The other night, the transaction logs on one of our Exch 2007 servers was growing rapidly. We managed to find the cause was a client that must have had a virus or something but was causing a lot of work for Exchange, which in turn generated logs for this work. We managed to close the connection by disabling the client's port on the local Cisco switch.
We're looking at ways we could have done this better. Is there another way we can disable a client's connection to Exchange?
I was thinking one of the following
1. Disable MAPI on the offending mailbox
2. Use TCPView to close the connection (IP > right click > Close Connection)
Does anyone know any other method?