null DNS header on packets - AIX, excessive network traffic

James Griffin agriffin at
Mon Jun 3 20:35:56 UTC 2002

Adam Sanders wrote:
>                                                           On, my
> mailserver I just did a netstat -an and grep'd for the IP of our
> mailserver & for the IP of the dns server and there are 933
> connections between these 2 servers.  864 are in TIME_WAIT status.
> All connections are coming from differnent mail server ports around
> 40000 to the dns server on port 53 (where bind is running).  Got any
> ideas why there are so many connections?  

Please do not take this the wrong way, but are you running an "open
email relay"?  Another possibility is that your "Marketing" department
is sending large amounts of email.  Lacking additional information, I
would opt for the former.  What does 'mailstats' tell you?


