421 Too many concurrent SMTP connections; please try again later

eurorocco

• July 03, 2014 09:49

421 Too many concurrent SMTP connections; please try again later In /etc/exim.conf I have smtp_accept_max = 100 which always was fine for customer traffic. Today I find servers are under a distributed attack. From many many different IPs some hacker is hogging SMTP connections. From each IP some thirty or forty SMTP connections are opened. I blocked a dozen IPs and a new dozen IPs come up to hog SMTP connections. I blocked the dozen and a new dozen comes up. I'm looking for a way to limit connections per IP. Perhaps I will have to write a script to automatically block IPs that take more than 5 connections and are not authenticating at all. I hope not. I did see other threads with subject "421 Too many concurrent SMTP connections; please try again later", but they were too old and the forum didn't alow me to post on them because they were too old. Any suggestions? Thanks a lot for your help! ER

• 

  cPanelMichael

  • July 03, 2014 15:35

  Hello :) You may find this thread helpful: Sustained Exim Attack Thank you.

  0

Please sign in to leave a comment.