Day 13 โ€“ Exchange Online Mail Flow & Message Trace (Complete Guide)

By | February 27, 2026
2 Comments

In todayโ€™s Microsoft 365 Admin learning journey, we explored how emails move inside and outside the organization and how to troubleshoot delivery issues.

๐Ÿ“Œ 1. Understanding Mail Flow in Exchange Online

Mail flow refers to how email messages travel:

  • Internal โ†’ Internal
  • Internal โ†’ External
  • External โ†’ Internal

All mail flow configurations are managed in:

๐Ÿ”— https://admin.exchange.microsoft.com

๐Ÿ“Œ 2. Accepted Domains

Accepted Domains define which domains your organization can receive email for.

๐Ÿ”น Types of Accepted Domains

1๏ธโƒฃ Authoritative Domain

  • Most common type
  • Exchange Online hosts all mailboxes
  • If recipient not found โ†’ NDR generated

2๏ธโƒฃ Internal Relay

  • Used in Hybrid environments
  • If mailbox not found โ†’ email forwarded to another system

๐Ÿ“Œ 3. Mail Flow Rules (Transport Rules)

Mail flow rules allow administrators to:

  • Block specific keywords
  • Add disclaimers
  • Apply encryption
  • Redirect messages
  • Restrict attachment types
  • Send copies to compliance mailbox

๐Ÿ› ๏ธ Practical Lab โ€“ Create a Mail Flow Rule

๐ŸŽฏ Scenario:

Block emails containing โ€œConfidential Testโ€

๐Ÿ”น Steps:

  1. Login to Exchange Admin Center
  2. Navigate to Mail Flow โ†’ Rules
  3. Click + Add a Rule
  4. Name the rule: Block Confidential Test
  5. Under โ€œApply this rule ifโ€
    โ†’ Select Subject or body includes
    โ†’ Add keyword: Confidential Test
  6. Under โ€œDo the followingโ€
    โ†’ Select Reject the message
    โ†’ Add explanation text
  7. Click Save

โœ… Rule is now active.

๐Ÿ“Œ 4. Message Trace (Email Troubleshooting Tool)

Message Trace helps admins:

  • Track delayed emails
  • Identify bounced emails
  • Check spam filtering status
  • Confirm successful delivery

๐Ÿ”น Steps to Run Message Trace

  1. Go to Exchange Admin Center
  2. Navigate to Mail Flow โ†’ Message Trace
  3. Click Start a trace
  4. Enter:
    • Sender email
    • Recipient email
    • Date range
  5. Click Search

You can see:

  • Delivered
  • Failed
  • Pending
  • Quarantined

๐Ÿ“Œ 5. Email Authentication (SPF, DKIM, DMARC)

These DNS records protect your domain from spoofing.

๐Ÿ”น SPF (Sender Policy Framework)

  • Defines authorized sending servers

๐Ÿ”น DKIM (DomainKeys Identified Mail)

  • Digitally signs outgoing email

๐Ÿ”น DMARC

  • Defines what to do if SPF/DKIM fails

These improve:

  • Email deliverability
  • Domain reputation
  • Security posture

๐ŸŽฏ Real-World Admin Scenario

User Complaint:

โ€œMy client didnโ€™t receive my email.โ€

Troubleshooting Checklist:

โœ… Run Message Trace
โœ… Check Quarantine
โœ… Verify Mail Flow Rules
โœ… Review Connectors
โœ… Validate SPF/DKIM/DMARC
โœ… Check if recipient server rejected

2 thoughts on “Day 13 โ€“ Exchange Online Mail Flow & Message Trace (Complete Guide)

  1. sang

    I was expecting the post to be published earlier. Thank you for sharing your insights

    Reply
    1. Jaspreet Post author

      Thank you so much for your kind words, It really motivates me to keep sharing practical Microsoft 365 learning content.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *