none
Exchange 2013 High SMTP Traffic (not spam)

    Question

  • Hello All.

    I'm stumped. We are running an Exchange 2013 server on Windows Server 2012 in HyperV.

    It's running on a 128KB line dedicated to mail only.

    The past week the line has been running to full capacity. Outgoing mail is normal, incoming takes hours.

    Even if I suspend the mail queue to our SmartHost, the line is still running at max.

    When checking the out going queue, there is nothing suspicious. Over the span of an hour there were 14 legitimate mails from users and 3 NDRs to spam e-mail.

    I checked SMTP ProtocolLogs and can't find anything weird.

    I have no idea how to figure out what is causing the high volume of traffic.

    As soon as I stop all Exchange services, the traffic on the line flat lines. So it is Exchange... but what? It's not Spam, at least not that I can find in the queue.

    Kind Regards

    Hentie

    Friday, May 26, 2017 6:15 PM

All replies

  • If it's Exchange SMTP traffic, it should show up in the SMTP protocol logs but only if you've enabled "Verbose" protocol logging on all relevant connectors.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Monday, May 29, 2017 4:59 AM
    Moderator