Skip CLAMD And SPAMD On Local Emails
Nov 9, 2009Do yo uguys know how to skip CLAMD and SPAMD on local emails on cpanel server?
our clietns send emails internall too crazily, running clamd and spamd cause high load often
Do yo uguys know how to skip CLAMD and SPAMD on local emails on cpanel server?
our clietns send emails internall too crazily, running clamd and spamd cause high load often
I'm trying to figure out a method to stop some of the email spam that we get, and I have something figured out, but I need help on implementing it.
Basically, we get a lot of spam emails from addresses claiming to be from our domain (EX: From: someguy@mysite.com). The email is actually not from our domain, nor does the address actually exist, but the From address is being forged to look like it is our domain.
Basically to fix this, i want to block all email where the From address is claiming to be from our domain, with a nonexistent email address. I'm pretty sure that this is configurable in Exim, but I haven't found any tutorial on it, and I'm not familiar enough with Exim to do it very easily. Anyway if anyone knows of a tutorial or how this could be accomplished, please let me know.
Just to Add:
The reason that these emails are a problem is that the spam software we are running recognizes these emails as being from our domain which it trusts, so they pass most spam filters.
if I should continue paying an extra $25 per month for Cpanel. Is it that hard to do without it? All I really do with Cpanel is configure Spamassassin, setup emails, and backups.
View 5 Replies View Relatedthe load of my server is high,
i login whm and check the CPU/Memory/MySQL Usage
User Domain %CPU %MEM MySQL Processes
mysql 3.30 45.97 0.0
Top Process %CPU 1.0 /usr/sbin/mysqld --basedir/ --datadir/var/lib/mysql --usermysql --pid-file/var/lib/mysql/hostname.com.pid --skip-locking
Top Process %CPU 0.7 /usr/sbin/mysqld --basedir/ --datadir/var/lib/mysql --usermysql --pid-file/var/lib/mysql/hostname.com.pid --skip-locking
Top Process %CPU 0.6 /usr/sbin/mysqld --basedir/ --datadir/var/lib/mysql --usermysql --pid-file/var/lib/mysql/hostname.com.pid --skip-locking
the values are higher before,
i want to ask what is skip-locking and if i add skip-locking in my.cnf,
will the problem been improved? and will it take any effect or problem?
How can we start mysqld with --skip-name-resolve? Syntax Or Command?
View 7 Replies View RelatedDoes anybody know a painless way to make webmail.mydomain.com go straight to the Squirrel Mail login page, bypassing the www.mydomain.com:2095 page?
Or is there a way to use that page, but go straight to the user's Squirrel Mail page?
I'm running WHM 11.15.0 cPanel 11.18.3-R21703 CENTOS Enterprise 4.5 i686 on virtuozzo - WHM X v3.1.0. I'm on a fully managed plan. Clamd has been using over 20% of my VPS's memory lately. I restart Exim and it drops it back to under 10% but it usually builds back up to 20% in an hour or so. My host basically says that this is the nature of the beast and is suggesting disabling clam altogether but I'm not sure if that's a good idea. I have never even received an email that had a virus removed by clam that I'm aware of. I'm pretty sure my clients are all using some sort of AV anyway. So maybe I don't need it?
View 4 Replies View RelatedI guess most of you are familiar with clamAV but i wanna use this as a cpanel plugin and provide my customer the anti virus option in cpanel.. how do i do this?
ive already install clamAV on ym server.
we have a dedicated with 1 only customer that use server x mailing
we would disable clamd because is not used in this situation
we have disable, any day ago, from 'service manager' of WHM but now we see this under "today cpu usage":
Top Process %CPU 67.5 /usr/sbin/clamd
Top Process %CPU 44.0 /usr/bin/perl -w /usr/sbin/eximstats
Top Process %CPU 25.9 /usr/sbin/clamd
my box is down, in WHM is shown, that clamd is failed.
try to restart it
and got
Code:
root@host [~]# clamd restart
LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
LibClamAV Error: cli_cvdload(): Can't create temporary directory /tmp/clamav-07c 775ef49c83a4a0a977c8a373c51a9
LibClamAV Error: Can't load /usr/share/clamav/daily.cvd: Unable to create tempor ary directory
ERROR: Unable to create temporary directory
I have a VPS that started sending me emails last night (in mass) giving me failures saying
clamd failed @ Thu Apr 17 13:11:50 2008. A restart was attempted automagically.
