clocker1996
02-07-2002, 09:29 PM
Hi.
Lately there have been some problems with qmail, i guess there are way too many smtp connections being made, and port 25 is being clogged.
qmails 22453 20461 0 09:22 pts/2 00:00:00 qmail-send
qmaill 22454 22453 0 09:22 pts/2 00:00:00 splogger qmail
root 22455 22453 0 09:22 pts/2 00:00:00 qmail-lspawn ./Maildir/
qmailr 22456 22453 0 09:22 pts/2 00:00:00 qmail-rspawn
qmailq 22457 22453 0 09:22 pts/2 00:00:00 qmail-clean
qmaild 22459 20461 0 09:22 pts/2 00:00:00 /usr/local/bin/tcpserver -v -R -l 0 -x /etc/tcp.smtp.cdb -c 20 -u 732 -g 731 0 smtp
root 22461 20461 0 09:22 pts/2 00:00:00 /usr/local/bin/tcpserver -H -R -v -c100 0 110 /var/qmail/bin/qmail-popup mail.ebprof
qmaild 22518 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22556 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22566 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22585 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22587 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22597 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22598 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22615 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22630 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22641 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22645 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22672 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22675 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22686 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22705 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22722 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22745 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22758 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22797 22459 0 09:23 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22819 22459 0 09:23 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
there are alot of smtpd processes
its gotten to the point where you can't even connect to port 25 atall
What i did was
i used iptables to block 0/0 (everyone) on port 25
and alllow only my ip.
then i could easily connect to port 25, and send mail to people
Basically what I was wondering was, how could i somehow limit people? or atleast, queue these connections or something.
Because it's all coming at once, and its messing things up
Here's what iplog shows:
Feb 8 09:27:01 TCP: smtp connection attempt from front1.mail.megapathdsl.net:1124
Feb 8 09:27:01 TCP: smtp connection attempt from 161.58.178.202:2221
Feb 8 09:27:01 TCP: smtp connection attempt from gol-mro1.austar.net.au:6316
Feb 8 09:27:01 TCP: smtp connection attempt from msnmail3.uswest.net:3731
Feb 8 09:27:02 TCP: smtp connection attempt from w155.wingscc.com:3658
Feb 8 09:27:02 TCP: smtp connection attempt from 212.2.162.35:41864
Feb 8 09:27:02 TCP: smtp connection attempt from fishgame.state.ak.us:60783
Feb 8 09:27:02 TCP: smtp connection attempt from 65.167.96.22:48812
Feb 8 09:27:02 TCP: smtp connection attempt from mta505.mail.yahoo.com:4191
Feb 8 09:27:02 TCP: smtp connection attempt from ext-ch1gw-1.online-age.net:54565
Feb 8 09:27:03 TCP: smtp connection attempt from c9mailgw.prontomail.com:3578
Feb 8 09:27:03 TCP: smtp connection attempt from mta611.mail.yahoo.com:41013
Feb 8 09:27:03 TCP: smtp connection attempt from maild.telia.com:57171
Feb 8 09:27:03 TCP: smtp connection attempt from mta413.mail.yahoo.com:4182
Feb 8 09:27:03 TCP: smtp connection attempt from mx1.thebiz.net:2502
Feb 8 09:27:03 TCP: smtp connection attempt from web11402.mail.yahoo.com:35453
Feb 8 09:27:03 TCP: smtp connection attempt from mta308.mail.yahoo.com:3973
Feb 8 09:27:03 TCP: smtp connection attempt from maile.telia.com:56094
Feb 8 09:27:03 TCP: smtp connection attempt from jerry.pcisys.net:40498
Feb 8 09:27:05 TCP: smtp connection attempt from 80.40.126.36:4760
Feb 8 09:27:05 TCP: smtp connection attempt from femail13.sdc1.sfba.home.com:58400
Feb 8 09:27:05 TCP: smtp connection attempt from mta588.mail.yahoo.com:2584
Feb 8 09:27:05 TCP: smtp connection attempt from web13401.mail.yahoo.com:3374
Feb 8 09:27:05 TCP: smtp connection attempt from 216.136.175.11:1188
Feb 8 09:27:05 TCP: smtp connection attempt from 216.136.129.181:41176
Feb 8 09:27:05 TCP: smtp connection attempt from 192.127.94.7:34488
Feb 8 09:27:05 TCP: smtp connection attempt from 216.136.130.102:4821
Feb 8 09:27:05 TCP: smtp connection attempt from 194.159.73.251:47665
Feb 8 09:27:05 TCP: smtp connection attempt from 216.136.130.125:2222
Can anyone help?
there is alot more to it
i just pasted a litle bit of iplog
i was only running iplog to see what was going on. I don't normally run it.
Is it even possible todo this in qmail?
