Email sent five days later arrives

You can use delivery reports in exchange management console > Toolbox

Have you checked into these tools yet?  There are several mailflow tools in there that should help you.

Be sure to login to the web interface for delivery reports with the domain admin account or it will likely say access denied.

I have not checked into Delivery Reports yet as it is only been one or two emails. Would it be better to go that route or through the Headers?

I will post the header information here.

Received: from psmtp.com (64.18.2.187) by domain.domain.com () with
Microsoft SMTP Server id 14.2.318.1; Mon, 3 Mar 2014 15:50:08 -0500
Received: from ocps.net ([10.8.12.75]) by exprod7mx234.postini.com
([64.18.6.10]) with SMTP;            Mon, 03 Mar 2014 20:50:06 GMT
Received: from mx0a-0008d101.pphosted.com ([67.231.144.32]) (using TLSv1) by
exprod7mx206.postini.com ([64.18.6.10]) with SMTP;    Wed, 26 Feb 2014 09:26:34
EST
Received: from pps.filterd (m0000108.ppops.net [127.0.0.1])      by
mx0a-0008d101.pphosted.com (8.14.5/8.14.5) with SMTP id s1QEIdLI003429      for
<user@domain.com>; Wed, 26 Feb 2014 09:26:32 -0500
Received: from webmail.ocps.net (aelcas04.ocps.k12.fl.us [168.184.184.214])     by
mx0a-0008d101.pphosted.com with ESMTP id 1j8xkjfd2q-4        (version=TLSv1/SSLv3
cipher=RC4-MD5 bits=128 verify=NOT) for <user@domain.com>; Wed, 26 Feb
2014 09:26:31 -0500
Received: from AELMAIL09.ocps.k12.fl.us ([168.184.184.209]) by
aelcas04.ocps.k12.fl.us ([168.184.184.214]) with mapi; Wed, 26 Feb 2014
09:26:07 -0500
From: "Townsend, Susan" <susan.townsend@ocps.net>
To: "jtownsend@dwma.com" <jtownsend@dwma.com>
Date: Wed, 26 Feb 2014 09:26:07 -0500
Subject: FW: Super BIG Parent and Athlete Meeting
Thread-Topic: Super BIG Parent and Athlete Meeting
Thread-Index: Ac8yc4t4TOP4VVERSIScWwHRABxo2QAixVvA
Message-ID: <30834617BCB5B0409E81D9759093ABBE6A409251EF@AELMAIL09.ocps.k12.fl.us>
References: <1393365004.530d100c009eb@www.iclassprov2.com>
In-Reply-To: <1393365004.530d100c009eb@www.iclassprov2.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative;
                boundary="_000_30834617BCB5B0409E81D9759093ABBE6A409251EFAELMAIL09ocps_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.11.87,1.0.14,0.0.0000
definitions=2014-02-26_03:2014-02-26,2014-02-26,1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=1 phishscore=0
adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1
engine=7.0.1-1305240000 definitions=main-1402260055
X-pstn-neptune: 0/0/0.00/0
X-pstn-levels: (S:99.90000/99.90000 CV:99.9000 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:95.5423 C:98.6951 )
X-pstn-dkim: 0 skipped:disp
X-pstn-settings: 5 (2.0000:1332.0000) s cv GT4 gt3 gt2 gt1 r p m c
X-pstn-addresses: from <susan.townsend@ocps.net> [db-null]
X-pstn-disposition: quarantine
X-pstn-neptune: 0/0/0.00/0
X-pstn-levels: (S:99.90000/99.90000 CV:99.9000 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:95.5423 C:98.6951 )
X-pstn-dkim: 0 skipped:not-enabled
X-pstn-settings: 5 (2.0000:2.0000) s cv gt4 gt3 gt2 gt1 r p m c
X-pstn-addresses: from <susan.townsend@ocps.net> [db-null]
Return-Path: susan.townsend@ocps.net
X-MS-Exchange-Organization-AuthSource: Hermes.dwma.com
X-MS-Exchange-Organization-AuthAs: Anonymous
X-TM-AS-Product-Ver: SMEX-10.2.0.1135-7.500.1017-20542.006
X-TM-AS-Result: No--15.846600-5.000000-31
X-TM-AS-User-Approved-Sender: No
X-TM-AS-User-Blocked-Sender: No
X-MS-Exchange-Organization-AVStamp-Mailbox: SMEXtG}w;1063900;0;This mail has
been scanned by Trend Micro ScanMail for Microsoft Exchange;
X-MS-Exchange-Organization-SCL: 0

It will be easier / quicker to check the headers IF you can get the information you are looking for from them.  However if you do not get the necessary information from that, you should continue your troubleshooting with the tools I mentioned.

