exchange 2003

what is the quckest way to clear out the queue in exchange 2003? over the weekend, something happened and my queue is FULL of stuff, it looks like something is try to relay through my server, so i just want to blow out everything in the queue
Who is Participating?
Alan HardistyConnect With a Mentor Co-OwnerCommented:
Nothing to cleanup by the sounds of it.  If you have nipped the issue in the bud, then you should be fine.  Not being Blacklisted is good news.  Hopefully it will stay that way.

Recipient Filtering was the answer in this case, which hopefully my article would have pointed you towards as the solution.
Stelian StanConnect With a Mentor Network AdministratorCommented:
Stelian StanNetwork AdministratorCommented:
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Alan HardistyCo-OwnerCommented:
Please have a read of my article so that you can identify which of your accounts the spammer is abusing so that you can stop this happening again, which it will:'t-send.html

You can use aquadmcli.exe to purge the queues quickly:
JeffBeallAuthor Commented:
i had to put in sender filtering to stop all the bogus email. how can i clean up after this?
Em ManConnect With a Mentor Commented:
make sure your Exchange Server is not an Open Relay.
Alan HardistyCo-OwnerCommented:
Have you read my article?

You are either an authenticated relay and need to identify the account, or you are not recipient filtering and need to.

Which is it?

Who is the sender of the emails in your queue?  Random users from a domain not hosted by your server or
JeffBeallAuthor Commented:
yes alanhardisty, i read your article, and i thought it was very good. but maybe i didn't read something carefully enough.
all i know is that once i put in recipient filtering, and checked  - filter recipients who are not in the directory, the attack stopped and my queue is perfect.
i can send and receive emails.
so should i keep in recipient filtering? or are there problems keeping this setting?
now that my queue is clear, i don't have one of the bogus emails to look at who the sender was.
i did look at those emails when i had them, but i guess i couldn't tell who was the sender.
Alan HardistyCo-OwnerCommented:
Okay - so you enabled Recipient Filtering - which means you now won't be sending NDR (Non Delivery Reports) back to spammers.

When you don't recipient filter, and you get inundated with spam, your server will accept all the messages, then try to deliver them, discover that the recipient doesn't exist and will then send a Non Delivery Report back to the sender, which will usually be a forged address, so a proportion of the NDR messages won't be deliverable (because they have been made up).

The problem is, that some messages will be sent to people that didn't send you messages and this will mean you will probably be Blacklisted on as a result.

Now that you have Recipient Filtering enabled, your server checks the Recipient details on inbound messages and if the Recipient doesn't exist on your server, the server will reject the message and the Sender will then be the one responsible for sending the NDR message (not you).

So - what was happening was that you were being inundated with spam and you were not Recipient Filtering.

You should now remove the filter but leave Recipient Filtering Enabled.

Check on and see if your IP Address is blacklisted with  It probably will be but will drop off in about 30 days time automatically.

Until then, you may have some problems sending mail to some domains because they will use this blacklist to reject spam and because they will find you on it, your messages will be rejected.

To bypass this, you can setup a new SMTP Connector to send emails for the problem domains via your ISP's mail server (Smarthost).

For details of how to do this, please have a read of the following:

JeffBeallAuthor Commented:
ok, i took postmaster out of recepient filtering and all is still well with my queue.
also, i tried the link to see if i'm black listed, and i am not!! so good news, i guess i caught it in time.
any suggestions on how to clean up after this? i apologize in advance if the clean up is in your article, i started googleing so many things, i lost track of what was where.
my queue is nice and clean, i just didn't know if there were other things to consider.
JeffBeallAuthor Commented:
thanks for the help, all is well with my server now.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.