Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

SMTP possible virus / bringing system to a halt

Posted on 2008-10-09
4
Medium Priority
?
263 Views
Last Modified: 2013-12-09
Yesterday our internet connection came to a halt(Ping of 900-1100 ms). I was able to pinpoint our exchange server as the problem. I ran our Corporate Norton Virus program and it found 4 potential problems. I removed them and rebooted the system. Once rebooted the problem still persisted. After many other attempts to identify the problem I downloaded Security Task Manager. It identified two high risk services and I quanantied them. At first that seemed to work but once I started up the Exchange services it went right back to a ping of 900. So then I started stopping each service and checking the ping. The long and short is that the SMTP service is the culprit. If I stop that service the problem stops but then our email stops working. I checked the exchange queue and started the service. It is creating 7 Meg chunks of email and then deleting them over and over.
The path for the SMTP service is c:\windows\system32\inetsrv\inetinfo.exe .

The part that has me really confused is that the IIS service uses the same path but does not seem to be effecting the system.

What is the best way to get the correct SMTP executable back on my system?
0
Comment
Question by:toycannon
  • 3
4 Comments
 
LVL 20

Expert Comment

by:wolfcamel
ID: 22679529
several possible causes..

is the server an open relay? you can check this at various free web sites.
If it a rogue PC with a virus that is sending all the messages?
Has someone sent a mailing list type of email with a large attachment?
inetinfo is the correct executable - it is used by quite a few services
0
 
LVL 20

Expert Comment

by:wolfcamel
ID: 22679549
look at the messages in the queue and see if you can get an idea of where they are coming from.

There was a similar question in here the other day and someone suggested a tool that could look at the exchange logs for some better information. I will see if I can find it for you
0
 
LVL 20

Accepted Solution

by:
wolfcamel earned 2000 total points
ID: 22679736
Here is the other post..with the link on the accepted solution..
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_23797493.html
0
 

Author Comment

by:toycannon
ID: 22681790
Solution solved using
http://www.amset.info/exchange/spam-cleanup.asp

Thanks for the other links.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question