• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 266
  • Last Modified:

SMTP possible virus / bringing system to a halt

Yesterday our internet connection came to a halt(Ping of 900-1100 ms). I was able to pinpoint our exchange server as the problem. I ran our Corporate Norton Virus program and it found 4 potential problems. I removed them and rebooted the system. Once rebooted the problem still persisted. After many other attempts to identify the problem I downloaded Security Task Manager. It identified two high risk services and I quanantied them. At first that seemed to work but once I started up the Exchange services it went right back to a ping of 900. So then I started stopping each service and checking the ping. The long and short is that the SMTP service is the culprit. If I stop that service the problem stops but then our email stops working. I checked the exchange queue and started the service. It is creating 7 Meg chunks of email and then deleting them over and over.
The path for the SMTP service is c:\windows\system32\inetsrv\inetinfo.exe .

The part that has me really confused is that the IIS service uses the same path but does not seem to be effecting the system.

What is the best way to get the correct SMTP executable back on my system?
0
toycannon
Asked:
toycannon
  • 3
1 Solution
 
wolfcamelCommented:
several possible causes..

is the server an open relay? you can check this at various free web sites.
If it a rogue PC with a virus that is sending all the messages?
Has someone sent a mailing list type of email with a large attachment?
inetinfo is the correct executable - it is used by quite a few services
0
 
wolfcamelCommented:
look at the messages in the queue and see if you can get an idea of where they are coming from.

There was a similar question in here the other day and someone suggested a tool that could look at the exchange logs for some better information. I will see if I can find it for you
0
 
wolfcamelCommented:
Here is the other post..with the link on the accepted solution..
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_23797493.html
0
 
toycannonAuthor Commented:
Solution solved using
http://www.amset.info/exchange/spam-cleanup.asp

Thanks for the other links.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now