You want to look at all the logs, these are just a few ...
/var/log/maillog
/var/log/exim_mainlog
/var/log/exim_rejectlog
One that might be more important in your case:
/var/log/exim_paniclog
You could also have a configuration error in your exim or your firewall that could be dragging your connection down and might not be doing anything with spam at all (Then again it could be that too). Depending on your security configuration, you could also have some script somewhere that is bypassing your system processes and making direct connections but this can very easily be restricted.
If you have not done so already, I would suggest setting up extended logging for your mail server so you can more readily detect scripts making repeat mail server calls
To do this, go in to "Exim Configuration Editor" in WHM and click on the "Advanced Editor" button and in the page that comes up, go to the first white textbox you see scrolling down from the top of the page and write the following line and then save everything:
Code:
log_selector = +arguments +subject +received_recipients
How much system memory do you have? If you are operating on a low memory configuration such as the case may be with a VPS server, you will probably want to use "Dovecot" instead of "Courier" as it has a bit lower memory overhead and might work better in that situation.
If you want to get a better feel of what is going on in your system, here is a couple of commands you may want to take a look at:
Code:
ps aux | less
top
netstat -ntu
You can always reset Exim's configuration back to default from the "Exim Configuration Editor" at anytime and start over or reinstall Exim using Cpanel's included script "/scripts/eximup --force"
Chirpy has a few scripts at configserver.net that may be of interest to you also and are easy to install and most notable to for this particular issue would be "Mail Queues" (cmq) and "Mail Manage" (cmm)
LinkBack URL
About LinkBacks
I think I have a spammer on my webserver
Reply With Quote
