Spamd - Still Running As Root: User Not Specified With
Jul 29, 2009
I am pretty sure that the following entries in the logs are not good and I would like to resolve this issue. I have been reading on Google for several hours straight looking for answers and have come up short.
[/var/log]# grep -i -C4 failed maillog | tail -18
Jul 29 10:12:29 bamboo spamd[31310]: spamd: setuid to root succeeded
Jul 29 10:12:29 bamboo spamd[31310]: spamd: still running as root: user not specified with -u, not found, or set to root, falling back to nobody
Jul 29 10:12:29 bamboo spamd[31310]: spamd: processing message <GTUBE1.1010101@example.net> for root:99
Jul 29 10:12:29 bamboo spamd[31310]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /.spamassassin/auto-whitelist.lock.bamboo.site.com.31310 for /.spamassassin/auto-whitelist.lock: No such file or directory
Jul 29 10:12:29 bamboo spamd[31310]: spamd: identified spam (1000.0/5.0) for root:99 in 0.0 seconds, 834 bytes.
Jul 29 10:12:29 bamboo spamd[31310]: spamd: result: Y 999 - GTUBE,NO_RECEIVED,NO_RELAYS ....
View 7 Replies
ADVERTISEMENT
Jul 2, 2009
I usually use the "top" command to see what is happening in my server ... Normally everything is OK untill one week ago I start so see this process:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1115 root 20 0 10768 10m 164 R 26 0.5 46:17.27 httpd
Is the number 1 on the top list using a lot of CPU and MEM (as I say before ... I never have seen this command in the past)
So when I kill the process everything goes fine but only for a few minutes and then is comming back
View 14 Replies
View Related
Feb 18, 2008
i've noticed a number of times in the past few weeks where the spamd process gets stuck (apache 2 server / whm) with a single user name running the process. there is no spam being sent out, no major incoming influx of mail either - the process is just stuck but consumes 100% of cpu and runs for ages before it terminates itself.
for e.g. right now my top output:
2789 <username> 25 0 99 287:44.76 1.3 79760 49m 2288 R spamd child
the 287 is the cumulative CPU time - no way it should be stuck like this.
how i can figure out what's causing this problem?
View 2 Replies
View Related
May 14, 2015
I tried to setup a cronjob to run a php script. Something simple like this:
php /var/www/vhosts/onlinehome-server.info/mydomain.co.uk/script.php
didn't worked. So I used the terminal as root and I noticed that php is not running script not even as root.
not even commands like php -v works. I don't get any error back.
Plesk version 12.0
View 5 Replies
View Related
Jun 27, 2007
Our web developer is logging in as root through SSH but log files do not show a record. We are getting the normal email notification but last & last -a does not show that they have logged in. Anyone seen this before?
View 7 Replies
View Related
Dec 7, 2008
I have read that running httpd under user nobody is not safe at all so I installed mod_suhosin and suphp but still the httpd is running under user nobody.
Could anyone suggest me how to check if they are installed good and are they working? I don't know why is this happening
View 7 Replies
View Related
Oct 25, 2007
When I deleted a database, the user apparently was orphaned because when I tried to recreate it, it returned "user already exists". I've never encountered that problem although from Googling, I see others have and they delete the user to get around it.
When I log into mysql using the da_admin@ account and attempt to remove the user with drop user <user_name>; I receive the following error message:
ERROR 1227 (42000): Access denied; you need the CREATE USER privilege for this operation
It seems I don't have rights even as the root user. How can I get remove the orphaned user?
View 8 Replies
View Related
Jun 8, 2007
I'm getting the error after running
[root@server ~]# mysqladmin processlist
Quote:
mysqladmin: connect to server at 'localhost' failed
error: 'Access denied for user 'root'@'localhost' (using password: NO)'
I'm running plesk on FC4.
Not too sure why it says failed or denied, as I'm root?
View 3 Replies
View Related
Aug 1, 2007
i can not login to my decated server by using root. the password is not correct.. becasue i did something wrong with my server. i used chmod 777 -R /public_hmtl and chown to modify my server. and i can not login anymore, LT asked me to reload my server, do i need to reload it?