I ran a yum update, and since the server isn't critical I just gave it a restart. Still getting the errors, I checked the boot.log file, where I saw errors like:
Apr 17 12:37:56 host exim: Starting clamd:
Apr 17 12:37:56 host clamd: ERROR: Parse error at line 299: Unknown option ArchiveMaxCompressionRatio.
Apr 17 12:37:56 host clamd: ERROR: Can't open/parse the config file /etc/clamd.conf
Apr 17 12:37:56 host exim: ERROR: Can't open/parse the config file /etc/clamd.conf
Apr 17 12:37:56 host exim: clamd startup failed
The clamd.conf file hasn't been edited since it was installed in August, I'm not sure why it decided to have issues now. So I just commented out the ArchiveMaxCompressionRatio directive in the config file to get it up and running again.
I have no knowledge of ClamAV (clamd), so I'm not sure exactly what it archives or how it compresses it, but I was just wondering if this will a) cause any noticeable issues and/or b) if theres a new directive equivalent to this one I should use instead (man just said "outdated").
We have an abnormal server load because of clamd.
View 4 Replies View RelatedOn 11/29/07, I posted the following question, but have received no replies to date:
Quote:
TITLE: Are frequent failure notices common with VPS hosting?
We have a VPS1 account at Liquid Web ($60/month). Below I have copied just the most recent series of failure notices (clamd, cpsrvd, exim, ftpd, mysql, pop, spamd). We tend to receive these by e-mail on a fairly regular basis, accompanied by the usual message "A restart was attempted automagicly."
Since March 2006, when we first switched our web host to LW, there have been well over a hundred of them.
My question is: Are such frequent failures commonplace (i.e.: benign) on a VPS, or should I be concerned about them?
I usually check our web site after receiving each notice, and it is always up by the time I get there. Nevertheless, it would be nice to know if all these occurrences are considered normal. For example, 19 exim failures over a 6.5-hour span on 9/29/07 do seem a bit extreme.
If anyone reading this thread is technically inclined, I'd like to know what process or hardware state is usually responsible for causing such failures.
FYI, I use cPanel in my web browser to administer the site from a Macintosh computer running OS 9.2.2. I have never used SSH, and have also never read any raw logs. If I did, I'm not sure what they would tell me about this, anyway.
I should also say that our site uses nowhere near the capacity provided by our VPS1 account. We are well below the maximum HD space and monthly allowable bandwidth. The site uses only standard HTML, text include files, and GIF/JPG graphics files; no streaming. There is only limited use of a CGI script for routine form submissions, and currently there are no PHP scripts running for BBs, calendars, blogs, chat rooms, or any MySQL databases being used. In short, I would think that the site places little load on the server or its processes.
I would greatly appreciate any feedback.
cpanel @ host.xxxxxx.net 9/9/07, 11:53 PM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/10/07, 2:06 AM mysql on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/10/07, 2:06 AM spamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/10/07, 2:07 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/10/07, 2:07 AM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/10/07, 2:08 AM ftpd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/10/07, 2:08 AM named on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/10/07, 2:08 AM pop on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/27/07, 11:42 PM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 12:59 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 1:09 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 1:30 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 1:39 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 1:58 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 2:10 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 2:22 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 2:31 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 2:41 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 2:50 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 3:00 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 3:09 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 3:40 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 3:50 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 3:59 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 7:09 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 7:19 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 7:28 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 7:37 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 10/7/07, 11:41 PM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/8/07, 12:42 AM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/19/07, 12:37 PM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/21/07, 12:43 AM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/22/07, 12:44 AM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/23/07, 12:42 AM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/25/07, 11:32 AM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/25/07, 11:44 AM pop on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/25/07, 12:06 PM spamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/29/07, 12:41 AM cpsrvd on host.xxxxxx.net failed
This morning, I received a total of 17 failure notices over the span of 2h19m, as follows:
cpanel @ host.xxxxxx.net 12/12/07, 3:26 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 3:36 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 3:44 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 3:53 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 4:02 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 4:11 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 4:19 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 4:28 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 4:36 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 4:45 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 4:53 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 5:02 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 5:11 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 5:19 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 5:28 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 5:36 AM clamd on host.xxxxxx.net failed
cpanel@ host.xxxxxx.net 12/12/07, 5:45 AM clamd on host.xxxxxx.net failed
(Note that our real host name has been replaced above with "xxxxxx" to prevent possible spamming.)
