Exchange 2003 SMTP queue full of strange addresses

I took a look at my virtual SMTP server running on Exchange 2003 /w SP2 and noticed a lot of strange email domain's that are attempting to go out. They seem stuck and say retry.

Is someone trying to use Exchange to spam messages out and they simply get stuck in the queue?

How do I check this to make sure no one can relay out and what is causing all these messages to be stuck in the queue?


Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

It could be that, or it could be NDR messages to a spammer that had been sending messages to users (or non-existent users) in your domain.
Sembee's site ( has a lot of good information on anti-spam measures.
john_s99Author Commented:
I also notice on a different server, running Exchange 2003 SP2 that valid messages get stuck in the queue.

If I try to stop the smtp server, the smtp service gets hung, i.e. it says stopping and then I have to reboot the server, once I do that all the messages that were in the queue get delivered ok.

Any idea what would be causing the smtp service to hang? Also, when the server restarts the smtp service doesn't start automatically, even thou in the services it is listed as automatic.

I then have to start the smtp service manually then the messages get delivered.

Any idea's on this one?
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
The specific article to get this done is here:

Usually this is caused by NDR's trying to go to non-existant addresses... too many of them and you're stuck.
Generally caused by a spammer using your domain name in the "Reply to" field... and there's not much you can do about that.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Regarding your second question...I have heard that sometimes these connections trying to return the NDRs can choke up the SMTP virtual server.  I haven't ever been privvy to the problem sticking the queue, but generally delete these messages (without NDR).  It may be that your AV is sticking the queue up as well, so make sure that you have the exclusions in place for \mailroot\vsi 1\queue and \pickup for the *.eml files.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.