Nobody_check Killing Spamd Process

Jul 24, 2007

My nobody_check is killing a process that seems to be o.k. but I'm not sure. The process is running /usr/bin/perl-bin which I never heard of. I thought it was /usr/bin/perl

Should I be concerned? Again, I don't know what /perl-bin is.

Process ID: 28457 has been killed
Restuls for PID: 28457
total 0
dr-xr-xr-x 3 nobody nobody 0 Jul 23 17:00 .
dr-xr-xr-x 201 root root 0 Jun 29 11:59 ..
dr-xr-xr-x 2 root root 0 Jul 23 17:00 attr
-r-------- 1 root root 0 Jul 23 17:00 auxv
-r--r--r-- 1 root root 0 Jul 23 17:00 cmdline
lrwxrwxrwx 1 root root 0 Jul 23 17:00 cwd -> /
-r-------- 1 root root 0 Jul 23 17:00 environ
lrwxrwxrwx 1 root root 0 Jul 23 17:00 exe -> /usr/bin/perl-bin
dr-x------ 2 root root 0 Jul 23 17:00 fd
-rw-r--r-- 1 root root 0 Jul 23 17:00 loginuid
-r-------- 1 root root 0 Jul 23 17:00 maps
-rw------- 1 root root 0 Jul 23 17:00 mem
-r--r--r-- 1 root root 0 Jul 23 17:00 mounts
lrwxrwxrwx 1 root root 0 Jul 23 17:00 root -> /
-r--r--r-- 1 root root 0 Jul 23 17:00 stat
-r--r--r-- 1 root root 0 Jul 23 17:00 statm
-r--r--r-- 1 root root 0 Jul 23 17:00 status
dr-xr-xr-x 3 root root 0 Jul 23 17:00 task
-r--r--r-- 1 root root 0 Jul 23 17:00 wchan

Netstat:
tcp 0 0 127.0.0.1:783 127.0.0.1:40957
CLOSE_WAIT 28457/spamd child
udp 0 0 xx.xxx.xxx.xx:41008 216.52.190.1:53
ESTABLISHED 28457/spamd child
unix 3 [ ] STREAM CONNECTED 120878416 28457/spamd
child
unix 2 [ ] DGRAM 120872220 28457/spamd
child
unix 2 [ ] STREAM CONNECTED 120847759 28457/spamd
child
unix 2 [ ] STREAM CONNECTED 120832442 28457/spamd
child

Environ:

Process ID: 23944 has been killed
Restuls for PID: 23944
total 0
dr-xr-xr-x 3 nobody nobody 0 Jul 23 16:55 .
dr-xr-xr-x 206 root root 0 Jun 29 11:59 ..
dr-xr-xr-x 2 root root 0 Jul 23 17:00 attr
-r-------- 1 root root 0 Jul 23 17:00 auxv
-r--r--r-- 1 root root 0 Jul 23 16:55 cmdline
lrwxrwxrwx 1 root root 0 Jul 23 17:00 cwd -> /
-r-------- 1 root root 0 Jul 23 17:00 environ
lrwxrwxrwx 1 root root 0 Jul 23 16:55 exe -> /usr/bin/perl-bin
dr-x------ 2 root root 0 Jul 23 17:00 fd
-rw-r--r-- 1 root root 0 Jul 23 17:00 loginuid
-r-------- 1 root root 0 Jul 23 17:00 maps
-rw------- 1 root root 0 Jul 23 17:00 mem
-r--r--r-- 1 root root 0 Jul 23 17:00 mounts
lrwxrwxrwx 1 root root 0 Jul 23 17:00 root -> /
-r--r--r-- 1 root root 0 Jul 23 16:55 stat
-r--r--r-- 1 root root 0 Jul 23 16:55 statm
-r--r--r-- 1 root root 0 Jul 23 16:55 status
dr-xr-xr-x 3 root root 0 Jul 23 17:00 task
-r--r--r-- 1 root root 0 Jul 23 17:00 wchan

Netstat:
tcp 1 0 127.0.0.1:783 127.0.0.1:40955
CLOSE_WAIT 23944/spamd child
udp 0 0 xx.xx.xxx.xxx:55606 216.52.190.1:53
ESTABLISHED 23944/spamd child
unix 3 [ ] STREAM CONNECTED 120847760 23944/spamd
child
unix 2 [ ] STREAM CONNECTED 120832442 23944/spamd
child
unix 2 [ ] DGRAM 120677444 23944/spamd
child

Environ:

View 4 Replies


ADVERTISEMENT

Spamd Is Killing My VPS

Nov 25, 2007

I have a VPS with 320MB of RAM. The problem is that spammassassin is killing my VPS.