I would appreciate any comments from experienced VPS customers or technicians, as to whether these incidences are considered normal with all VPS accounts, or if they might be indicative of a more severe problem with our web host's (Liquid Web) server.
As I mentioned on 11/29/07, "I use cPanel in my web browser to administer the site from a Macintosh computer running OS 9.2.2. I have never used SSH, and have also never read any raw logs. If I did, I'm not sure what they would tell me about this, anyway."
In the course of reading a number of posts in another WHT thread, there seems to be little agreement on the possible causes. Some have suggested that (1.) there may be "no space left on the device"; (2.) we may be "out of Semaphores" (I have no idea what those are!); (3.) we may be "out of RAM"; (4.) "/tmp is full"; or that (5.) "something is wrong with /tmp permission."
When I inquired in 2006 to Liquid Web's technical support about these recurrent failures, I was told that they are normal with this sort of hosting account. We pay them a hosting fee with the expectation of receiving an accurate diagnosis, but it would be very helpful to receive some impartial, third-party input.
malware acl condition: clamd: connection to 127.0.0.1, port 3310 failed (Bad file descriptor)
This is a normal Cpanel FC3 exim/clamav server.
Has anyone come across this annoying yet little error?
what thise services mean or refer to !!!!
imap
spamd
I am having trouble fixing spamd on my server, spamd -- failed!
How do i go about fixing this?
I a keep received the email as below every 5 min:
spamd failed @ Fri Jul 31 09:29:04 2009. A restart was attempted automagically.
Service Check Method: [check command]
Cmd Service Check Raw Output: Spamd is not running
i have this really annoying issue i'm hoping you can help with.
it seems the spamd child process gets stuck and causes 100% cpu usage. but this doens't just happen randomly, its only for this single user account. e.g. take a look at top output:
4581 <username> 93 40:58.87 1.3 82624 52m 2280 R spamd child
the 93 is 93% cpu usage. 40:58 is how long the process has been running, 40 minutes and counting (i just killed it though). and all it tells me its running spamd child. it usually dies after a few hours but only after causing 200% cpu usage (100% on both cpus) and making my server load skyrocket. This happens at least twice daily at no set times.
this user isn't a spammer. no scripts, no mail queue generation, no email accounts even.
running cpanel 11, centos 4.
root@server [~]# service exim restart
Shutting down clamd: [ OK ]
Shutting down exim: [ OK ]
Shutting down antirelayd: [ OK ]
Shutting down spamd: [ OK ]
Starting clamd: [ OK ]
Starting exim-26: [ OK ]
Starting exim: [ OK ]
Starting exim-smtps: [ OK ]
Starting antirelayd: [ OK ]
Starting spamd: [1814] warn: server socket setup failed, retry 1: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[1814] warn: server socket setup failed, retry 2: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[1814] error: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
spamd: could not create INET socket on 127.0.0.1:783: Address already in use
I tried forced exim update, restarted xinetd, nothing works.
Anyone have a complete tutorial from start to finish on installing spamd as a smtp relay server/gateway? Im looking for some good doccumentation on this all i can find is just the spamd install guide but thats it. Im not even sure if i need postfix etc on the machine to run I have no idea.
1. what are the requirements
2. how to install and compile spamd
3. how to configure your mail servers to accept only mail from smtp relay and setup your mx records accordingly.
