We have one domain that sometimes sends us emails that get delayed somewhere down the line. Sometimes it is for several hours,even more on occasion. Most times it comes right through. I am trying to figure out if it us, them or a server along the way. I found a tool that analyzes the message header but I can't really translate it. Can one of you expert folks maybe take a look and pare it down to "layman's terms"?
This message example was sent at 1:20 PM EST and was received at 2:57 AM EST.
I have attached a file that is a screen print of the analyzer results. Some info has been redacted on the images and I have "x'd" out some info from the Receiver Header.
Here is the Receiver Header:
Received: from barracuda.betool.com (192.168.1.200) by SVR-MX01.BETOOL.COM
(192.168.1.7) with Microsoft SMTP Server id 8.1.436.0; Fri, 10 Feb 2017
Received: from dispatch1-us1.ppe-hosted.com (dispatch1-us1.ppe-hosted.com
[18.104.22.168]) by barracuda.betool.com with ESMTP id Vp24QzSifeouaTQL for
<email@example.com>; Fri, 10 Feb 2017 02:56:35 -0500 (EST)
Received: from dispatch1-us1.ppe-hosted.com (localhost.localdomain
[127.0.0.1]) by dispatch1-us1.ppe-hosted.com (Proofpoint Essentials ESMTP
Server) with ESMTP id 2A10F4C5F7 for <firstname.lastname@example.org>; Thu, 9 Feb 2017
18:20:14 +0000 (UTC)
Received: from pure.maildistiller.com (unknown [10.110.50.25]) by
dispatch1-us1.ppe-hosted.com (Proofpoint Essentials ESMTP Server) with ESMTP
id 16E078006B for <email@example.com>; Thu, 9 Feb 2017 18:19:54 +0000 (UTC)
X-Virus-Scanned: Proofpoint Essentials engine
Received: from mx8-us1.ppe-hosted.com (unknown [10.110.49.250]) by
pure.maildistiller.com (Proofpoint Essentials ESMTP Server) with ESMTPS id
62C998004F for <firstname.lastname@example.org>; Thu, 9 Feb 2017 18:19:53 +0000 (UTC)
Received: from outbound-us1.ppe-hosted.com (remote.accelaviation.com
[22.214.171.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256
bits)) (No client certificate requested) by mx8-us1.ppe-hosted.com
(Proofpoint Essentials ESMTP Server) with ESMTPS id 3BDE9440059 for
<email@example.com>; Thu, 9 Feb 2017 18:19:53 +0000 (UTC)
Received: from EXCH2016.AccelAviation.local (192.168.1.x) by
EXCH2016.AccelAviation.local (192.168.1.x) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id
15.1.544.27; Thu, 9 Feb 2017 13:19:49 -0500
Received: from EXCH2016.AccelAviation.local ([fe80::4cb5:5724:3065:648c]) by
EXCH2016.AccelAviation.local ([fe80::4cb5:5724:3065:648c%12]) with mapi id
15.01.0544.027; Thu, 9 Feb 2017 13:19:49 -0500
To: "firstname.lastname@example.org" <email@example.com>
Date: Thu, 9 Feb 2017 18:19:49 +0000
X-Virus-Scanned: by bsmtpd at betool.com
Thank you. When I look at the message log on the Barracuda device I do not see it hitting the message log until the delivery time, (2:47 AM). Also, the domain in question is whitelisted on the Barracuda device.
Within Internet message handling services (MHS), a message transfer agent or mail transfer agent (MTA) or mail relay is software that transfers electronic mail messages from one computer to another using a client–server application architecture. A MTA implements both the client (sending) and server (receiving) portions of the Simple Mail Transfer Protocol (SMTP). The terms mail server, mail exchanger, and MX host may also refer to a computer performing the MTA function. The Domain Name System (DNS) associates a mail server to a domain with mail exchanger (MX) resource records containing the domain name of a host providing MTA services.