Is your monitoring system telling you that that your MTA has too many connections? Odds are that someone is having a laugh and is holding too many connections open.
I’ve put together a little command that should identify the culprit:
netstat -anp | grep -P "(:993|:995|:143|:110)" | grep -i est | awk '{print $5;}' | sed 's/:[0-9]*//' | sort | uniq -c
Each IP should be listed by the number of connections it is making, find the one with the most connections and block 😀
Leave a Reply