About many connections in SMTP [message #12810] |
Thu, 10 May 2007 14:35 |
jbravo
Messages: 20 Registered: May 2006
|
Junior Member |
|
|
Sorry if this mail don't concerns to OVZ, but I need to discard
possibilities
-bash-3.00# uname -a
Linux exodo.colombiahosting.com.co 2.6.8-022stab078.14-smp #1 SMP Wed
Jul 19 16: 13:15 MSD 2006 i686 i686 i386 GNU/Linux
Im using Exim 4.60, that comes with DirectAdmin. I have
smtp_accept_max in 130 and sometimes Im getting this error: "421 Too
many concurrent SMTP connections; please try again later."
I used exiwhat and netstat and I determine that yahoo servers have many
incoming connections to my server. Triying to determine the problem I
used an sniffer, its an example:
SNIFFER OUTOUT
250 OK
250 Accepted
354 Enter message, ending with "." on a line by itself
250 OK id=1HlpNN-0000Rm-7w
QUIT
221 exodo.colombiahosting.com.co closing connection
14 FIN-WAIT-1 209.191.125.35:29978 > 66.128.49.69:smtp
14 TIME-WAIT 209.191.125.35:29978 > 66.128.49.69:smtp
14 RESET 209.191.125.35:29978 > 66.128.49.69:smtp
-bash-3.00# netstat -an | grep 209.191.125.35
tcp 0 0 66.128.49.69:25
209.191.125.35:27139 ESTABLISHED
tcp 0 0 66.128.49.69:25
209.191.125.35:39853 ESTABLISHED
-bash-3.00# exiwhat | grep 209.191.125.35
7549 handling incoming connection from web38404.mail.mud.yahoo.com
[209.191.125.35] id=1Hlow6-0001xl-It
23792 handling incoming connection from web38404.mail.mud.yahoo.com
[209.191.125.35] id=1HloZ6-0006Bk-UK
and 20 minutes later I do netstat again and I get the same info. Then
the connections never close
-bash-3.00# netstat -an | grep 209.191.125.35
tcp 0 0 66.128.49.69:25
209.191.125.35:27139 ESTABLISHED
tcp 0 0 66.128.49.69:25
209.191.125.35:39853 ESTABLISHED
I upgraded to exim 4.66 and I get the same problem.
I'll really thanks if you can help me!
|
|
|
|
Re: About many connections in SMTP [message #12843 is a reply to message #12810] |
Fri, 11 May 2007 10:31 |
rkagan
Messages: 11 Registered: May 2006 Location: Moscow
|
Junior Member |
|
|
On Thu, May 10, 2007 at 09:35:31AM -0500, José David Bravo Álvarez wrote:
> Im using Exim 4.60, that comes with DirectAdmin. I have
> smtp_accept_max in 130 and sometimes Im getting this error: "421 Too
> many concurrent SMTP connections; please try again later."
>
> I used exiwhat and netstat and I determine that yahoo servers have many
> incoming connections to my server. Triying to determine the problem I
> used an sniffer, its an example:
>
> SNIFFER OUTOUT
> 250 OK
> 250 Accepted
> 354 Enter message, ending with "." on a line by itself
> 250 OK id=1HlpNN-0000Rm-7w
> QUIT
> 221 exodo.colombiahosting.com.co closing connection
> 14 FIN-WAIT-1 209.191.125.35:29978 > 66.128.49.69:smtp
> 14 TIME-WAIT 209.191.125.35:29978 > 66.128.49.69:smtp
> 14 RESET 209.191.125.35:29978 > 66.128.49.69:smtp
This log seems incomplete; however, the 'QUIT' command is processed
correctly, and the connection is closed.
> -bash-3.00# netstat -an | grep 209.191.125.35
> tcp 0 0 66.128.49.69:25
> 209.191.125.35:27139 ESTABLISHED
> tcp 0 0 66.128.49.69:25
> 209.191.125.35:39853 ESTABLISHED
209.191.125.35:29978 doesn't appear on this list: everything's fine.
> -bash-3.00# exiwhat | grep 209.191.125.35
> 7549 handling incoming connection from web38404.mail.mud.yahoo.com
> [209.191.125.35] id=1Hlow6-0001xl-It
> 23792 handling incoming connection from web38404.mail.mud.yahoo.com
> [209.191.125.35] id=1HloZ6-0006Bk-UK
>
>
> and 20 minutes later I do netstat again and I get the same info. Then
> the connections never close
> -bash-3.00# netstat -an | grep 209.191.125.35
> tcp 0 0 66.128.49.69:25
> 209.191.125.35:27139 ESTABLISHED
> tcp 0 0 66.128.49.69:25
> 209.191.125.35:39853 ESTABLISHED
In the normal SMTP flow the session termination is initiated by the
client by sending 'QUIT' command, and, AFAICS, it's processed correctly.
Thus what you observe - the connections remaining in ESTABLISHED state -
can be due to either of the two reasons
- your exim has too big timeouts for idle sessions
- the client keeps the session alive by talking to the server
To be sure, however, you can try the following:
1) identify the stalled connection
2) note the remote address and port number, and the pid of the process
that serves this connection (you can use netstat -tp for that)
3) run
strace -v -p server_pid
and watch the output
4) (at the same time, in another terminal) run
tcpdump -A -n -v host remote_addr and port remote_port
and watch the output.
HTH,
Roman.
|
|
|