Exchange Delays Emails Received

Posted on 2014-01-22
Medium Priority
Last Modified: 2014-01-26
We have an Exchange 2010 server.  We use mailroute to filter our mail.  Occasionally  a user or a few users will receive a batch of emails that was sent the previous day.  I pasted one of the headers below.  It basically shows it was received 01-22, but send 01-21.  Mailroute says they couldn't reach our server and delayed the email.  I know our internet connection is not going down.  Is there anything else on the Exchange server or  somewhere I could look for what might be causing this occasional problem?

Received: from mail.mailroute.net ( by ExchangeNew.credit.com
( with Microsoft SMTP Server id; Wed, 22 Jan 2014
11:16:46 -0600
Received: from localhost (localhost.localdomain [])        by
gw02.lax01.mailroute.net (Postfix) with ESMTP id 3f82cb44dYzdcKJ        for
<thermanson@credit-mgmt.com>; Tue, 21 Jan 2014 21:16:47 +0000 (UTC)
X-Virus-Scanned: by MailRoute
X-Spam-Flag: NO
X-Spam-Score: 1.222
X-Spam-Level: *
X-Spam-Status: No, score=1.222 tagged_above=-9999 tests=[CK_HELO_GENERIC=0.25,
                SPF_SOFTFAIL=0.972] autolearn=disabled
Received: from gw02.lax01.mailroute.net ([])   by localhost
(gw02.lax01.mailroute.net []) (mroute_mailscanner, port 10024)           with
LMTP id JSeWY9vx1Hcc for <thermanson@credit-mgmt.com>; Tue, 21 Jan 2014
21:16:46 +0000 (UTC)
Received: from mail028.177.12.a.static.mtka.securence.com
(mail027.177.12.A.static.MTKA.securence.com [])                by
gw02.lax01.mailroute.net (Postfix) with ESMTP id 3f82cY4kbJzdcJd         for
<thermanson@credit-mgmt.com>; Tue, 21 Jan 2014 21:16:44 +0000 (UTC)
Received: from mail.ryderinsurance.com. (               by
mta20.mtka.securence.com (Securence);           Tue, 21 Jan 2014 15:16:44 -0600 (CST)
Received: from RRMHSBS01.RRMH.local ([fe80::1052:5e0d:c476:a0fd]) by
RRMHSBS01.RRMH.local ([fe80::1052:5e0d:c476:a0fd%10]) with mapi id
14.02.0347.000; Tue, 21 Jan 2014 15:16:36 -0600
From: Ryan Hansen <RHansen@ryderinsurance.com>
To: Tessa Hermanson <thermanson@credit-mgmt.com>
Subject: FW: E&O Quote
Thread-Topic: E&O Quote
Thread-Index: AQHPFuy3occu458UDkqOUPcncODo4pqPq90wgAACWhA=
Date: Tue, 21 Jan 2014 21:16:35 +0000
Message-ID: <1ACE78EFA97F074BA0C43FE3B5AD797121B777@RRMHSBS01.RRMH.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
x-originating-ip: []
Content-Type: multipart/mixed;
MIME-Version: 1.0
X-Securence-ID: 1390338996886-020-01013146
X-Securence-Country-Code: US - UNITED STATES
X-Securence-odset: ryderinsurance.com
X-Securence-REMOTE-HOST: mail.ryderinsurance.com.
X-Securence-RFC2821-MAIL-FROM: rhansen@ryderinsurance.com
X-Securence-Latseq: <20-1390339004557>
Return-Path: rhansen@ryderinsurance.com
X-MS-Exchange-Organization-AuthSource: ExchangeNew.credit.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 10
Question by:pcservne
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
LVL 37

Expert Comment

by:Jamie McKillop
ID: 39800972

You can enabled SMTP logging (http://dougg.co.nz/2011/05/26/enable-smtp-logging-on-exchange-2010-sendreceive-connectors/), which will allow you to see if there are any errors in the connection attempts. You won't be able to see what happened previously but you will be able to look at the logs if it happens again.


Author Comment

ID: 39801019
I enabled the logging, but the directory they are supposed to go to isn't there.
LVL 37

Expert Comment

by:Jamie McKillop
ID: 39801030
You may have installed Exchange in a different directory.

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.


Author Comment

ID: 39801039
No, its the same default install path.

Author Comment

ID: 39801050
OK.  I found the logs.  What will I be looking for?
LVL 37

Expert Comment

by:Jamie McKillop
ID: 39801056
Run get-transportserver -identity <server> | fl

Look for the ReceiveProtocolLogPath

LVL 37

Expert Comment

by:Jamie McKillop
ID: 39801059
You will need to look for any errors in the logs during the time any messages are delayed.


Author Comment

ID: 39801074
OK - mailroute has just said only 1 of their servers is holding up our email and its a server that got listed on SORBS blacklist.  We are not doing any blacklist filtering however that I know of.  Is there blacklist filtering built into Exchange 2010 that we may have turned on?  Otherwise, its starting to sound like their problem to me.
LVL 37

Accepted Solution

Jamie McKillop earned 2000 total points
ID: 39801087
Here are the instructions to configure block list providers. You can check out these setting to see if you have something configured. http://technet.microsoft.com/en-us/library/dd351199%28v=exchg.141%29.aspx

I would agree that it sounds like their issue.


Author Closing Comment

ID: 39810648
It was MailRoute's issue.  One of their servers was listed on a blacklist or botnet.

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In-place Upgrading Dirsync to Azure AD Connect
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question