Re: large amounts of disconnects

• Previous message: Tony Earnshaw: "Re: SASL vs. M$ Outlook and Outlook Express"
• In reply to: Roman Novak - : "large amounts of disconnects"
• Next in thread: Tony Earnshaw: "Re: large amounts of disconnects"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

>In last 2 weeks i am noticing enormous amounts of strange
>connections to mail server from all over the world. An example from logs:

"lost connection after" is perfectly normal for us. eg, for Sunday:

mx1# zegrep ": lost connection after " /var/log/maillog.[0].gz | awk
'{print $9}' | sort -f | uniq -ic | sort -rfgn | less
394391 RCPT
129629 EHLO
68807 CONNECT
2599 HELO
1820 DATA
1687 MAIL
  519 RSET
  102 NOOP
   24 UNKNOWN
    1 VRFY
    1 QUIT

and for a weekday last week:

mx1# zegrep ": lost connection after " /var/log/maillog.[5].gz | awk
'{print $9}' | sort -f | uniq -ic | sort -rfgn | less
818589 RCPT
114880 CONNECT
100362 EHLO
2783 DATA
2195 HELO
2182 MAIL
  522 RSET
  159 NOOP
   23 UNKNOWN
    2 VRFY
    1 QUIT

and for the 5.gz day:

mx1# zegrep -ic ": connect from" /var/log/maillog.[5].gz
2906441

mx1# zegrep -ic ": disconnect from" /var/log/maillog.[5].gz
2899136

Len

• Previous message: Tony Earnshaw: "Re: SASL vs. M$ Outlook and Outlook Express"
• In reply to: Roman Novak - : "large amounts of disconnects"
• Next in thread: Tony Earnshaw: "Re: large amounts of disconnects"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]