On Thu, May 10, 2007 at 09:35:31AM -0500, José David Bravo Álvarez wrote: > Im using Exim 4.60, that comes with DirectAdmin. I have > smtp_accept_max in 130 and sometimes Im getting this error: "421 Too > many concurrent SMTP connections; please try again later." > > I used exiwhat and netstat and I determine that yahoo servers have many > incoming connections to my server. Triying to determine the problem I > used an sniffer, its an example: > > SNIFFER OUTOUT > 250 OK > 250 Accepted > 354 Enter message, ending with "." on a line by itself > 250 OK id=1HlpNN-0000Rm-7w > QUIT > 221 exodo.colombiahosting.com.co closing connection > 14 FIN-WAIT-1 209.191.125.35:29978 > 66.128.49.69:smtp > 14 TIME-WAIT 209.191.125.35:29978 > 66.128.49.69:smtp > 14 RESET 209.191.125.35:29978 > 66.128.49.69:smtp
This log seems incomplete; however, the 'QUIT' command is processed correctly, and the connection is closed. > -bash-3.00# netstat -an | grep 209.191.125.35 > tcp 0 0 66.128.49.69:25 > 209.191.125.35:27139 ESTABLISHED > tcp 0 0 66.128.49.69:25 > 209.191.125.35:39853 ESTABLISHED 209.191.125.35:29978 doesn't appear on this list: everything's fine. > -bash-3.00# exiwhat | grep 209.191.125.35 > 7549 handling incoming connection from web38404.mail.mud.yahoo.com > [209.191.125.35] id=1Hlow6-0001xl-It > 23792 handling incoming connection from web38404.mail.mud.yahoo.com > [209.191.125.35] id=1HloZ6-0006Bk-UK > > > and 20 minutes later I do netstat again and I get the same info. Then > the connections never close > -bash-3.00# netstat -an | grep 209.191.125.35 > tcp 0 0 66.128.49.69:25 > 209.191.125.35:27139 ESTABLISHED > tcp 0 0 66.128.49.69:25 > 209.191.125.35:39853 ESTABLISHED In the normal SMTP flow the session termination is initiated by the client by sending 'QUIT' command, and, AFAICS, it's processed correctly. Thus what you observe - the connections remaining in ESTABLISHED state - can be due to either of the two reasons - your exim has too big timeouts for idle sessions - the client keeps the session alive by talking to the server To be sure, however, you can try the following: 1) identify the stalled connection 2) note the remote address and port number, and the pid of the process that serves this connection (you can use netstat -tp for that) 3) run strace -v -p server_pid and watch the output 4) (at the same time, in another terminal) run tcpdump -A -n -v host remote_addr and port remote_port and watch the output. HTH, Roman. _______________________________________________ Users mailing list [email protected] https://openvz.org/mailman/listinfo/users
