Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 377
  • Last Modified:

Exchange 2003 Server slows entire network Internet access

All at once a couple days ago internet access slowed to a crawl on all the computers onhte domain including both workstations and servers.  I'v tested a direct connect to the T-1 Cisco 1721 router supplied by our T1 supplier and everything is fine.  I've checked the switches and all is ok.  On further testing I've determined that the problem only occurs when the Exchange server (Ver. 2003 on a sewparate box) is running.  If it is shut down everything is normal.  If I start it up Internet access dies after 5 to 10 minutes.  It sounds like a virus or trojan but so far I;ve found nothing.  We have a total of two Dell servers.  One is the domain controller and file server.  The other is the Exchange server.  Both are running server 2003.

This slow down does not appear to affect the local network speed - only the Internet.  Any ideas would be appreciated.
1 Solution
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
What all does that affected Exchange holds ... i guess its a Member server and not a DC.
Is it responsible for mailflow or something ?

- Rancy
Is it possible it's got a duplicate IP address, most likely with the router or switch that's recently been installed?
I've seen that cause problems similar to what has been described..
Make sure your Exchange server is locked down.  Meaning know one can third-party relay off of your mail server.  Also, given your bandwidth you may also need to implement restrictions on email size for in and outbound to no more than 10Mb email size.  

If you don't have the proper settings on your Exchange server and firewall the mail server can get compromised allowing third-party relay.  Allowing people to use your server for spamming.

I highly recommend using a service like Microsoft Hosted Filtering or Google's Postini to filter virus and spam email traffic before mail is received by your mail server.  With either service you will locked down port 25 in your mail server to only allow Microsoft or Postini to send to your mail server.  

I've used these services at every company that I've worked at over the last 10+ years.  These services are much more robust than any appliance that you can put in place.
MogartAuthor Commented:
The problem has been resolved internally.  It turned out to be a script on the domain controller that was downloading Symantec antivirus strings and installing them on the servers and several PC's.  This script was apparently written by a previous IT person to do updates rather than using the Symantec managed client method.

In any event the problem went away after I disabled the script.  The reason I had so much trouble running it down was because everything still worked but just extremely slowly.  It would have been easier if it had actually frozen a process.

Note to gsmartin:  We do use Postini for filtering.
MogartAuthor Commented:
The other responses did not solve the problem

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now