I have a VPS with 320MB of RAM. The problem is that spammassassin is killing my VPS.
Spamd service was using 50% of memory (+- 150MB of RAM).
Do you think that this is normal RAM for Spamd?
Spamd often died once in a while. How do i set up an auto monitoring and restart it if it dies? Btw, i'm on a Unix machine.
View 14 Replies View RelatedSpamd seems to be using 36% of RAM, which I work out to be around 290-300mb
Is that normal
top - 12:43:32 up 1 day, 15:09, 1 user, load average: 0.04, 0.05, 0.02
Tasks: 72 total, 1 running, 71 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.0% us, 0.1% sy, 0.0% ni, 99.9% id, 0.0% wa, 0.0% hi, 0.0% si
Mem: 851968k total, 544616k used, 307352k free, 0k buffers
Swap: 0k total, 0k used, 0k free, 0k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
28548 root 16 0 1888 1012 792 R 0 0.1 0:00.19 top
1 root 16 0 1620 600 520 S 0 0.1 0:00.64 init
23557 root 15 0 1524 544 456 S 0 0.1 0:02.13 syslogd
23570 named 16 0 69408 3872 1956 S 0 0.5 0:01.26 named
23587 root 20 0 1448 376 320 S 0 0.0 0:00.00 courierlogger
23588 root 15 0 1796 616 508 S 0 0.1 0:00.01 authdaemond
23590 root 16 0 1796 364 244 S 0 0.0 0:00.03 authdaemond
23592 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23593 root 15 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23594 root 16 0 1796 368 248 S 0 0.0 0:00.03 authdaemond
23595 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23602 root 15 0 4008 1128 832 S 0 0.1 0:00.67 sshd
23675 root 16 0 6580 4964 1228 S 0 0.6 0:01.08 chkservd
23856 root 16 0 2472 924 536 S 0 0.1 0:00.22 crond
24066 root 18 0 14096 8476 352 S 0 1.0 0:00.00 cpdavd
24074 root 16 0 5520 3708 1040 S 0 0.4 0:00.36 cpbandwd
24075 root 34 19 9068 6588 1756 S 0 0.8 0:10.20 cpanellogd
24116 nobody 18 0 3772 1724 652 S 0 0.2 0:00.00 entropychat
24146 root 18 0 4044 804 576 S 0 0.1 0:00.00 saslauthd
24169 root 18 0 1480 392 320 S 0 0.0 0:00.00 portsentry
25608 root 17 0 5400 3836 2320 S 0 0.5 0:02.25 authProg
25627 root 16 0 5400 3836 2320 S 0 0.5 0:02.28 authProg
30325 root 16 0 5400 3836 2320 S 0 0.5 0:02.07 authProg
11563 root 18 0 2072 804 668 S 0 0.1 0:00.00 xinetd
11603 root 15 0 1452 384 324 S 0 0.0 0:00.00 courierlogger
11604 root 15 0 1560 512 440 S 0 0.1 0:00.00 couriertcpd
11610 root 18 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11611 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
11616 root 15 0 1452 384 324 S 0 0.0 0:00.16 courierlogger
11617 root 15 0 1560 512 440 S 0 0.1 0:00.17 couriertcpd
11622 root 20 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11623 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
24353 root 16 0 5400 3768 2256 S 0 0.4 0:01.76 authProg
20008 root 17 0 5400 3772 2256 S 0 0.4 0:02.04 authProg
28437 mailnull 16 0 8516 1200 796 S 0 0.1 0:00.43 exim
28443 mailnull 18 0 8460 1148 752 S 0 0.1 0:00.00 exim
28481 root 16 0 26116 23m 1880 S 0 2.8 0:01.37 spamd
28503 root 16 0 3028 1140 640 S 0 0.1 0:01.95 antirelayd
28505 root 16 0 305m 302m 2032 S 0 36.3 3:26.74 spamd
28506 root 16 0 28776 26m 2008 S 0 3.2 0:01.02 spamd
28512 mailman 19 0 10276 4928 840 S 0 0.6 0:00.01 mailmanctl
28515 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.59 python2.4
28516 mailman 16 0 10064 6696 2612 S 0 0.8 0:03.78 python2.4
28517 mailman 16 0 10036 6700 2612 S 0 0.8 0:03.56 python2.4
