Hi,
I seem to get an awful lot of this:
2006-01-03 16:39:04 SMTP connection from [81.27.32.105]:48775 I=[64.21.33.76]:25 (TCP/IP connection count = 2)
2006-01-03 16:39:04 SMTP connection from [193.108.16.67]:11454 I=[64.21.33.76]:25 (TCP/IP connection count = 3)
2006-01-03 16:39:04 SMTP connection from [216.114.155.99]:17701 I=[64.21.33.76]:25 (TCP/IP connection count = 4)
2006-01-03 16:39:04 SMTP connection from [209.182.0.54]:3787 I=[64.21.33.76]:25 (TCP/IP connection count = 5)
2006-01-03 16:39:04 SMTP connection from [198.107.25.35]:47640 I=[64.21.33.76]:25 (TCP/IP connection count = 6)
2006-01-03 16:39:05 SMTP connection from [195.102.244.132]:64878 I=[64.21.33.76]:25 (TCP/IP connection count = 7)
2006-01-03 16:39:05 SMTP connection from [128.153.5.33]:46022 I=[64.21.33.76]:25 (TCP/IP connection count = 8)
2006-01-03 16:39:05 SMTP connection from [212.187.183.152]:51893 I=[64.21.33.76]:25 (TCP/IP connection count = 9)
2006-01-03 16:42:35 1EtpF5-0001Lt-41 => :blackhole: <[email protected]> R=virtual_aliases
2006-01-03 16:42:35 1EtpF5-0001Lt-41 Completed
2006-01-03 16:42:35 SMTP connection from omr-m08.mx.aol.com [64.12.138.20]:51427 I=[64.21.33.76]:25 closed by QUIT
2006-01-03 16:42:35 SMTP connection from [63.82.19.135]:4256 I=[64.21.33.76]:25 (TCP/IP connection count = 25)
2006-01-03 16:42:36 SMTP connection from [69.28.157.202]:53189 I=[64.21.33.76]:25 (TCP/IP connection count = 26)
2006-01-03 16:42:36 SMTP connection from [66.180.96.29]:45590 I=[64.21.33.76]:25 (TCP/IP connection count = 27)
2006-01-03 16:42:36 SMTP connection from [216.162.221.226]:64606 I=[64.21.33.76]:25 (TCP/IP connection count = 28)
2006-01-03 16:42:36 SMTP connection from main.mni.pl [213.134.141.196]:53573 I=[64.21.33.76]:25 closed by QUIT
2006-01-03 16:42:36 SMTP connection from [70.150.205.100]:6865 I=[64.21.33.76]:25 (TCP/IP connection count = 28)
2006-01-03 16:42:36 SMTP connection from [213.4.149.11]:20525 I=[64.21.33.76]:25 (TCP/IP connection count = 29)
2006-01-03 16:42:36 SMTP connection from [152.157.186.17]:58538 I=[64.21.33.76]:25 (TCP/IP connection count = 30)
2006-01-03 16:42:36 1EtpF6-0001M2-SL <= <> H=(cleanweb.net) [69.28.157.202]:53189 I=[64.21.33.76]:25 P=esmtp S=1821 [email protected] T="Undeliverable mail: headline news" from <> for [email protected]
which is translating into loads of exim processes which is loading up the server.
Are these SMTP connections to send mail via my SMTP or to deliver mail via my SMTP?
How can I block such connections to 64.21.33.76?
And what is the best way of tackling this please?
Appreciate any help or advice.
Regards,
Suhail.
I seem to get an awful lot of this:
2006-01-03 16:39:04 SMTP connection from [81.27.32.105]:48775 I=[64.21.33.76]:25 (TCP/IP connection count = 2)
2006-01-03 16:39:04 SMTP connection from [193.108.16.67]:11454 I=[64.21.33.76]:25 (TCP/IP connection count = 3)
2006-01-03 16:39:04 SMTP connection from [216.114.155.99]:17701 I=[64.21.33.76]:25 (TCP/IP connection count = 4)
2006-01-03 16:39:04 SMTP connection from [209.182.0.54]:3787 I=[64.21.33.76]:25 (TCP/IP connection count = 5)
2006-01-03 16:39:04 SMTP connection from [198.107.25.35]:47640 I=[64.21.33.76]:25 (TCP/IP connection count = 6)
2006-01-03 16:39:05 SMTP connection from [195.102.244.132]:64878 I=[64.21.33.76]:25 (TCP/IP connection count = 7)
2006-01-03 16:39:05 SMTP connection from [128.153.5.33]:46022 I=[64.21.33.76]:25 (TCP/IP connection count = 8)
2006-01-03 16:39:05 SMTP connection from [212.187.183.152]:51893 I=[64.21.33.76]:25 (TCP/IP connection count = 9)
2006-01-03 16:42:35 1EtpF5-0001Lt-41 => :blackhole: <[email protected]> R=virtual_aliases
2006-01-03 16:42:35 1EtpF5-0001Lt-41 Completed
2006-01-03 16:42:35 SMTP connection from omr-m08.mx.aol.com [64.12.138.20]:51427 I=[64.21.33.76]:25 closed by QUIT
2006-01-03 16:42:35 SMTP connection from [63.82.19.135]:4256 I=[64.21.33.76]:25 (TCP/IP connection count = 25)
2006-01-03 16:42:36 SMTP connection from [69.28.157.202]:53189 I=[64.21.33.76]:25 (TCP/IP connection count = 26)
2006-01-03 16:42:36 SMTP connection from [66.180.96.29]:45590 I=[64.21.33.76]:25 (TCP/IP connection count = 27)
2006-01-03 16:42:36 SMTP connection from [216.162.221.226]:64606 I=[64.21.33.76]:25 (TCP/IP connection count = 28)
2006-01-03 16:42:36 SMTP connection from main.mni.pl [213.134.141.196]:53573 I=[64.21.33.76]:25 closed by QUIT
2006-01-03 16:42:36 SMTP connection from [70.150.205.100]:6865 I=[64.21.33.76]:25 (TCP/IP connection count = 28)
2006-01-03 16:42:36 SMTP connection from [213.4.149.11]:20525 I=[64.21.33.76]:25 (TCP/IP connection count = 29)
2006-01-03 16:42:36 SMTP connection from [152.157.186.17]:58538 I=[64.21.33.76]:25 (TCP/IP connection count = 30)
2006-01-03 16:42:36 1EtpF6-0001M2-SL <= <> H=(cleanweb.net) [69.28.157.202]:53189 I=[64.21.33.76]:25 P=esmtp S=1821 [email protected] T="Undeliverable mail: headline news" from <> for [email protected]
which is translating into loads of exim processes which is loading up the server.
Are these SMTP connections to send mail via my SMTP or to deliver mail via my SMTP?
How can I block such connections to 64.21.33.76?
And what is the best way of tackling this please?
Appreciate any help or advice.
Regards,
Suhail.