Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

Emails Delayed between hops.

I've been currently trying to figure out why some emails that are being sent out from our ERP system are taking an upwards of 7-10 minutes to be delivered to our companies' mailboxes.  I analyzed one of the last email traces and looked at the time it takes and noticed there are some significant delays between the time its released by mf-inbound-us-west-2.prod.hydra.sophos.com and before it finally hits mail.protection.outlook.com.  Now I'm no mailflow/exchange expert at all, but can anyone explain why there is such a delay between some of the hops for this email to be delivered?  We haven't changed anything, we've set up DKIM, SPF and DMARC with the ERP company (it's the first hop) so those three are passing when I look at the email through Message History.

  1. 08:11:35 -0500 (CDT): Email sent from outbound.dmsi.com.
  2. 13:11:36 +0000 (UTC): Received by DS2PEPF00003443.mail.protection.outlook.com.
  3. 13:11:36 +0000 (UTC): Received by DS7PR03CA0113.outlook.office365.com.
  4. 13:11:36 +0000 (UTC): Received by LV8PR14MB7597.namprd14.prod.outlook.com.
  5. 13:11:40 +0000 (UTC): Received by us2-emailsignatures-cloud.codetwo.com.
  6. 13:11:41 +0000 (UTC): Received by CY4PEPF0000EE30.mail.protection.outlook.com.
  7. 13:11:42 +0000 (UTC): Received by DS7P222CA0010.outlook.office365.com.
  8. 13:11:42 +0000 (UTC): Received by MN6PR14MB7220.namprd14.prod.outlook.com.
  9. 13:11:47 +0000 (UTC): Received by mf-inbound-us-west-2.prod.hydra.sophos.com.
  10. 13:15:05 +0000 (UTC): Received by SJ1PEPF00001CE4.mail.protection.outlook.com.
  11. 13:15:05 +0000 (UTC): Received by BYAPR21CA0012.outlook.office365.com.
  12. 13:15:06 +0000 (UTC): Received by DS0PR14MB5736.namprd14.prod.outlook.com.
  13. 13:18:39 +0000 (UTC): Received by CH3PR14MB6372.namprd14.prod.outlook.com.


Edited TAGs
[edited by: Raphael Alganes at 1:53 PM (GMT -7) on 24 Oct 2024]
Parents
  • Is this a new implementation? How long has the ERP system been sending emails through Central to your internal domain? I ask because Sophos does have a Delay Queue for new streams of mail that starts coming to clients and this generally clears up in the first 24-48 hours of receiving messages.

  • Afternoon Tom - The ERP system has been in our company for 20 years, and when we first implemented Sophos, emails were already part of the mail flow.  That's nice to know about the Delay Queue, but I think maybe unrelated to this current issue.  I work with an MSP, and they just updated our mallow rule connects to the new Certificate Based configuration.  I'm still getting user reports telling me it takes anywhere to 3-8 minutes when they request a document through the ERP to be sent via email, until it's delivered to their inbox. Feels like trying to find a needle..

Reply
  • Afternoon Tom - The ERP system has been in our company for 20 years, and when we first implemented Sophos, emails were already part of the mail flow.  That's nice to know about the Delay Queue, but I think maybe unrelated to this current issue.  I work with an MSP, and they just updated our mallow rule connects to the new Certificate Based configuration.  I'm still getting user reports telling me it takes anywhere to 3-8 minutes when they request a document through the ERP to be sent via email, until it's delivered to their inbox. Feels like trying to find a needle..

Children