Spamd service was using 50% of memory (+- 150MB of RAM).

Do you think that this is normal RAM for Spamd?

View 10 Replies View Related

VPS RAM Is Killing

Jan 17, 2008

I have a VPS with 768Mb of RAM which was always suitable for the websites I'm hosting
as most of them are not popular and none of them got high traffic recently at all

But for over 2 days the vps is eating the ram and killing all the services (cpanel/httpd/ftp/MySQL..)
I want to know what is causing this and stop it by any way

I contacted my vps support and they told me to write "top" in the SSH but I didn't understand any thing from what I see and I didn't know what to do after writing that command .

View 3 Replies View Related

Layeredtech Killing Itself

Jun 29, 2008

I remember long time ago when I used to host on Layered Tech fast network good stuff, affordable price my first server costed me 90 dollars on Layered Tech with about 20 dollar setup one time fee.

I visited today after about 2 years and I'm pretty much surprised to see their prices they are by no means affordable as they were previously and the setup fee is now 50 dollars on every server.

With such large number of servers in their data centers shouldn't they be able to make them affordable? yet I have seen same server on WHT ads section for fraction of the price LT expects and not to mention the excessive setup fee.

I'm not complaining, its their business, but is it really helping them? I cant be the only person feeling this anti-love for Layered Tech being a former LT customer, I had no problems with them or their services I just left after I sold my site and moved into VPS. But seeing the new prices its a bit shocking.

View 14 Replies View Related

Mysql Is Killing My Vps

Jul 14, 2008

the server load averges on my VPS have been very high - escalating to 6.5 in cases.

The process causing this is:

PidOwnerPriorityCpu %Mem %Command 7370 mysql -10
76.7
3.0 /usr/sbin/mysqld --basedir=/ --datadir=/var/lib/mysql --user=mysql --pid-file=/var/lib/mysql/opal.ngwebservers.net.pid --skip-external-locking

My VPS is hosted by Virpus Networks, and has spec:
512RAM (1024 burstable), 10GB hard drive space.

8 of these processors on node:

Processor #1 Vendor: GenuineIntel
Processor #1 Name: Intel(R) Xeon(TM) CPU 2.80GHz
Processor #1 speed: 174.594 MHz
Processor #1 cache size: 2048 KB

No hardware or software changes were implemented on the VPS as far as I am aware.

The MySQL process causing this is:

28993movies_mybblocalhostmovies_mybbQuery36Copying to tmp tableSELECT t.tid, t.dateline, p.edittime, t.subject, f.allowhtml, f.allowmycode, f.allowsmilies, f.allow

This has been going on since I first saw the loads go high...

View 8 Replies View Related

VRTServers.net Is KILLING Me

Mar 10, 2008

I have many servers on vrtservers.net and is happy of they support. And I planing be a reseller of them.

But the nightmare come from last day..

My main server have got some SPAM report from spamcap.net
[url]

the spamcap.net report my server runing a open proxy.and somebody using it as SPAM.
before the SPAM report..

I know this ISSUE and have fix it..
so the proxy just run many hours.[ check the mrtg graph.[url]


sinse the SPAM report.
vrtserver.net put this server offline..
I can Understand it.

And I have contact the support@vrtservers.net Instantly.
And I proceed the case of spamcap.net too.

But the nightmare is ....

When I ask "how to reconnect my servers/What time will the case close?" to VRTSERVERs.NET.

the vrtservers.net reply to me said the server has been terminated and there is no way to get my data back.

My god ..
all of my server's data has been lost!

vrtservers.net is killing me now!

View 7 Replies View Related

Mod_security Killing Php

Jan 31, 2007

trying to get mod_security installed on my HSphere server, the install goes ok until i try and load rules?

