If you identify that it is coming from one of your Exchange servers, then you can use a tool like Microsoft Network...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Monitor (Netmon), or a freeware tool like Ethereal, to capture the traffic being sent and received by this suspect machine. What is nice is that you actually know the time that this occurring, so you know when to monitor the traffic. This will help you identify if it is in fact the machine the mail is coming from, and if so, which application is generating this message. Netstat –o can be used to enumerate the processes that have active connections on the machine while the problem is being experienced. Once you have the Process ID (PID) you can use Task Manager to identify the most likely suspects and remove them from the machine. To view a PID, open Task Manager and click on the Processes tab. Open the View menu and select Select Columns. Choose PID Process Identifiers.
If this does nothing for you, you can try to identify the problem at the file system and registry level in real time with the Filemon and Regmon tools from Sysinternals.
Do you have comments on this Ask the Expert question and response? Let us know.
Dig Deeper on Microsoft Exchange Server Performance
Related Q&A from Richard Luckett
Is there a way to gain access to multiple users' calendars from the Exchange Management Console in Exchange 2010?continue reading
When moving mailboxes from Exchange 2010 to 2013 on premises, I keep receiving error messages. What could be causing this problem and how do I fix it?continue reading
I have limited drive space on my Exchange Server but need to restore large mailboxes. Can I prevent mailbox restores from a recovery database by ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.