Solved

SMTP possible virus / bringing system to a halt

Posted on 2008-10-09
4
246 Views
Last Modified: 2013-12-09
Yesterday our internet connection came to a halt(Ping of 900-1100 ms). I was able to pinpoint our exchange server as the problem. I ran our Corporate Norton Virus program and it found 4 potential problems. I removed them and rebooted the system. Once rebooted the problem still persisted. After many other attempts to identify the problem I downloaded Security Task Manager. It identified two high risk services and I quanantied them. At first that seemed to work but once I started up the Exchange services it went right back to a ping of 900. So then I started stopping each service and checking the ping. The long and short is that the SMTP service is the culprit. If I stop that service the problem stops but then our email stops working. I checked the exchange queue and started the service. It is creating 7 Meg chunks of email and then deleting them over and over.
The path for the SMTP service is c:\windows\system32\inetsrv\inetinfo.exe .

The part that has me really confused is that the IIS service uses the same path but does not seem to be effecting the system.

What is the best way to get the correct SMTP executable back on my system?
0
Comment
Question by:toycannon
  • 3
4 Comments
 
LVL 20

Expert Comment

by:wolfcamel
ID: 22679529
several possible causes..

is the server an open relay? you can check this at various free web sites.
If it a rogue PC with a virus that is sending all the messages?
Has someone sent a mailing list type of email with a large attachment?
inetinfo is the correct executable - it is used by quite a few services
0
 
LVL 20

Expert Comment

by:wolfcamel
ID: 22679549
look at the messages in the queue and see if you can get an idea of where they are coming from.

There was a similar question in here the other day and someone suggested a tool that could look at the exchange logs for some better information. I will see if I can find it for you
0
 
LVL 20

Accepted Solution

by:
wolfcamel earned 500 total points
ID: 22679736
Here is the other post..with the link on the accepted solution..
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_23797493.html
0
 

Author Comment

by:toycannon
ID: 22681790
Solution solved using
http://www.amset.info/exchange/spam-cleanup.asp

Thanks for the other links.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Easy CSR creation in Exchange 2007,2010 and 2013
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video discusses moving either the default database or any database to a new volume.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now