If i just load the exclude.conf rule then php sites work, if i also load rules.conf or any other rules then my php sites get 'connection refused error' ?

I cannot find any thing in logs and there is no log written for mod_security?

here is my modsecurity.conf

Quote:

#If you want to scan the output, uncomment these
#SecFilterScanOutput On
#SecFilterOutputMimeTypes "(null) text/html text/plain"

# Accept almost all byte values
SecFilterForceByteRange 1 255

# Server masking is optional
#fake server banner - NOYB used - no one needs to know what we are using
SecServerSignature "NOYB"

#SecUploadDir /tmp
#SecUploadKeepFiles Off

# Only record the interesting stuff
SecAuditEngine RelevantOnly
SecAuditLog /var/log/audit_log

# You normally won't need debug logging
SecFilterDebugLevel 0
SecFilterDebugLog logs/modsec_debug_log

#And now, the rules
#Remove any of these Include lines you do not use or have rules for.

#First, add in your exclusion rules:
#These MUST come first!
Include /etc/modsecurity/exclude.conf

#Application protection rules
#Include /etc/modsecurity/rules.conf

bash-2.05b# cat /etc/modsecurity.conf
<IfModule mod_security.c>

# Only inspect dynamic requests
# (YOU MUST TEST TO MAKE SURE IT WORKS AS EXPECTED)
#SecFilterEngine DynamicOnly

SecFilterEngine On

# Reject requests with status 500
SecFilterDefaultAction "deny,log,status:500"

# Some sane defaults
SecFilterScanPOST On
SecFilterCheckURLEncoding On
SecFilterCheckCookieFormat On
SecFilterCheckUnicodeEncoding Off
SecFilterNormalizeCookies On
# enable version 1 (RFC 2965) cookies
SecFilterCookieFormat 1

SecServerResponseToken Off

#If you want to scan the output, uncomment these
#SecFilterScanOutput On
#SecFilterOutputMimeTypes "(null) text/html text/plain"

# Accept almost all byte values
SecFilterForceByteRange 1 255

# Server masking is optional
#fake server banner - NOYB used - no one needs to know what we are using
SecServerSignature "NOYB"

#SecUploadDir /tmp
#SecUploadKeepFiles Off

# Only record the interesting stuff
SecAuditEngine RelevantOnly
SecAuditLog /var/log/audit_log

# You normally won't need debug logging
SecFilterDebugLevel 0
SecFilterDebugLog logs/modsec_debug_log

#And now, the rules
#Remove any of these Include lines you do not use or have rules for.

#First, add in your exclusion rules:
#These MUST come first!
Include /etc/modsecurity/exclude.conf

#Application protection rules
#Include /etc/modsecurity/rules.conf

#Comment spam rules
#Include /etc/modsecurity/blacklist.conf

#Bad hosts, bad proxies and other bad players
##Include /etc/modsecurity/blacklist2.conf

#Bad clients, known bogus useragents and other signs of malware
##Include /etc/modsecurity/useragents.conf

#Known bad software, rootkits and other malware
##Include /etc/modsecurity/rootkits.conf

#Signatures to prevent proxying through your server
#only rule these rules if your server is NOT a proxy
##Include /etc/modsecurity/proxy.conf

#Just in Time Patching for Vulnerable Applications
##Include /etc/modsecurity/jitp.conf

#Google Hacks signatures
##Include /etc/modsecurity/recons.conf

#Include /etc/modsecurity/

</IfModule>

View 2 Replies View Related

Is CPanel Killing My VPS

Feb 5, 2007

I have a VPS with 256m guaranteed RAM .. and I have CPanel. A couple of days ago I got to fiddling with a database issue and had phpMyAdmin open for the better part of an hour. So I got to wondering what something like that does to my VPS?

A secondary question .. same thing but on a dedicated server with 1g RAM?

View 4 Replies View Related

C99Shell Hackers Killing Me!

Jun 25, 2007

guys im tired off fighting those hackers everyday! i have about 20 websites,and everyday i have one of them hacked! i restore a backup then another one hacked!

thats unbelivable!!!

those bastards upload there shell scripts to websites via bugs or whatever from php files!!

is there anyway to stop these commands?

can .htaccess helps? how?

i talked to my webhosting companies for my websites! ....

