Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 402 Source: smtpsvc

Source
Level
Description
Virtual Server 1: <server adress> maximum number of connections has been reached. Connection being closed.
Comments
 
As the message says, there is a limitation on the number of concurrent connection the SMTP server is allowed to make and the default value varies according to what version of SMTP is used. On Windows SBS this value is 500. This can be adjusted through SMTP Administration:

In IIS Manager, right-click the SMTP virtual server, and then click Properties.
Click the Delivery tab, and click Outbound connections.
In the Outbound Connections dialog box, select a check box and set the "Limit number of connections to " option.

The large number of connection could be caused by the server responding with NDRs to spam emails. If that is the case, then an anti-spam software should be installed (or if preasent already, configured to avoid this type of scenario). You can also take a look at the "Exchange Real Time Block implementation" link below.
If SMTP is installed as part of MS Exchange then open System Manager, navigate to Servers -> <Server name> -> Protocols -> SMTP -> Virtual Server 1 properties -> General tab, and increase the value for "Limit number of connections to".

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...