HPE Community
Operating System - HP-UX
1833066 Members
2636 Online
110049 Solutions
New Discussion

sendmail: see who is connected to port 25 ?

 
Alan Wyskowski
Frequent Advisor

‎12-08-2000 10:06 AM

‎12-08-2000 10:06 AM

sendmail: see who is connected to port 25 ?

Is there any way to tell who is connected to port 25
at any given time? A "netstat -a | grep 25" doesn't seem to work for me. We had an instance where someone was using us as a relay and trying to send a 533 meg file which was rejected at the next relay because of size. I had a heck of a time trying to figure out the originating system. Any tips would be apprecated. Thanks in advance.
0 Kudos
Reply
6 REPLIES 6
Alan Wyskowski
Frequent Advisor

‎12-08-2000 10:16 AM

‎12-08-2000 10:16 AM

Re: sendmail: see who is connected to port 25 ?

Nevermind, I think I found it. 25 gets translated into smtp from /etc/services. So netstat -a | grep smtp
gave me what I needed. Thanks all, sorry to be a bother.
0 Kudos
Reply
Madhu Sudhan_1
Respected Contributor

‎12-08-2000 10:21 AM

‎12-08-2000 10:21 AM

Re: sendmail: see who is connected to port 25 ?

It is good you found the solution. But i have a point to make here. Ports between 1-1000 are reserved for applcations installed by root only. Normal user will not have access to the ports in this range.

But finding out who is connected at that point is what making me to think and as of now Iam not sure of the answer.

...Madhu

Think Positive
0 Kudos
Reply
CHRIS_ANORUO
Honored Contributor

‎12-08-2000 10:22 AM

‎12-08-2000 10:22 AM

Re: sendmail: see who is connected to port 25 ?

Down load and install lsof from http://hpux.cs.utah.edu/hppd/hpux/Sysadmin/lsof-4.48/
When We Seek To Discover The Best In Others, We Somehow Bring Out The Best In Ourselves.
0 Kudos
Reply
CHRIS_ANORUO
Honored Contributor

‎12-08-2000 10:36 AM

‎12-08-2000 10:36 AM

Re: sendmail: see who is connected to port 25 ?

Alan, you comand will help, lsof has been upgraded to 4.51. Try it out it is a good program. See link again: http://gatekeep.cs.utah.edu/hppd/hpux/Sysadmin/lsof-4.51/man.html
When We Seek To Discover The Best In Others, We Somehow Bring Out The Best In Ourselves.
0 Kudos
Reply
rick jones
Honored Contributor

‎12-08-2000 11:08 AM

‎12-08-2000 11:08 AM

Re: sendmail: see who is connected to port 25 ?

if you go the netstat route i would suggest that you an an "n" to the command and go back to grepping for 25. without the -n, netstat will do reverse IP lookups on all the IP addresses, and searches of /etc/services for every port number. this is a non-trivial quantity of overhead.

there is no rest for the wicked yet the virtuous have no pillows
0 Kudos
Reply
Shannon Petry
Honored Contributor

‎12-08-2000 05:33 PM

‎12-08-2000 05:33 PM

Re: sendmail: see who is connected to port 25 ?

I think that the original problem though is solved with
> sendmail -q
to look at the mail queue.
Looking at the queue periodicly you could have seen the lengthy connection. At this point you can kill that smtp connection.

I dont have any such rules on any of my sendmail servers, but the flexibility of sendmail should allow the creative mind the ability to define size rules for messages. If there is such a rule, mail of this size would never make queue and then never affect your server.

Check www.sendmail.org for loads of good data on sendmail!


Regards,
Shannon
Microsoft. When do you want a virus today?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.