Using SMTPDIAG to Diagnose Exchange 2003 Related SMTP and DNS Problems :: Tools :: Exchange 2003 Articles :: Articles & Tutorials :: MSExchange.org

This article help me a lot when i try to tracking a problem when sending email

Using SMTPDIAG to Diagnose Exchange 2003 Related SMTP and DNS Problems :: Tools :: Exchange 2003 Articles :: Articles & Tutorials :: MSExchange.org.

Advertisements

Windows 2003 – Can we deleted c:\windows\system32\logfiles\W3SVC1

Last week our exchange server drive C hard drive space, growth abnormally. We’re using windows server 2003r2.

After analyze all folder in drive C, I found that the c:\windows\system32\logfiles\W3SVC1 have the biggest space in drive C.

Because I don’t know if the log in folder can be deleted, so I googling the solution and I found this solution.

After do the solution (deleted the file using scheduler) my hardisk capacity becomes free by 50%.

Hope this workaround will help some people.

Exchange 2003 – How to recover deleted public folders or items that are deleted from public folders

Accidentally I deleted the folder called office information in outlook, and it is an important folder to give user information about office in my organization.

After searching from google I found a tools to restore folder from public folder in exchange 2003.

The tools called PFDAVAdmin.exe, you can download it from here

And for the steps you can do the following step (based on Microsoft kb 924044)

For the step 1 : download the tools

Step 2: Recover a deleted public folder

  1. Move to the PFDAVAdmin folder, and then double-click the PFDAVAdmin.exe file.
  2. On the File menu, click Connect.

  3. In the Exchange server box, type the name of the Exchange server to which you want to connect.
  4. In the Global Catalog box, type the name of the global catalog server. To find out the global catalog do the nslookup like this

  5. If it is required, click to clear the Authenticate as currently logged-on user check box. Type an appropriate user name, password, and domain in the respective boxes.
  6. In the Connection area, click Public Folders, and then click OK.
  7. Expand Public Folders, and then click the parent folder of the deleted folder.
  8. Right-click the parent folder, and then click Show deleted subfolders. The deleted subfolder is shown in red.
  9. Right-click the subfolder, and then click Recover folder.
  10. Click OK to acknowledge the Recovery succeeded message. The recovered folder name appears as Folder_NameRecovered.
  11. Test access to the folder by using an e-mail client.
  12. In Exchange System Manager, right-click the recovered folder, and then rename the folder.

Step 3: Recover a deleted item

  1. In PFDAVAdmin, open the folder that contains the deleted item.
  2. Click the Items tab, and then click Deleted items.
  3. Right-click the item that you want to recover, and then click Recover items.
  4. Click OK to acknowledge the Recovering these items message.

Hope it help J

Source :

http://www.websense.com/support/article/kbarticle/How-Do-I-Find-a-List-of-Global-Catalog-Servers-Using-nslookup

http://support.microsoft.com/kb/924044

How to repair exchange 2003 database

Yesterday, i had a problem with email server(exchange 2003). The problem are corrupt database. I’m trying to googling a solution to repair the database, and I found one link that make repairing the database so simple. So, here are the steps I follow at their simplest/most technical along with a few useful resource links.

Recovery Steps

  1. ESEUTIL /MH to check for dirty shutdown
    1. ”c:program files/exchsrvr/bin/eseutil.exe” /mh priv1.edb
    2. If the state is ‘Dirty Shutdown’, you’ll need to move on to repair efforts. If this is a recovery effort to a new server or your logs are bogus, make sure your MDBData folders, etc. only have the necessary EDB/STM files and no logfiles (move ‘em elsewhere)
  2. ESEUTIL /P to repair (this takes a while)
    ”c:program files/exchsrvr/bin/eseutil.exe” /P priv1.edb
  3. ESEUTIL /D to defrag (this takes even longer)
    ”c:program files/exchsrvr/bin/eseutil.exe” /D priv1.edb
    eseutil /mh

    eseutil /mh

Repeat steps above for all of the databases you have (including your PUB as well).

  1. Start Exchange Information Store
  2. ISINTEG -s SERVERNAME -FIX -test allfoldertests (run until no errors or fixes, then replace -pri with -pub)
  3. Perform another ESEUTIL /MH to check for clean shutdown

ISINTEG

Reference Link :

Cutwail spambot

This spambot  had attacked my company network, and it make my email server (exchange 2003) IP address get blacklisted. The effect of this spambot are outbound email from my company email server was blocked to send email outside my organization . It can be seen in the picture below, mostly queue connection in email server getting the retry status.

exchange email queue

To check the ip address that getting the blacklisted, I’m using 2 website :

  1. http://www.senderbase.org/
  2. http://cbl.abuseat.org/lookup.cgi

In this website, I found that my company ip addresses has been infected with cutwail spambot . And this website provide a step to find out where’s the culprit.

To solved this problem,  I’m creating a new firewall rules in my trend micro office scan server. And this firewall will blocked :

  • Port 25 to all client workstation
  • And an Ip addresses that I found in cbl.abuseat.org. The ip address are 87.255.51.229

After 2 days waiting, finally the culprit are found. There are one computer that making connection continously  to ip addresses 87.255.51.229. To cleanup this computer,  the first thing I must do is disconnect the connection from this computer. After that, I deleted manually the spambot because my antivirus cannot detect it and make sure there is no more spambot in this computers.

To make sure the spam bot has gone, I checked the ip address reputation on the senderbase.org and thanks god it’s show that my ip reputation are good 😀

good IP reputation