Email not found in MessageTrace Exchange Admin Online

Leonardo Gastelum 21 Reputation points

On Friday 6th of August, a user of our company received a phishing mail (sent from a Gmail). I always check if any other user receives the same mail by looking it up on the MessageTrace option of the Exchange Admin. This time, no results were given. At first, I thought it just didn’t show up because the user just received it but it’s been more than 2 days and nothing.

I just blocked that specific mail. What else can I do to find this mail and prevent others?

Thanks in advance for your help.

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,380 questions
0 comments No comments
{count} votes

Accepted answer
  1. Andy David - MVP 142.6K Reputation points MVP

    Ok that means:

    1. It didnt go through the Exchange pipeline. i.e. if they have another account added to their profile
    2. Something is broken. If not 1 - then open a ticket with 365 support. Every message sent through the ExO transport MUST be visible in the message trace logs except for some system type messages.

1 additional answer

Sort by: Most helpful
  1. Andy David - MVP 142.6K Reputation points MVP

    Do you have a copy of the headers for this message?
    Search by Message ID if you havent already. Thats more effective.