Hi Randy Randy Bush wrote:
I assume you run exim as a daemon and not from inetd, otherwise I think this does not work.i am being smtp flooded from numerous sources.i have smtp_accept_max_per_host = 4 yet netstat -nf inet \ | awk '$4 ~ /\.25$/ {split($5, a, "[.]"); print a[1]"."a[2]"."a[3]"."a[4]}' \ | sort | uniq -c | sort -nr | awk '$1 > 1' | head -4 shows 19 78.3.64.138 14 125.25.31.62 10 58.186.134.147 10 123.19.248.195 so clearly i am not understanding something. clue bat, please.
Further more, do you see the log file showing the rejected connections like 2007-11-10 02:06:30 Connection from [xx.xx.xx.xx] refused: too many connections from that IP addressIf yes, you probably just count not only the connections in ESTABLISHED state but also in TIME_WAIT, FIN_WAIT_2, etc...
Try this: netstat -nf inet $* | grep -v " $" | grep -v "LISTEN$"to display all connections except the listening ones, about the quick check of what is on inbound wise.
Oliver
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
