Ahaan.. so your exchange 2003 queue is flooded with NDR (non-delivery reports), no need to panic as we are going to fix this issue in few minutes.
How to check your exchange 2003 queues?
Start > Programs > Microsoft Exchange > System Manager(ESM)
you will see 'Organization Name' in tree menu which is on left side of window.
Right click and go to 'Properties'
On general tab you will see 'Display Administrative Groups' we need to enable this.
The reason for doing this so that your tree view structure and my view structure should be same, which will help you to find exactly where i am trying to go.
Ok now we need to close and re-open ESM. When you open it, you will see changes in placement of different folders and elements in our tree structure.
Fine, lets go ahead and find our queue.
Drill down to Administrative groups > First Administrative Group > Servers > (Exchange_Server) > Queues
You will see SMTP Connector here and the domains to which they are trying to send emails, moreover you will see number of messages waiting to go through via this SMTP under 'Number of Messages' you will see higher number if emails are stuck in queue.
We need to double click on it to get to know the messages which are not going through, once we double click we get 'Find Messages' window, leave things as is and click on 'Find now' button, soon you will see all the messages down.
Check the 'Sender', if its postmaster@domain.com that means we are having R-NDR attack (Reverse NDR)
No comments:
Post a Comment