View 10 Replies View Related

Virtuozzo Is Killing /usr/bin/mysqld_safe

Nov 2, 2009

Virtuozzo 3.0 is killing VPS's /usr/bin/mysqld_safe process but leaving /usr/sbin/mysqld UP which is causing cPanel to be unable to automatically restart MySQL after that.

View 14 Replies View Related

Gzip Is Killing My Server

Jan 28, 2008

from top:

12478 root 35 19 2004 680 308 R 39 0.0 8:54.95 gzip


using anywhere from 30-50% of my cpu for nearly 10 min now. but, no memory usage.

any ideas? should i kill the pid?

site is running pretty slow as a result of this.

View 3 Replies View Related

Httpd Is Killing My Server

Dec 15, 2007

24 hours ago something wired happend..

For some reason httpd is causing high serverload.
ATM : 22:44:17 up 22:17, 2 users, load average: 6.23, 6.12, 8.88
U

Will keep gooing up and httpd need to be restartet when serverload comes up to 30.

The traffic on the server is normal, no changes is made on the server.

View 5 Replies View Related

Backups Killing My Server

Dec 7, 2007

Opt 248
3gb ram
250gb sata II

I have a fairly unique problem. My server runs great 95% of the time. Loads average under 1. However backups have become a server killer. I use cpanel scheduled backup at early morning hours. The reason backups kill my server is that I have 300,000+ (and counting) images in a directory. They are all small pngs generated by LaTeX. It takes my server several hours to backup the images. I usually even have to stop apache to free up some power. This problem is only going to get worse as I get more images. Maybe I could upgrade proc or upgrade to faster HD? That would be costly, hopefully not.

Should I hire a professional backup service? Costly, and would that help? Or is there a way of storing the images or doing the cpbackup I am doing wrong?

View 3 Replies View Related

Killing A Server With WHMCS Installed

Feb 5, 2008

if it was possible to kill a server running WHMCS by executing the cron.php via cronjob on a remote server once every minute.

I just wanted to see if this was potentially harmful, so I can submit it to Matt without sounding like an idiot...

View 3 Replies View Related

Iptables: Which One Of My Rules Is Killing Nslookup

Oct 4, 2007

One of these rules is causing name server lookups to fail, but I can't seem to figure out which one, can anyone spot the problem?

Code:

[root@example ~]# iptables -L -n
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
INVDROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:143
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:465
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:953
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:993
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:10023
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:21
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:953
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state NEW icmp type 8
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53 dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53 dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53 dpts:1024:65535
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53 dpts:1024:65535
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53
LOGDROPIN all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
INVDROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:113
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:953
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:10023
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:9999
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:21
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:113
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:123
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:953
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state NEW icmp type 8
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53 dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53 dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53 dpts:1024:65535
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53 dpts:1024:65535
LOGDROPOUT all -- 0.0.0.0/0 0.0.0.0/0
Chain INVDROP (18 references)
target prot opt source destination
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain LOGDROPIN (1 references)
target prot opt source destination
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:68
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:113
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:135:139
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:135:139
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:445
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:513
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:513
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:520
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:520
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_IN Blocked* '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *UDP_IN Blocked* '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *ICMP_IN Blocked* '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain LOGDROPOUT (1 references)
target prot opt source destination
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_OUT Blocked* '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *UDP_OUT Blocked* '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *ICMP_OUT Blocked* '
DROP all -- 0.0.0.0/0 0.0.0.0/0

View 3 Replies View Related

GoDaddy Masking Is Killing My Site - Alternative?

Apr 12, 2007

So we've got a client setup with 2 domains; 1 main and 1 secondary.

The secondary domain is a 301 redirect with masking through GoDaddy. The reason for the masking is because we need the domain name to stay the same after the redirect. (So people who come in on DomainB will only see DomainB in the url bar.)

The problem: GoDaddy has uses a "zero frame" element to implement the masking and it's messing up the display of our site.

Note: The display only screws up in IE.

