We recently had an incident where a use deleted gigs of email and would up with a corrupt mail box. This it appears was the root cause of large mail queue build-ups to the mailbox server. Once we took this user offline the spiking stopped. So we're fairly convinced this was the root cause. The problem: It took some hunches to figure this out. Is there any logging or diagnostic tool in Exchange to see who exactly is pounding the server and causing a denial of service in terms of ability to deliver email to the mailbox server? It is my understanding that RPC requests within a single (or a few) TCP connections are a limited resource on the Exchahge MB server. Would there be any means of seeing that say 90% of all the RPC requests are related to one particular user? MS support so far has not offered any insight regarding being able to more quickly trouble-shoot this kind of issue in the future.