Hard Drive constantly writing when SMTP is enabled 3

[webmastadj84]

I have this problem. The server is runng 2003 exchange and every time I turn on the SMTP server service, the system is constantly writing to the hard drive...so much so it slows the system down a great deal. Once I stop the service, the system stops writting to the hard drive and then goes back to normal opperation. Any ideas with this problem? It has been working fine until this happened a few weeks ago.

 

[Marcs41]

And why are you starting the SMTP services?

Marc
_{If 'something' 'somewhere' gives 'some' error, expect random guesses or no replies at all.
Free Tip: The F1 Key does NOT destroy your PC!}

 

[kbing]

What kind of server are you using? CPU? RAM? Disk RAID configuration? Are the databases (EDB/STM) separated onto a different RAID disk set or on the same set as the databases?

SMTP service is necessary to receive incoming and send outgoing email for Internet recipients. When mail is processes there is a lot of writing happening on the STM database files which can easily overcome the IOPS that the disks are capable of handling.

 

[Marcs41]

Exchange does not require the SMTP Server Service, that is why I ask.

Marc
_{If 'something' 'somewhere' gives 'some' error, expect random guesses or no replies at all.
Free Tip: The F1 Key does NOT destroy your PC!}

 

[ShackDaddy]

The SMTP service writes incoming SMTP messages to a temp directory that's normally on the C:\ drive before processing them. Perhaps high fragmentation or lack of disk space is making that a higher i/o activity than it should be. But that doesn't sound right. Can you gather some real stats using Performance Monitor related to physical disk activity? If you examine the type of activity that takes place after you start the service: more reads? more writes? A lot of data? High interrupts? Etc, you will have a better idea of what's going on. Also check the processes in Task Manager and see if something stands out that you may have missed earlier.

ShackDaddy

 

[kbing]

I believe Exchange does require SMTP service. 1 - you cannot install Exchange without it installed in IIS. Two when I stop SMTP on my Exchange 2003 Enterprise system - incoming email and outbound email to the Internet stops.

If you have documentation that it is not required...I'd like to read that Microsoft KB or reference.

 

[TweakMYbox]

You are correct, Exchange 2003 does require the SMTP Service. What antivirus software are you running on your Exchange server? Do you have the proper exclusion in place?

In my experience, the 2 most common reasons for Exchange issues are :

1. DNS related issues
2. Misconfigured Antivirus software

Mike

http://tweekmybox.com

 

[cajuntank]

I have had this happen a couple of times to me. For one instance, I had a user with a rather large distribution list and she decided to send some image attachments in an email to her list. Can you say "100MB+ over a DSL upstream of 256Kb", ouch! I had to babysit the message queue and delete the messages out of the queue.

I have also had it where there was a machine with a virus/worm that was sending so much garbage out through the mail server that it just about brought it to it's knees.

In both incidents, I was able to stop either the SMTP virtual server or SMTP service and except for mail of course, everything was fine. Take a look at your queues and you should see if they are eating up your servers processing.

 

[ShackDaddy]

Picou, have you checked the disk performance counters yet and gotten a solid correlation between disk activity and the SMTP service?

Another good idea would be to use Sysinternals.com's DiskMon to see what exactly is being read/written to disk and which process is responsible for reading/writing it.

ShackDaddy

 

[webmastadj84]

The specs on the machine are:
2.4GHz P4
1GB Memory
IDE 7,200RPM 160GB

I did look at in the queue and deleted them, but I am still getting a constant read/write on the hard drive. I have install avast anti-virus and scaned the machine (was not installed before), nothing came up. Also, I am currently cleaning the BadMail folder.

I have had a problem with people using the server to send spam out (not internal users but external non-user hosts). I know this is causing a problem but I just don't know how to stop this. Please help me with these issues.

Also, Sorry for the late reply guys, I have been busy with other projects.


Also, just for a note:
Exchange server does require SMTP service. That is the default Protical for all email on the internet. If you disable it, no income or outgoing mail will be sent or received. You will still be able to download the old mail or mail that was recieved before the service was disabled using the IMAP/POP3.

 

[webmastadj84]

Also, I did block the IP addresses ranges that I believed that were sending SPAM via my server. But even then, still not helping. I have been blocking them from the Relay and connections in the Access Tab of the SMTP server properties. Would it be better to have a router block these addresses? Is there any program that would be able to block all known spamming addresses?

 

[ShackDaddy]

Picou, to stop the spamming problem, read this article:

http://www.petri.co.il/preventing_exchange_2000_2003_from_relaying.htm

It will tell you how to configure to turn off relay.

What do you see in your outbound queues?

Let us know if you need more help.

ShackDaddy

 

[webmastadj84]

I tried disabling relaying all together before, but I just stopped me from sending email at all. All the users on the server are internet user (i.e. they are at the houses sending email from their computers, they are not inside the network) so when I disabled the relay, they were unable to recieve email to other servers which totally defeats the purpose. Is there any way that the relay can only send mail from domain users (including ones on the internet) and only relay or recieve mail from users that are on the server and relay it to others. Not sure if that makes any since. I have yet to find any simple instructions on how to do this without disabling the ablity for users to recieve mail from outside parties. Please help.

 

[webmastadj84]

I tried the authication method, but then, just like the

http://www.petri.co.il/preventing_exchange_2000_2003_from_relaying.htm

says, creating so only authicated users can connect stops email from being recieved.

 

[ShackDaddy]

You need either a separate mail server or an additional external IP for your mail server. If you get an additional IP, then you create an additional SMTP Virtual server on the new IP and configure it for your users to connnect to and authenticate on. Then you disallow relaying on your default SMTP Virtual server, and spammers can no longer use you for a launch pad. Do it as soon as possible! And let me know if you need help.

ShackDaddy

http://david.shackelford.org

 

[kbing]

By default, Exchange 2003 does not allow relay. You have to remove the setting to enable relay. If you check your "Default SMTP Virtual Server" on the Access tab, be sure that:

* Only the list below is selected
* Allow all computers which successfully authenticate to relay, regardless of the list above is selected.


Also be sure that the Authentication tab is set at default:

check- Anonymous access
check- Basic authenitcation
check- Integrated Windows Authentication
Click on Users and be sure "Authenticated Users has Submit permission"

Go into the "Connection option and be sure that there is a check mark on "All except the list below" is selected. This will allow all computers (except the listed) to access the SMTP virtual server.

This ensures that relay is not enabled, and computers can access the SMTP virtual server to receive incoming internet email.

Test this by going to command line and using Telnet x.x.x.x 25 (port 25) and use the SMTP commands to try to send a relay message...also try to send a ligitimate message.

You can find the SMTP commands by doing a google search for SMTP commands.

 

[webmastadj84]

ok, I did everything that kbing said to do. I don't know how to use the commands to relay a SMTP message. Please fill me in.

ShackDaddy: I already have two IP and two servers running, the small business one and a web edition. The web edition is just host stream video files.

 

[ShackDaddy]

To find the test method that kbing mentioned, google "telnet helo smtp test"

ShackDaddy

 

[webmastadj84]

ok, looks like it did block the request. But the HD light is still constantly flashing.

 

[webmastadj84]

It looks like the server is writing files to the BadMail directory. I am currently deleting all those files again, and also re-enabled the server to write log files. What email goes into the BadMail folder in the first place. The queue is still empty. Once the the BadMail files are deleted then I will restart the SMTP for an hour and see what happens.