Primary domain: www.BristolCountyWomensJournal.com --> (This works fine.)
301 domain: www.WomensJournals.com --> (Check out the messy background!)

Anyone know of alternatives to Domain Masking?

View 0 Replies View Related

Determine What Cron Jobs Are Killing Server And When

Jan 8, 2009

We're running on Linux/Apache/MySQL/RoR and have a number of cron jobs that run throughout the day on our server. We've been noticing lately that at certain times of the day the site becomes really slow. When I'm online with my engineers I can mention this to them and they can check and see and say "Oh yeah, it's job XYZ that's spiking the server load."

That's great but much of the time when I notice the sluggishness my developers are offline (we're in different time zones). I'm wondering if there's a fairly easy way to track this when they're not online so we can say "Yup, last night at 10 PM your time when you noticed that it was job ABC." There has to be something that allows you to do this right?

View 3 Replies View Related

Imap & Spamd?

Oct 28, 2006

what thise services mean or refer to !!!!

imap
spamd

View 2 Replies View Related

Spamd On Server

May 27, 2009

I am having trouble fixing spamd on my server, spamd -- failed!

How do i go about fixing this?

View 9 Replies View Related

Spamd Failed

Jul 30, 2009

I a keep received the email as below every 5 min:
spamd failed @ Fri Jul 31 09:29:04 2009. A restart was attempted automagically.
Service Check Method: [check command]

Cmd Service Check Raw Output: Spamd is not running

View 6 Replies View Related

Weird Spamd

Apr 28, 2008

i have this really annoying issue i'm hoping you can help with.

it seems the spamd child process gets stuck and causes 100% cpu usage. but this doens't just happen randomly, its only for this single user account. e.g. take a look at top output:

4581 <username> 93 40:58.87 1.3 82624 52m 2280 R spamd child

the 93 is 93% cpu usage. 40:58 is how long the process has been running, 40 minutes and counting (i just killed it though). and all it tells me its running spamd child. it usually dies after a few hours but only after causing 200% cpu usage (100% on both cpus) and making my server load skyrocket. This happens at least twice daily at no set times.

this user isn't a spammer. no scripts, no mail queue generation, no email accounts even.

running cpanel 11, centos 4.

View 3 Replies View Related

Spamd Fails

Feb 25, 2008

root@server [~]# service exim restart
Shutting down clamd: [ OK ]
Shutting down exim: [ OK ]
Shutting down antirelayd: [ OK ]
Shutting down spamd: [ OK ]
Starting clamd: [ OK ]
Starting exim-26: [ OK ]
Starting exim: [ OK ]
Starting exim-smtps: [ OK ]
Starting antirelayd: [ OK ]
Starting spamd: [1814] warn: server socket setup failed, retry 1: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[1814] warn: server socket setup failed, retry 2: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[1814] error: spamd: could not create INET socket on 127.0.0.1:783: Address already in use

spamd: could not create INET socket on 127.0.0.1:783: Address already in use

I tried forced exim update, restarted xinetd, nothing works.

View 2 Replies View Related

Spamd Installation

Nov 11, 2008

Anyone have a complete tutorial from start to finish on installing spamd as a smtp relay server/gateway? Im looking for some good doccumentation on this all i can find is just the spamd install guide but thats it. Im not even sure if i need postfix etc on the machine to run I have no idea.

1. what are the requirements

2. how to install and compile spamd

3. how to configure your mail servers to accept only mail from smtp relay and setup your mx records accordingly.

View 0 Replies View Related

Spamd Monitoring

Sep 25, 2007

Spamd often died once in a while. How do i set up an auto monitoring and restart it if it dies? Btw, i'm on a Unix machine.

