|
| This morning I came in to find a "system log is full" message on our
server screen. When I looked in the log, there are what looks like
hundreds of SMTPSVC warning messages with an event ID 4000. They are
happening every 2 minutes or so. All relaying is disabled for the SMTP
virtual server. Port 80 is closed at our firewall. The message in the
description box says "Message delivery to the remote domain
'carefulchristianconsumer.com' failed for the following reason: The
remote server did not respond to a connection attempt." When I look in
the Exchange system under the SMTP virtual server Queues, I can see all
the domains listed that are mentioned in the warning messages. There are
about 20 domains altogether, and each one has a total number of one
message, all of them from "postmaster@ourdomain.com". When I double
click on the messages and look at the details tab, the Status: says
"Retry". We are running Symantec Anti-Virus for gateways and keep it up
to date, and I just ran Windows Update last night. We also run Symantec
on our workstations, which are updated weekly. Should I just delete all
these messages, or do I have a major security issue on our hands? We are
still able to send and receive emails in and out of office. There is
nothing unusual that I can see in Task Manager. Inetinfo is using about
24MB of RAM. Disk space is pretty constant.
We are using Windows 2000SBS patched with the most recent updates.
Thanks.
|
|