightmail-Tracker: AAAAAA==
Hard to read on the phone but if my time zone math is right, this message was accepted by your server less than a minute after it was sent.  Are there any relevant logs for that time window?  Is outlook just not grabbing the message?

Prolly my last chance to post for a week ands half.  Good luck.
Avatar of wlasner

ASKER

Actually, it looks like it goes from 6:38 PDT (9:38 EDT - which is correct)) to the last hop at yahoo at 13:27 0400 (assuming that is EDT) which is when my system shows it received.  4 hours later.
Maybe I am reading it wrong.....
Anyway - we have been dealing with this for months so I you can resume when you return - that would be great.
Have a good trip.
Are you using any local mail filtering?

Can you post headers from the message that was not delayed?
Avatar of wlasner

ASKER

Here is one from Experts exchange on this case....

Received: from www3.experts-exchange.com (192.168.0.102) by exch.AbleHC.local
 (192.168.0.206) with Microsoft SMTP Server (TLS) id 8.3.213.0; Tue, 15 Nov
 2011 15:03:45 -0500
Received: from www3.experts-exchange.com (localhost [127.0.0.1])      by
 www3.experts-exchange.com (8.14.4/8.14.4) with ESMTP id pAFK5Xrp092521      for
 <waynel@ablehealthcare.com>; Tue, 15 Nov 2011 12:05:33 -0800 (PST)
      (envelope-from noreply@experts-exchange.com)
Date: Tue, 15 Nov 2011 12:05:33 -0800
From: Experts Exchange <noreply@experts-exchange.com>
To: <waynel@ablehealthcare.com>
Message-ID: <331640497.11207.1321387533696.JavaMail.ee@www3.experts-exchange.com>
Subject: Comment Added: Delayed incoming e-mails to our exchange 2007 server
MIME-Version: 1.0
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Mailer: Experts Exchange
Return-Path: noreply@experts-exchange.com
X-Brightmail-Tracker: AAAAAA==
The only thing that strikes me as funny is that the last delivery server says that it's IP is a non-routable address.  That on it's own probably wouldn't delay email delivery, but it could if you are doing any server side filtering.  Are you using any filtering or scanning products locally?
Avatar of wlasner

ASKER

We use symantec's mail security for Exchnage - not sure why that would affect time to deliver, it would prevent or allow incoming mail based on filters.
I was thinking that there might be a greylisting issue, but I don't think Symantec does that.

http://en.wikipedia.org/wiki/Greylisting
Avatar of wlasner

ASKER

Interesting?  but I do not think symantec mail security does that unless it is built in and not a seeable option.
ASKER CERTIFIED SOLUTION
Avatar of Jon Brelie
Jon Brelie
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of wlasner

ASKER

Thanks for all the trouble shooting help - enabled me to narrow issues.  turned out to be a hole in one of my receivers.  The vendor helped me to correct the config to avoid the hole and the spam issue is gone as well as the slow response now that spma is not slowing it down.