View 14 Replies View Related

Should Spamd Be Using 36% Of Memory

Jun 30, 2007

Spamd seems to be using 36% of RAM, which I work out to be around 290-300mb

Is that normal

top - 12:43:32 up 1 day, 15:09, 1 user, load average: 0.04, 0.05, 0.02
Tasks: 72 total, 1 running, 71 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.0% us, 0.1% sy, 0.0% ni, 99.9% id, 0.0% wa, 0.0% hi, 0.0% si
Mem: 851968k total, 544616k used, 307352k free, 0k buffers
Swap: 0k total, 0k used, 0k free, 0k cached

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
28548 root 16 0 1888 1012 792 R 0 0.1 0:00.19 top
1 root 16 0 1620 600 520 S 0 0.1 0:00.64 init
23557 root 15 0 1524 544 456 S 0 0.1 0:02.13 syslogd
23570 named 16 0 69408 3872 1956 S 0 0.5 0:01.26 named
23587 root 20 0 1448 376 320 S 0 0.0 0:00.00 courierlogger
23588 root 15 0 1796 616 508 S 0 0.1 0:00.01 authdaemond
23590 root 16 0 1796 364 244 S 0 0.0 0:00.03 authdaemond
23592 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23593 root 15 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23594 root 16 0 1796 368 248 S 0 0.0 0:00.03 authdaemond
23595 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23602 root 15 0 4008 1128 832 S 0 0.1 0:00.67 sshd
23675 root 16 0 6580 4964 1228 S 0 0.6 0:01.08 chkservd
23856 root 16 0 2472 924 536 S 0 0.1 0:00.22 crond
24066 root 18 0 14096 8476 352 S 0 1.0 0:00.00 cpdavd
24074 root 16 0 5520 3708 1040 S 0 0.4 0:00.36 cpbandwd
24075 root 34 19 9068 6588 1756 S 0 0.8 0:10.20 cpanellogd
24116 nobody 18 0 3772 1724 652 S 0 0.2 0:00.00 entropychat
24146 root 18 0 4044 804 576 S 0 0.1 0:00.00 saslauthd
24169 root 18 0 1480 392 320 S 0 0.0 0:00.00 portsentry
25608 root 17 0 5400 3836 2320 S 0 0.5 0:02.25 authProg
25627 root 16 0 5400 3836 2320 S 0 0.5 0:02.28 authProg
30325 root 16 0 5400 3836 2320 S 0 0.5 0:02.07 authProg
11563 root 18 0 2072 804 668 S 0 0.1 0:00.00 xinetd
11603 root 15 0 1452 384 324 S 0 0.0 0:00.00 courierlogger
11604 root 15 0 1560 512 440 S 0 0.1 0:00.00 couriertcpd
11610 root 18 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11611 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
11616 root 15 0 1452 384 324 S 0 0.0 0:00.16 courierlogger
11617 root 15 0 1560 512 440 S 0 0.1 0:00.17 couriertcpd
11622 root 20 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11623 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
24353 root 16 0 5400 3768 2256 S 0 0.4 0:01.76 authProg
20008 root 17 0 5400 3772 2256 S 0 0.4 0:02.04 authProg
28437 mailnull 16 0 8516 1200 796 S 0 0.1 0:00.43 exim
28443 mailnull 18 0 8460 1148 752 S 0 0.1 0:00.00 exim
28481 root 16 0 26116 23m 1880 S 0 2.8 0:01.37 spamd
28503 root 16 0 3028 1140 640 S 0 0.1 0:01.95 antirelayd
28505 root 16 0 305m 302m 2032 S 0 36.3 3:26.74 spamd
28506 root 16 0 28776 26m 2008 S 0 3.2 0:01.02 spamd
28512 mailman 19 0 10276 4928 840 S 0 0.6 0:00.01 mailmanctl
28515 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.59 python2.4
28516 mailman 16 0 10064 6696 2612 S 0 0.8 0:03.78 python2.4
28517 mailman 16 0 10036 6700 2612 S 0 0.8 0:03.56 python2.4
28519 mailman 16 0 10096 6692 2612 S 0 0.8 0:03.60 python2.4
28522 mailman 16 0 10044 6720 2612 S 0 0.8 0:03.64 python2.4
28523 mailman 16 0 10060 6760 2612 S 0 0.8 0:03.78 python2.4
28524 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.74 python2.4
28525 mailman 16 0 10060 6692 2612 S 0 0.8 0:00.15 python2.4
28571 root 17 0 2144 1128 964 S 0 0.1 0:00.00 mysqld_safe
28594 mysql 15 0 106m 17m 4184 S 0 2.1 0:54.08 mysqld
28635 mailnull 16 0 8496 3764 1520 S 0 0.4 0:00.88 eximstats
29982 root 16 0 2756 608 404 S 0 0.1 0:00.17 postsuexecinsta
[root@awt ~]# spamd restart
[29871] warn: server socket setup failed, retry 1: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[29871] warn: server socket setup failed, retry 2: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[29871] error: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[root@awt ~]# top
top - 12:43:58 up 1 day, 15:10, 1 user, load average: 0.02, 0.04, 0.02
Tasks: 72 total, 1 running, 71 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.1% us, 0.0% sy, 0.0% ni, 99.9% id, 0.0% wa, 0.0% hi, 0.0% si
Mem: 851968k total, 544392k used, 307576k free, 0k buffers
Swap: 0k total, 0k used, 0k free, 0k cached

