Re: badmail
- From: "A. M. Salim" <msalim@xxxxxxxxxxxx>
- To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
- Date: Tue, 23 Nov 2004 09:36:21 -0500 (EST)
Hi,
> Yesterday I posted badmail, queue and pickup directories are full to
> busting of files and I am assuming it is due to the sdbot virus, can
> this be confirmed and also that the only way to " empty " these
> directories is to take the server off the internet until clear then
> delete the virus, there is no other reason for these folders being full
> is there ?????
There are many many reasons for those dirs filling up, not just the sdbot
virus.
The queue dir will fill up if someone or some process is trying to send
out masses of emails, either zillions of small emails or a lot of huge
emails.
The badmail dir will fill up when the recipient email address is bad and
you have zillions of such messages. This can be caused because you simply
do not bother to regularly clean out the badmail dir and it has now filled
up, or because there is someone or some process sending out masses of bad
emails.
While all signs appear pointing to your current virus infection, I would
hesitate to say that it is the only reason.
I am curious: you say that your server has been infected by a virus and
yet you seem reluctant to re-install the system and appear to be looking
for a way to get the system clean again without re-installing.
If you want to be rid of the virus, you have to figure out what practice
caused the server to be infected. A server should not get infected just
because virus-laden emails are being transmitted through it. Someone had
to sit there and click on the virus message and open and execute the file,
or download something bad from the Internet. Is someone using your server
as if it is their personal workstation, and has installed Outlook on it
and is reading their email, downloading this and that, etc.? It may be
worth looking into these things so it does not happen again.
best regards
Mike
Other related posts:
