No announcement yet.

Strange Exchange Server Traffic

  • Filter
  • Time
  • Show
Clear All
new posts

  • Strange Exchange Server Traffic

    I'm currently running Microsoft Network Monitor 3.1 on my Exchange server and I see the following "strange" traffic. If anyone can provide insight on this it would be appreciated.

    1. Every 5 to 10 seconds my Exchange server sends ICMP echo requests to my two domain controllers (which are both GC's).

    2. I occasionally see my Exchange server issue what I presume is a DNS query for a single label name such as "host" or "domain" instead of for a FQDN such as "".

    3. I see my Outlook clients connecting to the store.exe process using UDP instead of TCP and RPC. Is this the normal behavior?

    4. I see my Exchange server making TCP connections to my DC's on port 25. Any idea what this is? If the destination port is 25 it could only be SMTP traffic right? Why would my Exchange server make an SMTP connection to my DC's?
    Last edited by joeqwerty; 16th October 2007, 04:32.

  • #2
    Re: Strange Exchange Server Traffic

    Refer this link >>

    Interesting 1 which explains about TCP port 25 .
    As far as SMTP traffic is from Exchange server to DC's it's alright. No worries.
    All in 1
    Solaris,Linux & Windows admin + networking.