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
29918 root 16 0 1888 1012 792 R 0 0.1 0:00.01 top
1 root 16 0 1620 600 520 S 0 0.1 0:00.64 init
23557 root 15 0 1524 544 456 S 0 0.1 0:02.13 syslogd
23570 named 16 0 69408 3872 1956 S 0 0.5 0:01.26 named
23587 root 20 0 1448 376 320 S 0 0.0 0:00.00 courierlogger
23588 root 15 0 1796 616 508 S 0 0.1 0:00.01 authdaemond
23590 root 16 0 1796 364 244 S 0 0.0 0:00.03 authdaemond
23592 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23593 root 15 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23594 root 16 0 1796 368 248 S 0 0.0 0:00.03 authdaemond
23595 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23602 root 15 0 4008 1128 832 S 0 0.1 0:00.67 sshd
23675 root 16 0 6580 4964 1228 S 0 0.6 0:01.08 chkservd
23856 root 16 0 2472 924 536 S 0 0.1 0:00.22 crond
24066 root 18 0 14096 8476 352 S 0 1.0 0:00.00 cpdavd
24074 root 16 0 5520 3708 1040 S 0 0.4 0:00.37 cpbandwd
24075 root 34 19 9068 6588 1756 S 0 0.8 0:10.20 cpanellogd
24116 nobody 18 0 3772 1724 652 S 0 0.2 0:00.00 entropychat
24146 root 18 0 4044 804 576 S 0 0.1 0:00.00 saslauthd
24169 root 18 0 1480 392 320 S 0 0.0 0:00.00 portsentry
25608 root 17 0 5400 3836 2320 S 0 0.5 0:02.25 authProg
25627 root 16 0 5400 3836 2320 S 0 0.5 0:02.28 authProg
30325 root 16 0 5400 3836 2320 S 0 0.5 0:02.07 authProg
11563 root 18 0 2072 804 668 S 0 0.1 0:00.00 xinetd
11603 root 15 0 1452 384 324 S 0 0.0 0:00.00 courierlogger
11604 root 15 0 1560 512 440 S 0 0.1 0:00.00 couriertcpd
11610 root 18 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11611 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
11616 root 15 0 1452 384 324 S 0 0.0 0:00.16 courierlogger
11617 root 15 0 1560 512 440 S 0 0.1 0:00.17 couriertcpd
11622 root 20 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11623 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
24353 root 16 0 5400 3768 2256 S 0 0.4 0:01.76 authProg
20008 root 17 0 5400 3772 2256 S 0 0.4 0:02.04 authProg
28437 mailnull 16 0 8516 1200 796 S 0 0.1 0:00.43 exim
28443 mailnull 18 0 8460 1148 752 S 0 0.1 0:00.00 exim
28481 root 16 0 26116 23m 1880 S 0 2.8 0:01.37 spamd
28503 root 16 0 3028 1140 640 S 0 0.1 0:01.95 antirelayd
28505 root 16 0 305m 302m 2032 S 0 36.3 3:26.74 spamd
28506 root 16 0 28776 26m 2008 S 0 3.2 0:01.02 spamd
28512 mailman 19 0 10276 4928 840 S 0 0.6 0:00.01 mailmanctl
28515 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.59 python2.4
28516 mailman 16 0 10064 6696 2612 S 0 0.8 0:03.78 python2.4
28517 mailman 16 0 10036 6700 2612 S 0 0.8 0:03.56 python2.4
28519 mailman 16 0 10096 6692 2612 S 0 0.8 0:03.60 python2.4
28522 mailman 16 0 10044 6720 2612 S 0 0.8 0:03.64 python2.4
28523 mailman 16 0 10060 6760 2612 S 0 0.8 0:03.78 python2.4
28524 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.74 python2.4
28525 mailman 16 0 10060 6692 2612 S 0 0.8 0:00.15 python2.4
28571 root 17 0 2144 1128 964 S 0 0.1 0:00.00 mysqld_safe
28594 mysql 15 0 106m 17m 4184 S 0 2.1 0:54.08 mysqld
28635 mailnull 16 0 8496 3764 1520 S 0 0.4 0:00.88 eximstats
29982 root 16 0 2756 608 404 S 0 0.1 0:00.17 postsuexecinsta

