cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

track email

Rising Flight
Brass Contributor

‎Jul 03 2018 11:41 AM

‎Jul 03 2018 11:41 AM

track email

Hi experts ( i have exchange hybrid environment)

i have below requirements. please help me

1. someuser@somedomain.com has sent an email to user1@mydomain.com on June 26 2018. i want to know the time when it has been received on my exchange server or to the users mailbox.

2. similarly user1@mydomain.com has sent an email to someuser@somedomain.com on June 28 2018. i want to know when did this email
left my exchange server or is it dropped


i tried the below syntaxes, i am getting lot of information but i am not able to find out exactly

Get-MailboxServer | get-messagetrackinglog -sender someuser1@somedomain.com -recipients myuser1@mydomain.com -start "06/26/2018 00:00" -end
"06/26/2018 23:59" | select MessageSubject,Timestamp,Eventid,Source,Sender,Recipients,SourceContext,MessageId,ServerHostname |
Export-Csv C:\report1.csv -NoTypeInformation

in the above syntax i am confused how to check when this email has hit my exchange server

==================================================================

Get-MailboxServer | get-messagetrackinglog -sender myuser2@mydomain.com -recipients someuser2@somedomain.com -start "06/28/2018 00:00"
-end "06/28/2018 23:59" | select MessageSubject,Timestamp,Eventid,Source,Sender,Recipients,SourceContext,MessageId,ServerHostname |
Export-Csv C:\report2.csv -NoTypeInformation

in the above syntax i am confused how to check when this email has gone out of my exchange server

----------------------------------------------------------------------------------------------------------

for example i have one xyz application , this application is sending email to some SMTP relay and then this email hits our gateway and  then to my exchange server. so for this reason i want to know when has the email hit my exchange server or gone out of my exchange server

 

2,019 Views
0 Likes
3 Replies
Reply
3 Replies
best response confirmed by Rising Flight (Brass Contributor)
Max Fritz

‎Jul 05 2018 07:15 AM

‎Jul 05 2018 07:15 AM

Solution

Re: track email

The tracking logs are very verbose, so you're not alone that it's a lot of information to parse. What you'll want to look for or filter by is the event type (great breakdown of types here).

 

For scenario 1, RECEIVE will be the event for Exchange receiving the message, and DELIVER will be the event for delivery to your user's mailbox.

For scenario 2, SEND will indicate the message was sent out of the Exchange server.

For identifying failures, there are multiple different event types to consider (see link above).

 

If you just want to see certain events, you can add a filter of -EventId and then the event name in quotes to your Get-MessageTrackingLog search.

 

Hope this helps!

0 Likes
Reply
Rising Flight

‎Jul 06 2018 09:54 AM - edited ‎Jul 06 2018 09:55 AM

‎Jul 06 2018 09:54 AM - edited ‎Jul 06 2018 09:55 AM

Re: track email

hi below is results of the syntax i have edited some of the information

i can see STOREDELIVER and DELIVER which means the email has been received by the end user

 

 [PS] C:\Windows\system32>Get-TransportService | Get-MessageTrackingLog -Sender exchangeonlineuser@mydomain.com -Recipient
 exchangeonpremisesuser@mydomain.com -start "06/28/2018 00:00" -end "06/28/2018 23:59" | fl


RunspaceId              : 654d2367-c2ef-480b-b6aa-59f760bb0db0
Timestamp               : 6/28/2018 7:00:57 PM
ClientIp                :
ClientHostname          : myexchangeserver02.mydomain.com
ServerIp                :
ServerHostname          : myexchangeserver01
SourceContext           : XXXXXXXXX;2018-06-28T12:55:40.570Z;ClientSubmitTime:2018-06-28T12:55:19.000Z
ConnectorId             :
Source                  : STOREDRIVER
EventId                 : DELIVER
InternalMessageId       : 18606543789045
MessageId               : <xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
NetworkMessageId        : xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Recipients              : {exchagneonpremisesuser@mydomain.com}
RecipientStatus         : {}
TotalBytes              : 47654
RecipientCount          : 1
RelatedRecipientAddress :
Reference               :
MessageSubject          : Test Email
Sender                  : exchangeonlineuser@mydomain.com
ReturnPath              : exchangeonlineuser@mydomain.com
Directionality          : Originating
TenantId                :
OriginalClientIp        : X.XX.XX.XXX
MessageInfo             : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
MessageLatency          : 00:00:00
MessageLatencyType      : EndToEnd
EventData               : {[IncludeInSla, True], [MailboxDatabaseGuid, xxxxxx],
                          [Mailboxes, xxxxx], [StoreObjectIds, xxxxxxxxx
                          xxxxxxxxxxxxxxxxx==], [FromEntity,
                          Internet], [ToEntity, Hosted], [P2RecipStat, 0.007/2], [MsgRecipCount, 2], [DeliveryLatency,
                          0.000], [AttachCount, 0], [E2ELatency, 1.697], [DeliveryPriority, Normal], [AccountForest,
                          mydomain.com]}
TransportTrafficType    : Email
SchemaVersion           : 15.01.1466.003

 

0 Likes
Reply
Max Fritz

‎Jul 06 2018 01:11 PM

‎Jul 06 2018 01:11 PM

Re: track email

That's correct, it has been delivered to the local mailbox.
0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Rising Flight (Brass Contributor)
Max Fritz

‎Jul 05 2018 07:15 AM

‎Jul 05 2018 07:15 AM

Solution

Re: track email

The tracking logs are very verbose, so you're not alone that it's a lot of information to parse. What you'll want to look for or filter by is the event type (great breakdown of types here).

 

For scenario 1, RECEIVE will be the event for Exchange receiving the message, and DELIVER will be the event for delivery to your user's mailbox.

For scenario 2, SEND will indicate the message was sent out of the Exchange server.

For identifying failures, there are multiple different event types to consider (see link above).

 

If you just want to see certain events, you can add a filter of -EventId and then the event name in quotes to your Get-MessageTrackingLog search.

 

Hope this helps!

View solution in original post

0 Likes
Reply