28519 mailman 16 0 10096 6692 2612 S 0 0.8 0:03.60 python2.4
28522 mailman 16 0 10044 6720 2612 S 0 0.8 0:03.64 python2.4
28523 mailman 16 0 10060 6760 2612 S 0 0.8 0:03.78 python2.4
28524 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.74 python2.4
28525 mailman 16 0 10060 6692 2612 S 0 0.8 0:00.15 python2.4
28571 root 17 0 2144 1128 964 S 0 0.1 0:00.00 mysqld_safe
28594 mysql 15 0 106m 17m 4184 S 0 2.1 0:54.08 mysqld
28635 mailnull 16 0 8496 3764 1520 S 0 0.4 0:00.88 eximstats
29982 root 16 0 2756 608 404 S 0 0.1 0:00.17 postsuexecinsta
[root@awt ~]# spamd restart
[29871] warn: server socket setup failed, retry 1: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[29871] warn: server socket setup failed, retry 2: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[29871] error: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[root@awt ~]# top
top - 12:43:58 up 1 day, 15:10, 1 user, load average: 0.02, 0.04, 0.02
Tasks: 72 total, 1 running, 71 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.1% us, 0.0% sy, 0.0% ni, 99.9% id, 0.0% wa, 0.0% hi, 0.0% si
Mem: 851968k total, 544392k used, 307576k free, 0k buffers
Swap: 0k total, 0k used, 0k free, 0k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
29918 root 16 0 1888 1012 792 R 0 0.1 0:00.01 top
1 root 16 0 1620 600 520 S 0 0.1 0:00.64 init
23557 root 15 0 1524 544 456 S 0 0.1 0:02.13 syslogd
23570 named 16 0 69408 3872 1956 S 0 0.5 0:01.26 named
23587 root 20 0 1448 376 320 S 0 0.0 0:00.00 courierlogger
23588 root 15 0 1796 616 508 S 0 0.1 0:00.01 authdaemond
23590 root 16 0 1796 364 244 S 0 0.0 0:00.03 authdaemond
23592 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23593 root 15 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23594 root 16 0 1796 368 248 S 0 0.0 0:00.03 authdaemond
23595 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23602 root 15 0 4008 1128 832 S 0 0.1 0:00.67 sshd
23675 root 16 0 6580 4964 1228 S 0 0.6 0:01.08 chkservd
23856 root 16 0 2472 924 536 S 0 0.1 0:00.22 crond
24066 root 18 0 14096 8476 352 S 0 1.0 0:00.00 cpdavd
24074 root 16 0 5520 3708 1040 S 0 0.4 0:00.37 cpbandwd
24075 root 34 19 9068 6588 1756 S 0 0.8 0:10.20 cpanellogd
24116 nobody 18 0 3772 1724 652 S 0 0.2 0:00.00 entropychat
24146 root 18 0 4044 804 576 S 0 0.1 0:00.00 saslauthd
24169 root 18 0 1480 392 320 S 0 0.0 0:00.00 portsentry
25608 root 17 0 5400 3836 2320 S 0 0.5 0:02.25 authProg
25627 root 16 0 5400 3836 2320 S 0 0.5 0:02.28 authProg
30325 root 16 0 5400 3836 2320 S 0 0.5 0:02.07 authProg
11563 root 18 0 2072 804 668 S 0 0.1 0:00.00 xinetd
11603 root 15 0 1452 384 324 S 0 0.0 0:00.00 courierlogger
11604 root 15 0 1560 512 440 S 0 0.1 0:00.00 couriertcpd
11610 root 18 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11611 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
11616 root 15 0 1452 384 324 S 0 0.0 0:00.16 courierlogger
11617 root 15 0 1560 512 440 S 0 0.1 0:00.17 couriertcpd
11622 root 20 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11623 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
24353 root 16 0 5400 3768 2256 S 0 0.4 0:01.76 authProg
20008 root 17 0 5400 3772 2256 S 0 0.4 0:02.04 authProg
28437 mailnull 16 0 8516 1200 796 S 0 0.1 0:00.43 exim
28443 mailnull 18 0 8460 1148 752 S 0 0.1 0:00.00 exim
28481 root 16 0 26116 23m 1880 S 0 2.8 0:01.37 spamd
28503 root 16 0 3028 1140 640 S 0 0.1 0:01.95 antirelayd
