Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

"Connection concurrency limit exceeded” error message appears and internal Mail Transfer Agents (MTA) fail to send mails in InterScan Messaging Security Virtual Appliance (IMSVA)

    • Updated:
    • 21 Oct 2015
    • Product/Version:
    • InterScan Messaging Security Virtual Appliance 8.2
    • InterScan Messaging Security Virtual Appliance 8.5
    • InterScan Messaging Security Virtual Appliance 9.0
    • Platform:
    • N/A N/A
Summary

You encounter the following error message and the internal Mail Transfer Agents fail to deliver mails on InterScan Messaging Security Virtual Appliance (IMSVA).

Connection concurrency limit exceeded

The Postfix mail log shows the following:

/var/log/maillog  "postfix/smtpd[1798]: warning: Connection concurrency limit exceeded: 101 from unknown[10.240.104.44] for service smtp”

This means client 10.240.104.44 has already established the 100th connection and tried to establish the 101st connection.

Details
Public

The issue happens because specific MTAs create too many connections to IMSVA simultaneously. IMSVA then blocks the connection and attempts to protect itself.

The setting for connection concurrency limit is smtpd_client_connection_count_limit in main.cf. The default value is 50.

For more information on Postfix configuration, refer to the following topic: Postfix Configuration Parameters.

Note: The parameter smtpd_client_connection_count_limit should not be used to limit legitimate traffic otherwise mails will be delayed. The limits are designed to protect the smtpd(8) server against abuse by out-of-control clients.

To resolve the issue:

  1. Log in to the IMSVA web console.
  2. Go to Administration > IMSVA Configuration > SMTP Routing > Message Rule.
  3. Under Permitted Senders of Relayed Mail, select Specified IP addressesand add any of the following IP addresses:
    • 10.240.104.44
    • 10.240.0.0/255.255.0.0
  4. Click Save.
    This will add the IP addresses to "mynetworks" parameter in the main.cf file.
  5. Make sure the parameter smtpd_client_event_limit_exceptions has not been modified manually:
    1. Log in to IMSVA with root privileges through the local console or an SSH connection.
    2. Run the following commands:

      # postconf |grep smtpd_client_event_limit_exceptions
      smtpd_client_event_limit_exceptions = $

      The output should be as follows:

      smtpd_client_connection_limit_exceptions:$mynetworks

Premium
Internal
Rating:
Category:
Configure; Troubleshoot
Solution Id:
1099299
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.