View 6 Replies
View Related
Jun 27, 2014
Looking at a server with Plesk 12 installed there is no root user shown in tools & settings / scheduled tasks.
Login as root and crontab -l shows root has some tasks.
On a similar server with Plesk 11.5 installed can see root user shown in tools & settings / scheduled tasks.
View 1 Replies
View Related
May 15, 2007
I have 3 questions.
1.) I have a user that's kinda knows a lot about linux. More than me. He has a lot of stuff on the system which I have no idea what it is. Is there any way I can install a SSH log, so I can monitor what he does in shell?
2.) My server seems REALLY sluggish. I ran a top in shell, and mysqld was taking up from 70% to 110% of the cpu. Is there any way to fix this or find out why? I've restarted the server, and it's fluctuating between 50% and 90% now.
3.) I think this MIGHT be related to the sqld issue, but I've received about 12 emails saying
Quote:
"[statscheck] Stats/Server Overload on my server". "MPORTANT: Do not ignore this email.
This is cPanel stats runner on server1.cewxp.com!
While processing the log files for user cewxp, the cpu has been
maxed out for more than a 6 hour period. The current load/uptime line on the server at the time of this email is 15:49:16 up 5 days, 10:52, 2 users, load average: 27.59, 31.36, 31.83"
and also another email
Quote:
IMPORTANT: Do not ignore this email.
This is cPanel stats runner on server1.cewxp.com!
While processing the log files for user vegapunk, the cpu has been maxed out for more than a 6 hour period. The current load/uptime line on the server at the time of this email is 12:34:26 up 5 days, 7:37, 2 users, load average: 19.90, 17.59, 17.97
View 3 Replies
View Related
Sep 5, 2007
Running programs named Perl with Heavy CPU usage, with the ownership of user apache.
We found the problem on Fedora 3 and Fedora 6.
In our case, it was the result of a Trojan activity.
Quick Solution
Check the cron jobs of user apache
crontab -u apache -e
*/1 * * * * perl /tmp/.tmp/tmpfile
delete the cronjob entry.
Also delete the file /tmp/.tmp/tmpfile
also added "apache" to the file /etc/cron.deny
That's all
Problem and solution in detail....
View 1 Replies
View Related
Jul 12, 2009
Im trying to setup a mysql server on my centos vps server. Ive installed mysql server and done chkconfig and the mysql server has started. My problems start when i want to set a mysql root password.
Quote:
mysqladmin -u root password yourrootsqlpassword
mysqladmin -h server1.example.com -u root password yourrootsqlpassword
I get an error "ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)"
Which i totally dont understand because why would it want a password when im trying to set the password?
View 6 Replies
View Related
Nov 25, 2008
I have read that although chained root ssl certificates can be more difficult to install they are actually more secure since the root certificate cannot be compromised, only the intermediary.
Is this true? It looks like both google and amazon both use chained SGC certs.
View 0 Replies
View Related
Oct 28, 2006
what thise services mean or refer to !!!!
imap
spamd
View 2 Replies
View Related
May 27, 2009
I am having trouble fixing spamd on my server, spamd -- failed!
How do i go about fixing this?
View 9 Replies
View Related
Jul 30, 2009
I a keep received the email as below every 5 min:
spamd failed @ Fri Jul 31 09:29:04 2009. A restart was attempted automagically.
Service Check Method: [check command]
Cmd Service Check Raw Output: Spamd is not running
View 6 Replies
View Related
Apr 28, 2008
i have this really annoying issue i'm hoping you can help with.
it seems the spamd child process gets stuck and causes 100% cpu usage. but this doens't just happen randomly, its only for this single user account. e.g. take a look at top output:
4581 <username> 93 40:58.87 1.3 82624 52m 2280 R spamd child
the 93 is 93% cpu usage. 40:58 is how long the process has been running, 40 minutes and counting (i just killed it though). and all it tells me its running spamd child. it usually dies after a few hours but only after causing 200% cpu usage (100% on both cpus) and making my server load skyrocket. This happens at least twice daily at no set times.
this user isn't a spammer. no scripts, no mail queue generation, no email accounts even.
running cpanel 11, centos 4.