28505 root 16 0 305m 302m 2032 S 0 36.3 3:26.74 spamd
28506 root 16 0 28776 26m 2008 S 0 3.2 0:01.02 spamd
28512 mailman 19 0 10276 4928 840 S 0 0.6 0:00.01 mailmanctl
28515 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.59 python2.4
28516 mailman 16 0 10064 6696 2612 S 0 0.8 0:03.78 python2.4
28517 mailman 16 0 10036 6700 2612 S 0 0.8 0:03.56 python2.4
28519 mailman 16 0 10096 6692 2612 S 0 0.8 0:03.60 python2.4
28522 mailman 16 0 10044 6720 2612 S 0 0.8 0:03.64 python2.4
28523 mailman 16 0 10060 6760 2612 S 0 0.8 0:03.78 python2.4
28524 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.74 python2.4
28525 mailman 16 0 10060 6692 2612 S 0 0.8 0:00.15 python2.4
28571 root 17 0 2144 1128 964 S 0 0.1 0:00.00 mysqld_safe
28594 mysql 15 0 106m 17m 4184 S 0 2.1 0:54.08 mysqld
28635 mailnull 16 0 8496 3764 1520 S 0 0.4 0:00.88 eximstats
29982 root 16 0 2756 608 404 S 0 0.1 0:00.17 postsuexecinsta
I'm having a problem with one user account, every 5-10 minutes a spamd process of this user gets locked using 60-90% cpu and never ends. If I don't kill the process another one does the same and they all get locked causing very high loads
I reinstalled exim but it did nothing
The problem persisted even when this user's account was suspended
What would be the best spamd configuration setup for a server running Cent?
PID File
Maximum Children
Maximum Connections Perl Child
It may have already been covered, but i have searched and cannot find a solution to the following.
I have a few Shared hosting servers using Cpanel. The biggest use of resource is spamd.
Is there a way of setting up a spamd server, ie not using Cpanel so that this server purely does the spam checking then passes it back to which ever Cpanel server it came from.
I have done this using postfix, but I'm new to the whole exim / Cpanel thing.
I have been using my Server for a decent while, All of a sudden of the last month it has decided that it wants to play a game.
"Spamd" keeps failing and automagically restarts.
It restarts and works, But then Fails once again a few hours later. One morning I woke up to 7 error messages with the same service.
By Restarting Exim it resolves the issue but it happens hours later.
I have tried mostly of what I can think of.
Does anyone have any other thoughts on this issue and how it can be resolved?
I am pretty sure that the following entries in the logs are not good and I would like to resolve this issue. I have been reading on Google for several hours straight looking for answers and have come up short.
[/var/log]# grep -i -C4 failed maillog | tail -18
Jul 29 10:12:29 bamboo spamd[31310]: spamd: setuid to root succeeded
Jul 29 10:12:29 bamboo spamd[31310]: spamd: still running as root: user not specified with -u, not found, or set to root, falling back to nobody
Jul 29 10:12:29 bamboo spamd[31310]: spamd: processing message <GTUBE1.1010101@example.net> for root:99
Jul 29 10:12:29 bamboo spamd[31310]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /.spamassassin/auto-whitelist.lock.bamboo.site.com.31310 for /.spamassassin/auto-whitelist.lock: No such file or directory
Jul 29 10:12:29 bamboo spamd[31310]: spamd: identified spam (1000.0/5.0) for root:99 in 0.0 seconds, 834 bytes.
Jul 29 10:12:29 bamboo spamd[31310]: spamd: result: Y 999 - GTUBE,NO_RECEIVED,NO_RELAYS ....