did not issue MAIL/EXPN/VRFY/ETRN

did not issue MAIL/EXPN/VRFY/ETRN

am 11.10.2007 18:53:37 von les.hildenbrandt

I get a lot of these, messages: did not issue MAIL/EXPN/VRFY/ETRN
during connection to MTA . I assume this is people looking for open
ports.

My problem is the each of these starts a sendmail process (I am not
sure if that is the correct term, but is shows up when I do a ps -
aux). This process lives for one hour before it goes away.

It seems that when I have a large number of these it really bogs down
my server. Is there a way, preferably a command line switch, to cause
these to time out much faster?

Thanks,
Les

Re: did not issue MAIL/EXPN/VRFY/ETRN

am 11.10.2007 19:06:05 von phillip.corchary

On Oct 11, 10:53 am, lesh wrote:
> I get a lot of these, messages: did not issue MAIL/EXPN/VRFY/ETRN
> during connection to MTA . I assume this is people looking for open
> ports.
>
> My problem is the each of these starts a sendmail process (I am not
> sure if that is the correct term, but is shows up when I do a ps -
> aux). This process lives for one hour before it goes away.
>
> It seems that when I have a large number of these it really bogs down
> my server. Is there a way, preferably a command line switch, to cause
> these to time out much faster?
>
> Thanks,
> Les

Some Load Balancers also do this, as I have found, so if your sendmail
box(es) are behind a LB, this might be your issue also. If you find
any easy way to exclude this on your sendmail hosts, let me know --
all I've found is http://www.helsinki.fi/~vmkari/smpatch.html, which
is a direct patch to sendmail.

phil

Re: did not issue MAIL/EXPN/VRFY/ETRN

am 11.10.2007 20:07:58 von gtaylor

On 10/11/07 12:06, Phil wrote:
> I've found is http://www.helsinki.fi/~vmkari/smpatch.html, which is a
> direct patch to sendmail.

All the patch will do is prevent the log entries, not help things
timeout faster like the OP was wanting.

I'm not sure why the OP is seeing connections being held open. I'm
running a almost stock Sendmail (tweaked BadRcptThrottle) with default
timeouts and I've not seen any connections being held open in
conjunction with the cited log entries. I'm not sure how to help with
this, but I don't think that it is Sendmail related, at least not from
my experience. I wonder if a predecessor did something to config files
to cause the OP's problem.



Grant. . . .