Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
Virtual Server 1: <server adress> maximum number of connections has been reached. Connection being closed.
|English: This information is only available to subscribers. An example of English, please!|
As the message says, there is a limitation on the number of concurrent connection the SMTP server is allowed to make and the default value varies according to what version of SMTP is used. On Windows SBS this value is 500. This can be adjusted through SMTP Administration:
In IIS Manager, right-click the SMTP virtual server, and then click Properties.
Click the Delivery tab, and click Outbound connections.
In the Outbound Connections dialog box, select a check box and set the "Limit number of connections to " option.
The large number of connection could be caused by the server responding with NDRs to spam emails. If that is the case, then an anti-spam software should be installed (or if preasent already, configured to avoid this type of scenario). You can also take a look at the "Exchange Real Time Block implementation" link below.
If SMTP is installed as part of MS Exchange then open System Manager, navigate to Servers -> <Server name> -> Protocols -> SMTP -> Virtual Server 1 properties -> General tab, and increase the value for "Limit number of connections to".
|Private comment: Subscribers only. See example of private comment|
|Links: Exchange Real Time Block implementation|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
|Custom search for *****: Google - Bing - Microsoft - Yahoo|
Send comments or solutions
- Notify me when updated