The headers have just been posted. If someone could help finding the delay it would be greatly appreciated.

Can you send an email from an external mail account to this user who is having the problem, comparing THAT header to the one you just posted could help immediately identify the issue considering yours arrives on time.

Okay. I will do that and post the headers as mine does arrive on time.

Received: from psmtp.com (64.18.2.128) by Hermes.dwma.com (192.168.1.9) with
Microsoft SMTP Server id 14.2.318.1; Mon, 3 Mar 2014 16:34:37 -0500
Received: from blu0-omc4-s27.blu0.hotmail.com ([65.55.111.166]) by
exprod7mx170.postini.com ([64.18.6.10]) with SMTP;    Mon, 03 Mar 2014 16:34:35
EST
Received: from BLU175-W45 ([65.55.111.135]) by blu0-omc4-s27.blu0.hotmail.com
with Microsoft SMTPSVC(6.0.3790.4675);             Mon, 3 Mar 2014 13:34:32 -0800
X-TMN: [GWvN0ZOYyr3RAoxb7EdcIKMz1NADgHZS]
X-Originating-Email: [rhino783@hotmail.com]
Message-ID: <BLU175-W450987073BA5BEA053625E818F0@phx.gbl>
Return-Path: rhino783@hotmail.com
Content-Type: multipart/alternative;
                boundary="_9b8938b8-5149-4e6a-aab0-76b465ec74a0_"
From: R Galarneau <rhino783@hotmail.com>
To: "jtownsend@dwma.com" <jtownsend@dwma.com>
Subject: Test
Date: Mon, 3 Mar 2014 16:34:31 -0500
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 03 Mar 2014 21:34:32.0063 (UTC) FILETIME=[5D4DC0F0:01CF3728]
X-pstn-neptune: 0/0/0.00/0
X-pstn-levels: (S:98.22702/99.90000 CV:99.9000 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:97.0282 C:98.6951 )
X-pstn-dkim: 0 skipped:not-enabled
X-pstn-settings: 5 (2.0000:2.0000) s cv gt4 gt3 gt2 gt1 r p m c
X-pstn-addresses: from <rhino783@hotmail.com> [db-null]
X-MS-Exchange-Organization-AuthSource: Hermes.dwma.com
X-MS-Exchange-Organization-AuthAs: Anonymous
X-TM-AS-Product-Ver: SMEX-10.2.0.1135-7.500.1017-20542.006
X-TM-AS-Result: No--7.054400-5.000000-31
X-TM-AS-User-Approved-Sender: No
X-TM-AS-User-Blocked-Sender: No
X-MS-Exchange-Organization-AVStamp-Mailbox: SMEXtG}w;1063900;0;This mail has
been scanned by Trend Micro ScanMail for Microsoft Exchange;
X-MS-Exchange-Organization-SCL: 0

Header from external source that arrives without issue.

So the way I am reading this it was at: exprod7mx234.postini.com 64.18.6.10....Correct?

Line 4 says Postini received it however line 5 makes it looks like that the domain ocps.net retransmitted the same message a second time. Not sure what exactly happened there but its not your server that is having an issue here. Its either the sending server or Postini that is causing the delay.

Okay. Thank you for the help guys. I really appreciate it.

Right Costanos. According to the sender, she never got a message back. I have to now check with Postini to see what is going on exactly.

Greylisting will not send a message to the sender. It stays in the queue however 5 days for retrying on greylisting would be unheard of.

I see. I am trying to reach the company now to see if I can find out what happened and if there is other valid email being delayed.

Whoops. Sorry. I meant to give points to denver too. Please distribute to him as well.