Solved

SMTP possible virus / bringing system to a halt

Posted on 2008-10-09
4
254 Views
Last Modified: 2013-12-09
Yesterday our internet connection came to a halt(Ping of 900-1100 ms). I was able to pinpoint our exchange server as the problem. I ran our Corporate Norton Virus program and it found 4 potential problems. I removed them and rebooted the system. Once rebooted the problem still persisted. After many other attempts to identify the problem I downloaded Security Task Manager. It identified two high risk services and I quanantied them. At first that seemed to work but once I started up the Exchange services it went right back to a ping of 900. So then I started stopping each service and checking the ping. The long and short is that the SMTP service is the culprit. If I stop that service the problem stops but then our email stops working. I checked the exchange queue and started the service. It is creating 7 Meg chunks of email and then deleting them over and over.
The path for the SMTP service is c:\windows\system32\inetsrv\inetinfo.exe .

The part that has me really confused is that the IIS service uses the same path but does not seem to be effecting the system.

What is the best way to get the correct SMTP executable back on my system?
0
Comment
Question by:toycannon
  • 3
4 Comments
 
LVL 20

Expert Comment

by:wolfcamel
ID: 22679529
several possible causes..

is the server an open relay? you can check this at various free web sites.
If it a rogue PC with a virus that is sending all the messages?
Has someone sent a mailing list type of email with a large attachment?
inetinfo is the correct executable - it is used by quite a few services
0
 
LVL 20

Expert Comment

by:wolfcamel
ID: 22679549
look at the messages in the queue and see if you can get an idea of where they are coming from.

There was a similar question in here the other day and someone suggested a tool that could look at the exchange logs for some better information. I will see if I can find it for you
0
 
LVL 20

Accepted Solution

by:
wolfcamel earned 500 total points
ID: 22679736
Here is the other post..with the link on the accepted solution..
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_23797493.html
0
 

Author Comment

by:toycannon
ID: 22681790
Solution solved using
http://www.amset.info/exchange/spam-cleanup.asp

Thanks for the other links.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Pop culture is prime bait for hackers seeking to infect user’s computers and mobile devices with malicious malware. Hackers know exactly what the latest trends are online and know how to use them to their advantage.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question