econn31
asked on
Exchange server clogging bandwidth
Our exchange server is accessing our internal DNS server about 1000 times a second to get name resolutions. Our internal DNS then turns to the external DNS to do the lookups (if the names aren't in our local DNS). This is clogging up our network. Denying our DNS server access to external DNS, means we lose mail all together, but we do get the internet back. Does anyone know how to go into the exchange server and find what users are sending so much mail at a time? (I suspect there is a virus) I just want to see what user is causing all the traffic so i can disable that account (if that's what's going on).
Thanks, Eric
Thanks, Eric
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hey Thanks! I found the que and it is huge - it seems a virus has started to send a whole lot of spam from our server! I disabled outgoing mail temp (and we get our bandwidth back). I'm still having trouble pin pointing the source of the spam however. It says source is default SMTP server, but i can't seem to find the email address that is sending everything? Any suggestions as to how i can find the problem client?
Thanks again
Thanks again
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
Also, if you have that much email going out, you could look at the SMTP queue on the Exchange server to see who the originator is of the email. I'm sure if there is that much going out, then it's getting backed up in the queue.