Exchange queue is filling with spam

Posted on 2003-12-09
Last Modified: 2012-06-27
I have Exchange Server 2000 sp3 loaded. I have the latest Norton AV software updated. Currently the email server is throwing out thousands of spam mail messages. I have verified I am not an open relay. I have checked the server for a virus and can not find one. If I stop the SMTP service everything goes back to normal. I can unplug all network connections and the SMTP queues still fill up with spam. Any ideas?

Question by:itheadaches
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 24

Expert Comment

by:David Wilhoit
ID: 9905491
give us your network layout, firewall and such. When you say unplug network connections, are you unplugging the cable from the exchagne server? Did you change the default settings of the SMTP virtual server at all? If so, what changes did you make?


Author Comment

ID: 9905747
I have a Win2K Server running E2K with SP3. There is no firewall between the server and the outside world. The server plugs directly into switch and the switch connections to the T1. One of my goals this month was to move the server behind the DMZ, but they must have hacked it before I could make the move. I have checked the processes in the server, and nothing is really running hard. Only the hard drive spamming messages is making the machine basically unusable. If I unplug the network connection to the outside world the server continues to spam messages. If I stop the SMTP service then all messages in the queue are wiped out and everything on the server is quiet. I also noticed I was able to receive messages when the service was stopped because the computer could respond. If the SMTP service is launched it takes so much on the hard drive almost nothing can come or go.
LVL 26

Expert Comment

ID: 9905779
U unplug all network connection and ur queue gets filled up with tons af messages?
When u do this is ur queue is emty or is already filled up and queue just keeps trying to send them out?If ur answer is that ue queue is empty when u bring smtp online(disonnected)then problem is on exchange server.DO u have outlook installed on exchange?Did u check for spyware and addware on ur exchange.It may be that ur exchange data is corrupted.If So use EXMERGE yes EXMERGE (this will take out all corrupted emails out) to pst all the info cleanout ur MDBDATA folder start ur exchange inorder to have a clean database then use exmerge to import ur data back if u need more help.
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 9906052
Yes when I unplug all network connection my queue gets filled up. It has to be something running on the computer, but I can not find out what. I thought for sure it was the mail virus, but I checked and that does not exist on the server.

I do have outlook express installed, but no one uses it. I only use it to check to make sure a new mail account works. I ran SpyBot to check for any spyware. No spyware running on server. If my exchange data was corrupt nothing would get in or out. I can actually email in and out if I could get the server to quit sending spam messages. When I look in the queue there are 0 messages. Start SMTP and it just keeps climbing at an incredible rate. All the messages are destined to different locations. hotmail, yahoo, aol, excite, etc etc.
LVL 26

Accepted Solution

Vahik earned 500 total points
ID: 9906354
If ur exchange is started(smtp)and quese is emtpy before u restart it and it is completely disconnected from everything(ur local network and internet)and then ur smtp gets filled up then there must be somthing
on ur exchange server(i know u said u checked it)that u did not find or the outlook express is the culprit that is what my common sense is telling me.Now if u want a quick solution just make sure u have a good backup format ur exchange then install win2000 join it to the domain(make sure to reset the account in active directory first)run exchange setup disasterrecovery and import ur data back.Use exmerge to take out all ur corrupted emais also.Now this is ur last resort if noone else was able to help u out.

Author Comment

ID: 9906702
If the SMTP service is stopped is the queues empty? If not how do I go about empting them to make sure no data is in the queues.
LVL 26

Expert Comment

ID: 9907629
No the queue  does not get   emty and u have to emty it manually.Start ur server
freeze the queues then delete them without creating NDR's.After u clean out ur queue and u unfreeze  them and u still get  new messages accumulating in them(with no connection to anywhere) then u have to either format ur server or call MS.

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question