View 14 Replies View Related

Spamd Processes

Oct 15, 2007

I'm having a problem with one user account, every 5-10 minutes a spamd process of this user gets locked using 60-90% cpu and never ends. If I don't kill the process another one does the same and they all get locked causing very high loads

I reinstalled exim but it did nothing

The problem persisted even when this user's account was suspended

View 12 Replies View Related

Spamd Configuration

Mar 30, 2007

What would be the best spamd configuration setup for a server running Cent?

PID File
Maximum Children
Maximum Connections Perl Child

View 1 Replies View Related

SpamD Server Without Using CPanel

Feb 8, 2008

It may have already been covered, but i have searched and cannot find a solution to the following.

I have a few Shared hosting servers using Cpanel. The biggest use of resource is spamd.

Is there a way of setting up a spamd server, ie not using Cpanel so that this server purely does the spam checking then passes it back to which ever Cpanel server it came from.

I have done this using postfix, but I'm new to the whole exim / Cpanel thing.

View 4 Replies View Related

Spamd Is Constantly Failing

Aug 5, 2008

I have been using my Server for a decent while, All of a sudden of the last month it has decided that it wants to play a game.

"Spamd" keeps failing and automagically restarts.

It restarts and works, But then Fails once again a few hours later. One morning I woke up to 7 error messages with the same service.
By Restarting Exim it resolves the issue but it happens hours later.
I have tried mostly of what I can think of.

Does anyone have any other thoughts on this issue and how it can be resolved?

View 4 Replies View Related

Spamd - Still Running As Root: User Not Specified With

Jul 29, 2009

I am pretty sure that the following entries in the logs are not good and I would like to resolve this issue. I have been reading on Google for several hours straight looking for answers and have come up short.

[/var/log]# grep -i -C4 failed maillog | tail -18
Jul 29 10:12:29 bamboo spamd[31310]: spamd: setuid to root succeeded
Jul 29 10:12:29 bamboo spamd[31310]: spamd: still running as root: user not specified with -u, not found, or set to root, falling back to nobody
Jul 29 10:12:29 bamboo spamd[31310]: spamd: processing message <GTUBE1.1010101@example.net> for root:99
Jul 29 10:12:29 bamboo spamd[31310]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /.spamassassin/auto-whitelist.lock.bamboo.site.com.31310 for /.spamassassin/auto-whitelist.lock: No such file or directory
Jul 29 10:12:29 bamboo spamd[31310]: spamd: identified spam (1000.0/5.0) for root:99 in 0.0 seconds, 834 bytes.
Jul 29 10:12:29 bamboo spamd[31310]: spamd: result: Y 999 - GTUBE,NO_RECEIVED,NO_RELAYS ....

View 7 Replies View Related

Stuck Spamd Processes By User

Feb 18, 2008

i've noticed a number of times in the past few weeks where the spamd process gets stuck (apache 2 server / whm) with a single user name running the process. there is no spam being sent out, no major incoming influx of mail either - the process is just stuck but consumes 100% of cpu and runs for ages before it terminates itself.

for e.g. right now my top output:

2789 <username> 25 0 99 287:44.76 1.3 79760 49m 2288 R spamd child

the 287 is the cumulative CPU time - no way it should be stuck like this.

how i can figure out what's causing this problem?

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved