Stay above the SMTP queue floods

There are many reasons why SMTP queues become clogged, but the primary reason is spam.

If your Exchange Server is configured to act as an open mail relay, then your SMTP queues will be constantly filled with thousands of messages. Likewise, if someone is simply bombarding your organization with spam, the queues will tend to fill up as well. Not only does the in-bound spam consume space in the queue, but if your server is configured to generate non-delivery reports (NDRs) when spam is sent to an invalid e-mail address within your organization, then those NDRs will also consume space within the queue.

More on SMTP queues and spam management: Disk performance best practices for SMTP queues Command-line SMTP queue management for Exchange Server Exchange Server SMTP service tuning parameters Deleting auto-generated spam from the SMTP outbound queue Antispam Reference Center SMTP Reference Center

It is completely normal for your SMTP queues to have messages in them. Normally these messages won't cause a problem. What does cause a problem, though, is when messages come into the queue faster than they can be processed and the mail flow never eases up enough to allow the server time to catch up. In this situation, it's only a matter of time before the disk volume housing the SMTP queues runs out of space.

To understand how to combat SMTP queue flooding problems, you need to understand about the anatomy of an SMTP queue. As you probably know, just about everything in Exchange is database driven. This isn't the case with the SMTP queues. An SMTP queue is nothing more than a folder on the hard disk. Each message within the queue exists as an individual file within the folder.

By default, the SMTP queue is located at \Program Files\exchsrvr\Mailroot\vsi 1\. This folder contains three sub folders: BadMail, Pickup and Queue. When a message is initially received, it is placed in the PickUp folder. Exchange then determines whether or not it knows what to do with the message. If the message is valid, it is placed in the Queue folder. If the message is invalid, it is attached to an NDR and placed in the BadMail folder. (Remember that Exchange 2003 Service Pack 1 disables the BadMail folder in the interest of reducing the effects of spam.)

Determine what's causing the jam-up
So what do you do if your SMTP queues get all jammed up? First determine whether or not the queue is jammed with spam and spam-related NDRs or if it's clogged with legitimate mail. If the queue is clogged with legitimate mail, then your best bet is to move the queue to a disk volume that offers more space and better performance.

In Exchange Server 2003, you can change the queue directory directly through System Manager. To do so, open System Manager and navigate to Administrative Groups | your administrative group | Servers | your server | Protocols | SMTP | Default SMTP Virtual Server. Right click on the Default SMTP Virtual Server container and select the Properties command from the resulting shortcut menu. When you do, you will see the virtual SMTP server's properties sheet. The Properties sheet's Messages tab contains the options for moving the queue directory. If you have Exchange 2000 Server, this option does not exist. Instead, you will have to use the IIS Metabase Editor to move the queue.

If your SMTP queues are all jammed up because of spam, then I recommend beginning on the SMTP Virtual Server's properties sheet. First, use the Relay button on the Access tab to verify that the Mail Relay feature is disabled. Next, close the Default SMTP Virtual Server's properties sheet. Navigate to Global Settings | Internet Message Formats. Right click on the default Internet message format (in the pane to the right) and select the Properties command from the resulting shortcut menu. This will cause Windows to display the Default Properties sheet. Select the Advanced tab and clear the Allow Non Delivery Reports check box.

How to clear the queue – now
The steps that I have shown you so far will help prevent too much mail from building up in the queue in the future, but there is still the matter of clearing the queue right now. You can manually clear the queue by deleting the files contained in the queue folder. If you choose to go that route though, there are two things to keep in mind. First, you may delete legitimate SMTP mail in the process. Second, the deletion will take forever if you use Windows Explorer. Deleting files from the queue will still take a long time, but will happen much more quickly if done through a command prompt window instead of Windows Explorer.

If you are using Exchange 2003 then you can clear the queue directly through system manager. Navigate to the Queues folder beneath the Default SMTP Virtual Server, right click on the queue that you want to clear, and select the Delete All Messages (No NDR) command from the resulting shortcut menu.

If you really get desperate, Microsoft has a tool called aqadmcli.exe that can be used to manipulate SMTP queues from a command line. The tool was originally designed for internal Exchange testing, but is available for outside use. The only way to get this tool is to call Microsoft's Product Support Service and ask for it. Microsoft's policy if you call Product Support Service is to ask for a credit card number, but to not actually charge the credit card if you are simply asking to download a support tool.

As you can see, there are a variety of situations that can cause an SMTP queue to become flooded. However, it is usually fairly easy to clear the flooded queue so that your server can continue to function normally.

Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as the CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer he has written for Microsoft, CNET, ZDNet, TechTarget, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at www.brienposey.com.

Please let others know how useful this tip was via the rating scale below. Do you know a helpful Exchange Server, Microsoft Outlook or SharePoint tip, timesaver or workaround? Email the editors to talk about writing for SearchExchange.com.

Rate this Tip To rate tips, you must be a member of SearchExchange.com. Register now to start rating these tips. Log in if you are already a member. Submit a Tip Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Antispam Software and Spam Filtering Secure Edge Transport servers using the Security Configuration Wizard Create a global Safe Senders List in Exchange 2007 to filter spam Migrating antispam settings from Exchange 2003 to Exchange 2007 The six-layered secret of effective Exchange Server email filtering Top 10 Exchange, Microsoft Outlook and OWA email security tips of 2007 Troubleshoot Microsoft Outlook email delivery problems Microsoft Outlook and Exchange Server 2003 Email Security Guide Top 5 Exchange Intelligent Message Filter add-on tools Locate 'missing' SPF record on an external DNS domain Native Exchange Server 2003 antispam solutions Antispam Software and Spam Filtering Research SMTP Reconfigure an existing Exchange Server user account for a new user Improve Exchange 2003 Internet connectivity, mail flow and performance Troubleshoot Exchange 2003 email that gets stuck in the SMTP queue Perform an SMTP Telnet to test an outgoing Exchange server connection A primer on SMTP and ESMTP servers and commands How to use SMTP queues to troubleshoot mail flow SMTP greylisting problem on Exchange Server 2003 SP2 How to retrieve email from an SMTP server using POP3 SMTP 550 relay error when sending large attachments Sending email to an Exchange distribution list containing SMTP and EX addresses Microsoft Exchange Server Non-Delivery Reports (NDRs) A network connection problem or an offline server prevented delivery of the message Third-party tools that modify NDRs for oversized email SMTP 550 relay error when sending large attachments Not receiving email messages that have file attachments How to strip email attachments from Exchange NDR failure notifications Exchange Server error message: 'A non-delivery report with a status code of 5.4.0 was generated for recipient' How to select the mailbox account that sends Exchange NDRs 'You do not have permission to send to this recipient' errors AQADMCLI: Command-line SMTP queue management for Exchange Server Troubleshoot 'Send As' permission errors RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary greylist  (SearchExchange.com) hash buster  (SearchExchange.com) image spam  (SearchExchange.com) KnujOn  (SearchExchange.com) Sender ID  (SearchExchange.com) spam confidence level  (SearchExchange.com) spamblock  (SearchExchange.com) spim  (SearchExchange.com) tarpitting  (SearchExchange.com) teergrube  (SearchExchange.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.