View 3 Replies
View Related
Feb 25, 2008
root@server [~]# service exim restart
Shutting down clamd: [ OK ]
Shutting down exim: [ OK ]
Shutting down antirelayd: [ OK ]
Shutting down spamd: [ OK ]
Starting clamd: [ OK ]
Starting exim-26: [ OK ]
Starting exim: [ OK ]
Starting exim-smtps: [ OK ]
Starting antirelayd: [ OK ]
Starting spamd: [1814] warn: server socket setup failed, retry 1: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[1814] warn: server socket setup failed, retry 2: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[1814] error: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
spamd: could not create INET socket on 127.0.0.1:783: Address already in use
I tried forced exim update, restarted xinetd, nothing works.
View 2 Replies
View Related
Nov 11, 2008
Anyone have a complete tutorial from start to finish on installing spamd as a smtp relay server/gateway? Im looking for some good doccumentation on this all i can find is just the spamd install guide but thats it. Im not even sure if i need postfix etc on the machine to run I have no idea.
1. what are the requirements
2. how to install and compile spamd
3. how to configure your mail servers to accept only mail from smtp relay and setup your mx records accordingly.
View 0 Replies
View Related
Nov 25, 2007
I have a VPS with 320MB of RAM. The problem is that spammassassin is killing my VPS.
Spamd service was using 50% of memory (+- 150MB of RAM).
Do you think that this is normal RAM for Spamd?
View 10 Replies
View Related
Sep 25, 2007
Spamd often died once in a while. How do i set up an auto monitoring and restart it if it dies? Btw, i'm on a Unix machine.
View 14 Replies
View Related
Jun 30, 2007
Spamd seems to be using 36% of RAM, which I work out to be around 290-300mb
Is that normal
top - 12:43:32 up 1 day, 15:09, 1 user, load average: 0.04, 0.05, 0.02
Tasks: 72 total, 1 running, 71 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.0% us, 0.1% sy, 0.0% ni, 99.9% id, 0.0% wa, 0.0% hi, 0.0% si
Mem: 851968k total, 544616k used, 307352k free, 0k buffers
Swap: 0k total, 0k used, 0k free, 0k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
28548 root 16 0 1888 1012 792 R 0 0.1 0:00.19 top
1 root 16 0 1620 600 520 S 0 0.1 0:00.64 init
23557 root 15 0 1524 544 456 S 0 0.1 0:02.13 syslogd
23570 named 16 0 69408 3872 1956 S 0 0.5 0:01.26 named
23587 root 20 0 1448 376 320 S 0 0.0 0:00.00 courierlogger
23588 root 15 0 1796 616 508 S 0 0.1 0:00.01 authdaemond
23590 root 16 0 1796 364 244 S 0 0.0 0:00.03 authdaemond
23592 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23593 root 15 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23594 root 16 0 1796 368 248 S 0 0.0 0:00.03 authdaemond
23595 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23602 root 15 0 4008 1128 832 S 0 0.1 0:00.67 sshd
23675 root 16 0 6580 4964 1228 S 0 0.6 0:01.08 chkservd
23856 root 16 0 2472 924 536 S 0 0.1 0:00.22 crond
24066 root 18 0 14096 8476 352 S 0 1.0 0:00.00 cpdavd
24074 root 16 0 5520 3708 1040 S 0 0.4 0:00.36 cpbandwd
24075 root 34 19 9068 6588 1756 S 0 0.8 0:10.20 cpanellogd
24116 nobody 18 0 3772 1724 652 S 0 0.2 0:00.00 entropychat
24146 root 18 0 4044 804 576 S 0 0.1 0:00.00 saslauthd
24169 root 18 0 1480 392 320 S 0 0.0 0:00.00 portsentry
25608 root 17 0 5400 3836 2320 S 0 0.5 0:02.25 authProg
25627 root 16 0 5400 3836 2320 S 0 0.5 0:02.28 authProg
30325 root 16 0 5400 3836 2320 S 0 0.5 0:02.07 authProg
11563 root 18 0 2072 804 668 S 0 0.1 0:00.00 xinetd
11603 root 15 0 1452 384 324 S 0 0.0 0:00.00 courierlogger
