Exchange 2003 smtp queue get full with unknown email (two-three domain emails and get like 1000 mails and more) I check server is not open relay. And is filtering.I deleted queue and create new, everything was good for 2-3 days and now start again.

If you are sure that you are not an open relay what queue is the messages stuck in? What AV are you running? Can you disable file and Exchange-level? I have seen this happen with Antigen on Exchange 2003 BH servers.

The company use some free AV is ClamAV. messages are something like hryahoo.com some unknown domains. i don't understand disabling file and exchange level. i also check for 1708 error id to see if some user password need to be change, but i don't have 1708 in events. Thanks

Make sure that there are proper exclussions for Exchange in the file-level AV. But I would double check that you are not an open relay and that no one in your company is sending out SPAM messages. Is the domain you mentioned the destination or source? See if you can track a few and see if they are coming from the same source.

ClamAV is most likely your file level AV. Here's an article on what to exclude from scanning. http://support.microsoft.com/kb/823166 What free AV to you suggest to install on exchange 2003 Thank's

Sorry, I don't know of any free ones. But getting back to your queue, what folder are all the messages in? Did you find out if it is from external or internal? Is it to external or internal? S

Queue directory are all message stuck How to see is it from internal or external because i see only sender and recipient are some strange email and long names also.

Check the smtp logs to see where they're originating from. Use message tracking and search on the smtp address. http://www.msexchange.org/tutorials/Logging_the_SMTP_Service.htmlJames Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

Were you able to track the source of the messages? Just make sure that you are sure that you are not an open relay and that DNS is setup properly. I forgot to ask, are you still able to send and receive email "normally"? Also check to see if you have a compromised user or application server relaying junk to your server (once you find the source that is...)

On Wed, 8 Aug 2012 07:50:09 +0000, zzdravkin wrote: >Exchange 2003 smtp queue get full with unknown email (two-three domain emails and get like 1000 mails and more) > >I check server is not open relay. > >And is filtering.I deleted queue and create new, everything was good for 2-3 days and now start again. Who are the messages from? They may just be NDRs. Do you reject any email sent to addreses in your domain that can't be found in your directory? --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

On Wed, 8 Aug 2012 07:50:09 +0000, zzdravkin wrote: >Exchange 2003 smtp queue get full with unknown email (two-three domain emails and get like 1000 mails and more) > >I check server is not open relay. > >And is filtering.I deleted queue and create new, everything was good for 2-3 days and now start again. Who are the messages from? They may just be NDRs. Do you reject any email sent to addreses in your domain that can't be found in your directory? --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP No NDR email, and also reject any email sent to addreses in your domain that can't be found in your directory is check. There are from some mail address with long name very long name , and i gees is some kind of spam. Thank's

hi, Have you configure the spam filter on your exchange 2003? You can use the sender filtering/connection filtering So i recommend that you should first do some settings in your message delivery properties. Open your EMS and then right click the message delivery, open the message delivery properties. Then try to block these sender by using sender filtering/connection filtering etc. hope can help you thanks,CastinLu TechNet Community Support

On Thu, 9 Aug 2012 07:12:13 +0000, zzdravkin wrote: >On Wed, 8 Aug 2012 07:50:09 +0000, zzdravkin wrote: >Exchange 2003 smtp queue get full with unknown email (two-three domain emails and get like 1000 mails and more) > >I check server is not open relay. > >And is filtering.I deleted queue and create new, everything was good for 2-3 days and now start again. Who are the messages from? They may just be NDRs. Do you reject any email sent to addreses in your domain that can't be found in your directory? --- Rich Matheisen MCSE+I, Exchange MVP >--- Rich Matheisen MCSE+I, Exchange MVPNo NDR email, and also reject any email sent to addreses in your domain that can't be found in your > >directory is check. > >There are from some mail address with long name very long name , and i gees is some kind of spam. If they aren't NDRs and they aren't sent to anything you allow relaying for then you have a problem. Either the stuff is coming from inside your LAN or you've misconfigured the SMTP Virtual Server. The first place to check now is your SMTP protcol log. Open it in notepad and look for that "very long name". From what IP address did the message arrive? Was the connection an anonymous one or do you see the AUTH command and base64-encoded name and password in the log file? --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP