Carl S. Gutekunst wrote:
One issue not raised here: ephemeral port exhaustion.
I believe I raised that issue early on, but it didn't really apply
here so maybe I didn't actually post it.
It's a rather
specialized problem, more of an issue for Windows folks than Linux, and
mostly an issue for routers, proxies, and similar devices that tend to
funnel a large volume of mail to smaller number of destinations. But
it's a real problem, one where reusing existing client connections can
provide a complete and permanent resolution.
The ephemeral port exhaustion exploit began with Microsoft DNS server
DoS attacks and their quick patch solution was to preallocate a large
range of the 64K ports, but that created other port exhaustion
problems with other socket and RPC server applications. That is
probably what you meant above with other application servers reported
connection problems all due to the DNS ports preallocation solution.
It was particular irritating when using TCP viewing tools and it
listed, display thousands of the preallocated ports for DNS. It was