I think I've got my answer, actually 3 out of 4 Ironport were still with the version 6.5.0. The one which is in 6.5.3 displays 52 connections.
Here is what I found in the release Note for the 6.5.3 update
Fixed: LDAP Connections Greatly Exceed the Maximum Specified in the LDAP Server Profile
Previously, LDAP connections greatly exceeded the maximum specified in the LDAP server
profile. For example, if you set the maximum LDAP connection to 10, then the system would
open 30 connections: 10 for the IronPort Spam Quarantine, 10 for the end-user quarantine,
and 10 for the end-user quarantine UI. The fix reduced end-user quarantine and end-user
quarantine UI connections to one each. Now, for example, if you set the maximum LDAP
connection to 10, then the system opens only 12 connections: 10 for the IronPort Spam
Quarantine, 1 for the end-user quarantine, and 1 for the end-user quarantine UI. Or if
external authentication is enabled, then the system opens 22 connections: 10 for external