Lately there have been some problems with qmail, i guess there are way too many smtp connections being made, and port 25 is being clogged.
qmails 22453 20461 0 09:22 pts/2 00:00:00 qmail-send
qmaill 22454 22453 0 09:22 pts/2 00:00:00 splogger qmail
root 22455 22453 0 09:22 pts/2 00:00:00 qmail-lspawn ./Maildir/
qmailr 22456 22453 0 09:22 pts/2 00:00:00 qmail-rspawn
qmailq 22457 22453 0 09:22 pts/2 00:00:00 qmail-clean
qmaild 22459 20461 0 09:22 pts/2 00:00:00 /usr/local/bin/tcpserver -v -R -l 0 -x /etc/tcp.smtp.cdb -c 20 -u 732 -g 731 0 smtp
root 22461 20461 0 09:22 pts/2 00:00:00 /usr/local/bin/tcpserver -H -R -v -c100 0 110 /var/qmail/bin/qmail-popup mail.ebprof
qmaild 22518 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22556 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22566 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22585 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22587 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22597 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22598 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22615 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22630 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22641 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22645 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22672 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22675 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22686 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22705 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22722 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22745 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22758 22459 0 09:22 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22797 22459 0 09:23 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
qmaild 22819 22459 0 09:23 pts/2 00:00:00 /var/qmail/bin/qmail-smtpd
there are alot of smtpd processes
its gotten to the point where you can't even connect to port 25 atall
What i did was
i used iptables to block 0/0 (everyone) on port 25
and alllow only my ip.
then i could easily connect to port 25, and send mail to people
Basically what I was wondering was, how could i somehow limit people? or atleast, queue these connections or something.
Because it's all coming at once, and its messing things up
Here's what iplog shows:
Feb 8 09:27:01 TCP: smtp connection attempt from front1.mail.megapathdsl.net:1124
Feb 8 09:27:01 TCP: smtp connection attempt from 161.58.178.202:2221
Feb 8 09:27:01 TCP: smtp connection attempt from gol-mro1.austar.net.au:6316
Feb 8 09:27:01 TCP: smtp connection attempt from msnmail3.uswest.net:3731
Feb 8 09:27:02 TCP: smtp connection attempt from w155.wingscc.com:3658
Feb 8 09:27:02 TCP: smtp connection attempt from 212.2.162.35:41864
Feb 8 09:27:02 TCP: smtp connection attempt from fishgame.state.ak.us:60783
Feb 8 09:27:02 TCP: smtp connection attempt from 65.167.96.22:48812
Feb 8 09:27:02 TCP: smtp connection attempt from mta505.mail.yahoo.com:4191
Feb 8 09:27:02 TCP: smtp connection attempt from ext-ch1gw-1.online-age.net:54565
Feb 8 09:27:03 TCP: smtp connection attempt from c9mailgw.prontomail.com:3578
Feb 8 09:27:03 TCP: smtp connection attempt from mta611.mail.yahoo.com:41013
Feb 8 09:27:03 TCP: smtp connection attempt from maild.telia.com:57171
Feb 8 09:27:03 TCP: smtp connection attempt from mta413.mail.yahoo.com:4182
Feb 8 09:27:03 TCP: smtp connection attempt from mx1.thebiz.net:2502
Feb 8 09:27:03 TCP: smtp connection attempt from web11402.mail.yahoo.com:35453
Feb 8 09:27:03 TCP: smtp connection attempt from mta308.mail.yahoo.com:3973
Feb 8 09:27:03 TCP: smtp connection attempt from maile.telia.com:56094
Feb 8 09:27:03 TCP: smtp connection attempt from jerry.pcisys.net:40498
Feb 8 09:27:05 TCP: smtp connection attempt from 80.40.126.36:4760
Feb 8 09:27:05 TCP: smtp connection attempt from femail13.sdc1.sfba.home.com:58400
Feb 8 09:27:05 TCP: smtp connection attempt from mta588.mail.yahoo.com:2584
Feb 8 09:27:05 TCP: smtp connection attempt from web13401.mail.yahoo.com:3374
Feb 8 09:27:05 TCP: smtp connection attempt from 216.136.175.11:1188
Feb 8 09:27:05 TCP: smtp connection attempt from 216.136.129.181:41176
Feb 8 09:27:05 TCP: smtp connection attempt from 192.127.94.7:34488
Feb 8 09:27:05 TCP: smtp connection attempt from 216.136.130.102:4821
Feb 8 09:27:05 TCP: smtp connection attempt from 194.159.73.251:47665
Feb 8 09:27:05 TCP: smtp connection attempt from 216.136.130.125:2222
Can anyone help?
there is alot more to it
i just pasted a litle bit of iplog
i was only running iplog to see what was going on. I don't normally run it.
Is it even possible todo this in qmail?