From owner-freebsd-questions Wed Nov 5 08:59:02 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id IAA21587 for questions-outgoing; Wed, 5 Nov 1997 08:59:02 -0800 (PST) (envelope-from owner-freebsd-questions) Received: from duke.neuronet.com.my (neuronet.com.my [202.184.153.3]) by hub.freebsd.org (8.8.7/8.8.7) with SMTP id IAA21579 for ; Wed, 5 Nov 1997 08:58:57 -0800 (PST) (envelope-from sweeting@neuronet.com.my) Received: from love.com.my by duke.neuronet.com.my; (5.65v3.2/1.1.8.2/25Jul96-0519PM) id AA12160; Thu, 6 Nov 1997 00:54:28 +0800 Date: Thu, 6 Nov 1997 00:54:28 +0800 Message-Id: <3.0.32.19971106005435.00980a80@neuronet.com.my> X-Sender: sweeting@neuronet.com.my X-Mailer: Windows Eudora Pro Version 3.0 (32) To: freebsd-questions@freebsd.org From: chas Subject: exploding maillog Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk /var/log/maillog is growing at about 1 MB every 15 minutes. and is full of the same message : Nov 5 23:18:43 dove sendmail[12394]: XAA12394: from=, size=0, class=0, pri=0, nrcpts=0, proto=SMTP, relay=[202.186.208.2] Nov 5 23:18:43 dove sendmail[12395]: XAA12395: from=, size=0, class=0, pri=0, nrcpts=0, proto=SMTP, relay=[202.186.208.2] Nov 5 23:18:44 dove sendmail[12396]: XAA12396: from=, size=0, class=0, pri=0, nrcpts=0, proto=SMTP, relay=[202.186.208.2] Can't do a reverse lookup on 202.186.208.2 but found out that it is bridgestone.com.my (pinging this will resolve the IP fine) However, even with ping i get a strange output : >Reply from 202.186.208.2: Source Quench Received This machine appears to be a Mac and from the archives : [snip] > Also, does anybody know what a source quench is? Each time I ping one of > my Macs I get a message saying "source quench" and ping reports that of 56 > bytes sent, 94 were returned. Any ideas? Funny you should ask that; I had to look it up just two days ago for one of the engineers at work. He was working on an ethernet driver for Macs and his test Mac was source-quenching large ping requests. Source quench means the target system does not have enough resources, typically network buffers, to respond to the request. I'd give you a page reference in _TCP/IP Illustrated_ but my copies are at work. Look up "source quence" in the index, that's how I found it. [/snip] Is the exploding maillog due to this mac's dns or mailer ? Or is it also due to misconfiguration on my own machine ? Before my /var filesystem fills yet again, is there any way to turn off logging just for this one mailhost ? Or is there a better way to deal with this (bearing in mind that we do want to receive mail from bridgestone.com.my since we know people there) thank you very much in advance, chas