I spend a lot of time surfing various Exchange-related message boards, trying to figure out what the latest issues
are. One of the topics that I see posted the most often concerns flooded SMTP queues.
There are many reasons why SMTP queues become clogged, but the primary reason is spam.
If your Exchange Server is configured to act as an open mail relay, then your SMTP queues will be constantly filled with thousands of messages. Likewise, if someone is simply bombarding your organization with spam, the queues will tend to fill up as well. Not only does the in-bound spam consume space in the queue, but if your server is configured to generate non-delivery reports (NDRs) when spam is sent to an invalid e-mail address within your organization, then those NDRs will also consume space within the queue.
It is completely normal for your SMTP queues to have messages in them. Normally these messages won't cause a problem. What does cause a problem, though, is when messages come into the queue faster than they can be processed and the mail flow never eases up enough to allow the server time to catch up. In this situation, it's only a matter of time before the disk volume housing the SMTP queues runs out of space.
To understand how to combat SMTP queue flooding problems, you need to understand about the anatomy of an SMTP queue. As you probably know, just about everything in Exchange is database driven. This isn't the case with the SMTP queues. An SMTP queue is nothing more than a folder on the hard disk. Each message within the queue exists as an individual file within the folder.
By default, the SMTP queue is located at \Program Files\exchsrvr\Mailroot\vsi 1\. This folder contains three sub folders: BadMail, Pickup and Queue. When a message is initially received, it is placed in the PickUp folder. Exchange then determines whether or not it knows what to do with the message. If the message is valid, it is placed in the Queue folder. If the message is invalid, it is attached to an NDR and placed in the BadMail folder. (Remember that Exchange 2003 Service Pack 1 disables the BadMail folder in the interest of reducing the effects of spam.)
Determine what's causing the jam-up
So what do you do if your SMTP queues get all jammed up? First determine whether or not the queue is jammed with spam and spam-related NDRs or if it's clogged with legitimate mail. If the queue is clogged with legitimate mail, then your best bet is to move the queue to a disk volume that offers more space and better performance.
In Exchange Server 2003, you can change the queue directory directly through System Manager. To do so, open System Manager and navigate to Administrative Groups | your administrative group | Servers | your server | Protocols | SMTP | Default SMTP Virtual Server. Right click on the Default SMTP Virtual Server container and select the Properties command from the resulting shortcut menu. When you do, you will see the virtual SMTP server's properties sheet. The Properties sheet's Messages tab contains the options for moving the queue directory. If you have Exchange 2000 Server, this option does not exist. Instead, you will have to use the IIS Metabase Editor to move the queue.
If your SMTP queues are all jammed up because of spam, then I recommend beginning on the SMTP Virtual Server's properties sheet. First, use the Relay button on the Access tab to verify that the Mail Relay feature is disabled. Next, close the Default SMTP Virtual Server's properties sheet. Navigate to Global Settings | Internet Message Formats. Right click on the default Internet message format (in the pane to the right) and select the Properties command from the resulting shortcut menu. This will cause Windows to display the Default Properties sheet. Select the Advanced tab and clear the Allow Non Delivery Reports check box.
How to clear the queue – now
The steps that I have shown you so far will help prevent too much mail from building up in the queue in the future, but there is still the matter of clearing the queue right now. You can manually clear the queue by deleting the files contained in the queue folder. If you choose to go that route though, there are two things to keep in mind. First, you may delete legitimate SMTP mail in the process. Second, the deletion will take forever if you use Windows Explorer. Deleting files from the queue will still take a long time, but will happen much more quickly if done through a command prompt window instead of Windows Explorer.
If you are using Exchange 2003 then you can clear the queue directly through system manager. Navigate to the Queues folder beneath the Default SMTP Virtual Server, right click on the queue that you want to clear, and select the Delete All Messages (No NDR) command from the resulting shortcut menu.
If you really get desperate, Microsoft has a tool called aqadmcli.exe that can be used to manipulate SMTP queues from a command line. The tool was originally designed for internal Exchange testing, but is available for outside use. The only way to get this tool is to call Microsoft's Product Support Service and ask for it. Microsoft's policy if you call Product Support Service is to ask for a credit card number, but to not actually charge the credit card if you are simply asking to download a support tool.
As you can see, there are a variety of situations that can cause an SMTP queue to become flooded. However, it is usually fairly easy to clear the flooded queue so that your server can continue to function normally.
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as the CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer he has written for Microsoft, CNET, ZDNet, TechTarget, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at www.brienposey.com.
Please let others know how useful this tip was via the rating scale below. Do you know a helpful Exchange Server, Microsoft Outlook or SharePoint tip, timesaver or workaround? Email the editors to talk about writing for SearchExchange.com.