11604 root 15 0 1560 512 440 S 0 0.1 0:00.00 couriertcpd
11610 root 18 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11611 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
11616 root 15 0 1452 384 324 S 0 0.0 0:00.16 courierlogger
11617 root 15 0 1560 512 440 S 0 0.1 0:00.17 couriertcpd
11622 root 20 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11623 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
24353 root 16 0 5400 3768 2256 S 0 0.4 0:01.76 authProg
20008 root 17 0 5400 3772 2256 S 0 0.4 0:02.04 authProg
28437 mailnull 16 0 8516 1200 796 S 0 0.1 0:00.43 exim
28443 mailnull 18 0 8460 1148 752 S 0 0.1 0:00.00 exim
28481 root 16 0 26116 23m 1880 S 0 2.8 0:01.37 spamd
28503 root 16 0 3028 1140 640 S 0 0.1 0:01.95 antirelayd
28505 root 16 0 305m 302m 2032 S 0 36.3 3:26.74 spamd
28506 root 16 0 28776 26m 2008 S 0 3.2 0:01.02 spamd
28512 mailman 19 0 10276 4928 840 S 0 0.6 0:00.01 mailmanctl
28515 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.59 python2.4
28516 mailman 16 0 10064 6696 2612 S 0 0.8 0:03.78 python2.4
28517 mailman 16 0 10036 6700 2612 S 0 0.8 0:03.56 python2.4
28519 mailman 16 0 10096 6692 2612 S 0 0.8 0:03.60 python2.4
28522 mailman 16 0 10044 6720 2612 S 0 0.8 0:03.64 python2.4
28523 mailman 16 0 10060 6760 2612 S 0 0.8 0:03.78 python2.4
28524 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.74 python2.4
28525 mailman 16 0 10060 6692 2612 S 0 0.8 0:00.15 python2.4
28571 root 17 0 2144 1128 964 S 0 0.1 0:00.00 mysqld_safe
28594 mysql 15 0 106m 17m 4184 S 0 2.1 0:54.08 mysqld
28635 mailnull 16 0 8496 3764 1520 S 0 0.4 0:00.88 eximstats
29982 root 16 0 2756 608 404 S 0 0.1 0:00.17 postsuexecinsta
[root@awt ~]# spamd restart
[29871] warn: server socket setup failed, retry 1: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[29871] warn: server socket setup failed, retry 2: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[29871] error: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[root@awt ~]# top
top - 12:43:58 up 1 day, 15:10, 1 user, load average: 0.02, 0.04, 0.02
Tasks: 72 total, 1 running, 71 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.1% us, 0.0% sy, 0.0% ni, 99.9% id, 0.0% wa, 0.0% hi, 0.0% si
Mem: 851968k total, 544392k used, 307576k free, 0k buffers
Swap: 0k total, 0k used, 0k free, 0k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
29918 root 16 0 1888 1012 792 R 0 0.1 0:00.01 top
1 root 16 0 1620 600 520 S 0 0.1 0:00.64 init
23557 root 15 0 1524 544 456 S 0 0.1 0:02.13 syslogd
23570 named 16 0 69408 3872 1956 S 0 0.5 0:01.26 named
23587 root 20 0 1448 376 320 S 0 0.0 0:00.00 courierlogger
23588 root 15 0 1796 616 508 S 0 0.1 0:00.01 authdaemond
23590 root 16 0 1796 364 244 S 0 0.0 0:00.03 authdaemond
23592 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23593 root 15 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23594 root 16 0 1796 368 248 S 0 0.0 0:00.03 authdaemond
23595 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23602 root 15 0 4008 1128 832 S 0 0.1 0:00.67 sshd
23675 root 16 0 6580 4964 1228 S 0 0.6 0:01.08 chkservd
23856 root 16 0 2472 924 536 S 0 0.1 0:00.22 crond
24066 root 18 0 14096 8476 352 S 0 1.0 0:00.00 cpdavd
24074 root 16 0 5520 3708 1040 S 0 0.4 0:00.37 cpbandwd
24075 root 34 19 9068 6588 1756 S 0 0.8 0:10.20 cpanellogd
24116 nobody 18 0 3772 1724 652 S 0 0.2 0:00.00 entropychat
24146 root 18 0 4044 804 576 S 0 0.1 0:00.00 saslauthd
24169 root 18 0 1480 392 320 S 0 0.0 0:00.00 portsentry
25608 root 17 0 5400 3836 2320 S 0 0.5 0:02.25 authProg
