Get a Report of All Messages Received from a Particular Sender

Posted: February 28, 2013/Under: Microsoft Exchange, PowerShell/By: jay c

This is a simple script that will check the message tracking logs on all of your Exchange Hub Transport Servers for messages received from a particular sender.

Usage:
Get_Sender.ps1 <email-address>

Example:
Get_Sender.ps1 joe@bleau.net

The script saves the output (if found) at c:\temp\sender-report.csv.

# Filename : get_sender.ps1
# Purpose : Creates a report of all emails recently received from a particular sender.
# Records the results at c:\temp\sender-report.csv.
# Requires the following applications to be installed:
# Exchange Management Shell
#
# Modified : 2013.02.28 Jay Carper; Created
# :

Param([string]$Sender)

# If no sender address was specified, prints syntax and exits.
if (($Sender -eq $Null) -or ($Sender -eq “”) -or ($Sender -notlike “*@*.*”)) {
write-host ” “
write-host “Syntax: Get_Sender <email@domain.com>”
write-host ” “
break
}

# Gets a list of all hub transport servers in the organization.
[array]$HubServers = @()
$HubServers = Get-TransportServer
$Count=0

# Checks log files on each hub transport server for the sender and saves results.
$Results = foreach ($Name in $HubServers) {
[string]$Server = $HubServers[$Count].Name
Get-MessageTrackingLog -Server $Server -Sender $Sender -ResultSize Unlimited `
-EventID Receive | Select Timestamp, ClientIP, ClientHostname, ServerHostName, `
{$_.Recipients}, RecipientCount, MessageSubject
$Count=$Count+1}

if ($Results) {
$Results | export-csv “C:\temp\sender-report.csv” -NoTypeInformation
write-host ” “
write-host “Messages from $Sender found.”
write-host “Output saved to c:\temp\sender-report.csv”
write-host ” “
}
else {
write-host ” “
write-host “Sorry. I found no messages from $Sender.”
write-host ” “
}

You can just copy the above text into notepad and save it as C:\Windows\System32\WindowsPowerShell\v1.0\Get_Sender.ps1.

Since the CAS and HUB roles are combined in Exchange 2013, I don’t yet know whether it will work in that version or not.

2 responses to “Get a Report of All Messages Received from a Particular Sender”

  1. jay c says:
    February 28, 2013 at 3:07 pm

    If you see this article before I fix it, WordPress messes with the formatting of double-quotes, so if you cut and paste the script, you will need to fix the non-standard quotes to plain-vanilla quotes.

    Reply
  2. jay c says:
    February 28, 2013 at 3:12 pm

    Hmm. Changing the double-quotes to " didn’t help. Does anyone know how to tell WordPress to stop converting standard quotes into left and right quotes?

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Disclaimer: Many links on this website to books, software, and other resources are affiliate links. I might earn a very small commission if you purchase through one of my links.