We have a Exchange 2003 server that we believe was under an NDR attack. We enabled Recipient Filtering and cleared the outbound smtp queue using a false smtp connector. I have temporally disabled the inbound smtp traffic to our server and still have the false connector running but we still have a tremendous amount of traffic appearing in the "messages waiting to be delivered" queue. I dont understand why messages are still appearing inthe queue even through I have shut down the inbound traffic to the server. We did a scan of the server and found no viruses or malware.
Any suggestions would be appriciated.