25627 root 16 0 5400 3836 2320 S 0 0.5 0:02.28 authProg
30325 root 16 0 5400 3836 2320 S 0 0.5 0:02.07 authProg
11563 root 18 0 2072 804 668 S 0 0.1 0:00.00 xinetd
11603 root 15 0 1452 384 324 S 0 0.0 0:00.00 courierlogger
11604 root 15 0 1560 512 440 S 0 0.1 0:00.00 couriertcpd
11610 root 18 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11611 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
11616 root 15 0 1452 384 324 S 0 0.0 0:00.16 courierlogger
11617 root 15 0 1560 512 440 S 0 0.1 0:00.17 couriertcpd
11622 root 20 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11623 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
24353 root 16 0 5400 3768 2256 S 0 0.4 0:01.76 authProg
20008 root 17 0 5400 3772 2256 S 0 0.4 0:02.04 authProg
28437 mailnull 16 0 8516 1200 796 S 0 0.1 0:00.43 exim
28443 mailnull 18 0 8460 1148 752 S 0 0.1 0:00.00 exim
28481 root 16 0 26116 23m 1880 S 0 2.8 0:01.37 spamd
28503 root 16 0 3028 1140 640 S 0 0.1 0:01.95 antirelayd
28505 root 16 0 305m 302m 2032 S 0 36.3 3:26.74 spamd
28506 root 16 0 28776 26m 2008 S 0 3.2 0:01.02 spamd
28512 mailman 19 0 10276 4928 840 S 0 0.6 0:00.01 mailmanctl
28515 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.59 python2.4
28516 mailman 16 0 10064 6696 2612 S 0 0.8 0:03.78 python2.4
28517 mailman 16 0 10036 6700 2612 S 0 0.8 0:03.56 python2.4
28519 mailman 16 0 10096 6692 2612 S 0 0.8 0:03.60 python2.4
28522 mailman 16 0 10044 6720 2612 S 0 0.8 0:03.64 python2.4
28523 mailman 16 0 10060 6760 2612 S 0 0.8 0:03.78 python2.4
28524 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.74 python2.4
28525 mailman 16 0 10060 6692 2612 S 0 0.8 0:00.15 python2.4
28571 root 17 0 2144 1128 964 S 0 0.1 0:00.00 mysqld_safe
28594 mysql 15 0 106m 17m 4184 S 0 2.1 0:54.08 mysqld
28635 mailnull 16 0 8496 3764 1520 S 0 0.4 0:00.88 eximstats
29982 root 16 0 2756 608 404 S 0 0.1 0:00.17 postsuexecinsta
View 14 Replies
View Related
Oct 15, 2007
I'm having a problem with one user account, every 5-10 minutes a spamd process of this user gets locked using 60-90% cpu and never ends. If I don't kill the process another one does the same and they all get locked causing very high loads
I reinstalled exim but it did nothing
The problem persisted even when this user's account was suspended
View 12 Replies
View Related
Mar 30, 2007
What would be the best spamd configuration setup for a server running Cent?
PID File
Maximum Children
Maximum Connections Perl Child
View 1 Replies
View Related
Feb 8, 2008
It may have already been covered, but i have searched and cannot find a solution to the following.
I have a few Shared hosting servers using Cpanel. The biggest use of resource is spamd.
Is there a way of setting up a spamd server, ie not using Cpanel so that this server purely does the spam checking then passes it back to which ever Cpanel server it came from.
I have done this using postfix, but I'm new to the whole exim / Cpanel thing.
View 4 Replies
View Related
Aug 5, 2008
I have been using my Server for a decent while, All of a sudden of the last month it has decided that it wants to play a game.
"Spamd" keeps failing and automagically restarts.
It restarts and works, But then Fails once again a few hours later. One morning I woke up to 7 error messages with the same service.
By Restarting Exim it resolves the issue but it happens hours later.
I have tried mostly of what I can think of.
Does anyone have any other thoughts on this issue and how it can be resolved?
View 4 Replies
View Related
