[ExchangeList] Re: How to track internal emails - exchnage 2007

• From: "Michael B. Smith" <michael@xxxxxxxxxxxxxxxxxxxxxxxx>
• To: <exchangelist@xxxxxxxxxxxxx>
• Date: Fri, 24 Apr 2009 08:16:01 -0400

Both "options" and "message tracking" give you a client (source) IP. How
much value that is depends on your environment and the mechanism used to
submit the message.

 

That's going to be true of the SMTP logs as well.

 

If you are attempting to determine the source of a MAPI connection, well,
that's more challenging; and I can't think of any quick way to do it unless
you were already prepared for it.

 

From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Patrick
Sent: Friday, April 24, 2009 7:22 AM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: How to track internal emails - exchnage 2007

 

Options does not tell you much when the email is internal, neither does
message tracking. they tell you that Admin sent an email but not from what
computer or ip address. I will have a look @ the smtp protocol log. I did
find some information of the security log of the exchange server. It does
tell you that admin logged into the mail server @ a certain time, but does
not tell you admin sent emails from the computer @ a certain time.

 

But we'll see.

 

Thanks

 

  _____  

From: Michael B. Smith <michael@xxxxxxxxxxxxxxxxxxxxxxxx>
To: exchangelist@xxxxxxxxxxxxx
Sent: Friday, April 24, 2009 12:00:47 PM
Subject: [ExchangeList] Re: How to track internal emails - exchnage 2007

Open it up in Outlook. Click on Options. Examine the headers.

 

Or, use message tracking.

 

Or, use the smtp protocol logs.

 

From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Patrick
Sent: Friday, April 24, 2009 5:55 AM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] How to track internal emails - exchnage 2007

 

Hi guys,

 

Some user has sent an email to all staff using the Administrator account. We
just need to know if there is a way to track what workstation the email came
from (IP address).

 

 

Thanks

 

Patrick

 

 

• Follow-Ups:
  • [ExchangeList] Re: How to track internal emails - exchnage 2007
    • From: Patrick

• References:
  • [ExchangeList] How to track internal emails - exchnage 2007
    • From: Patrick
  • [ExchangeList] Re: How to track internal emails - exchnage 2007
    • From: Michael B. Smith
  • [ExchangeList] Re: How to track internal emails - exchnage 2007
    • From: Patrick

Other related posts:

• » [ExchangeList] How to track internal emails - exchnage 2007- Patrick
• » [ExchangeList] Re: How to track internal emails - exchnage 2007- Michael B. Smith
• » [ExchangeList] Re: How to track internal emails - exchnage 2007- Patrick
• » [ExchangeList] Re: How to track internal emails - exchnage 2007 - Michael B. Smith
• » [ExchangeList] Re: How to track internal emails - exchnage 2007- Patrick

1. Home
2. exchangelist
3. Archive
4. 04-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---