Solved

Exchange queue is filling with spam

Posted on 2003-12-09
7
1,293 Views
Last Modified: 2012-06-27
I have Exchange Server 2000 sp3 loaded. I have the latest Norton AV software updated. Currently the email server is throwing out thousands of spam mail messages. I have verified I am not an open relay. I have checked the server for a virus and can not find one. If I stop the SMTP service everything goes back to normal. I can unplug all network connections and the SMTP queues still fill up with spam. Any ideas?

 
0
Comment
Question by:itheadaches
  • 3
  • 3
7 Comments
 
LVL 24

Expert Comment

by:David Wilhoit
Comment Utility
give us your network layout, firewall and such. When you say unplug network connections, are you unplugging the cable from the exchagne server? Did you change the default settings of the SMTP virtual server at all? If so, what changes did you make?

D
0
 

Author Comment

by:itheadaches
Comment Utility
I have a Win2K Server running E2K with SP3. There is no firewall between the server and the outside world. The server plugs directly into switch and the switch connections to the T1. One of my goals this month was to move the server behind the DMZ, but they must have hacked it before I could make the move. I have checked the processes in the server, and nothing is really running hard. Only the hard drive spamming messages is making the machine basically unusable. If I unplug the network connection to the outside world the server continues to spam messages. If I stop the SMTP service then all messages in the queue are wiped out and everything on the server is quiet. I also noticed I was able to receive messages when the service was stopped because the computer could respond. If the SMTP service is launched it takes so much on the hard drive almost nothing can come or go.
0
 
LVL 26

Expert Comment

by:Vahik
Comment Utility
U unplug all network connection and ur queue gets filled up with tons af messages?
When u do this is ur queue is emty or is already filled up and queue just keeps trying to send them out?If ur answer is that ue queue is empty when u bring smtp online(disonnected)then problem is on exchange server.DO u have outlook installed on exchange?Did u check for spyware and addware on ur exchange.It may be that ur exchange data is corrupted.If So use EXMERGE yes EXMERGE (this will take out all corrupted emails out) to pst all the info cleanout ur MDBDATA folder start ur exchange inorder to have a clean database then use exmerge to import ur data back.call back if u need more help.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:itheadaches
Comment Utility
Yes when I unplug all network connection my queue gets filled up. It has to be something running on the computer, but I can not find out what. I thought for sure it was the mail virus, but I checked and that does not exist on the server.

I do have outlook express installed, but no one uses it. I only use it to check to make sure a new mail account works. I ran SpyBot to check for any spyware. No spyware running on server. If my exchange data was corrupt nothing would get in or out. I can actually email in and out if I could get the server to quit sending spam messages. When I look in the queue there are 0 messages. Start SMTP and it just keeps climbing at an incredible rate. All the messages are destined to different locations. hotmail, yahoo, aol, excite, etc etc.
0
 
LVL 26

Accepted Solution

by:
Vahik earned 500 total points
Comment Utility
If ur exchange is started(smtp)and quese is emtpy before u restart it and it is completely disconnected from everything(ur local network and internet)and then ur smtp gets filled up then there must be somthing
on ur exchange server(i know u said u checked it)that u did not find or the outlook express is the culprit that is what my common sense is telling me.Now if u want a quick solution just make sure u have a good backup format ur exchange then install win2000 join it to the domain(make sure to reset the account in active directory first)run exchange setup disasterrecovery and import ur data back.Use exmerge to take out all ur corrupted emais also.Now this is ur last resort if noone else was able to help u out.
0
 

Author Comment

by:itheadaches
Comment Utility
If the SMTP service is stopped is the queues empty? If not how do I go about empting them to make sure no data is in the queues.
0
 
LVL 26

Expert Comment

by:Vahik
Comment Utility
No the queue  does not get   emty and u have to emty it manually.Start ur server
freeze the queues then delete them without creating NDR's.After u clean out ur queue and u unfreeze  them and u still get  new messages accumulating in them(with no connection to anywhere) then u have to either format ur server or call MS.
0

Featured Post

Shouldn't all users have the same email signature?

You wouldn't let your users design their own business cards, would you? So, why do you let them design their own email signatures? Think of the damage they could be doing to your brand reputation! Choose the easy way to manage set up and add email signatures for all users.

Join & Write a Comment

Suggested Solutions

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now