The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

antirelayd over working the server

Discussion in 'General Discussion' started by hicom, Jul 26, 2006.

  1. hicom

    hicom Well-Known Member

    Joined:
    May 23, 2003
    Messages:
    272
    Likes Received:
    0
    Trophy Points:
    16
    During some checking i've noted antirelayd causing the most disk write access. Any suggestions on how to reduce this. I believe the perl script is the /etc/exim.pl . We have number of RBL lists, SURBL, dictionary attack filters on EXIM which helped in blocking huge amount of spams.

    Any suggestions here ? Can we somehow disable antirelayd ?

    This is from Service Manager about antirelayd:

    antirelayd
    POP before SMTP daemon

    So disabling it will only cause issues with people who use POP before SMTP. Which is a very weak method of accessing mail at this time and age of spam mails.

    last pid: 43996; load averages: 0.63, 0.49, 0.53 up 11+18:02:03 12:24:17
    203 processes: 1 running, 201 sleeping, 1 lock
    CPU states: 4.1% user, 0.0% nice, 2.5% system, 0.1% interrupt, 93.3% idle
    Mem: 987M Active, 1703M Inact, 280M Wired, 159M Cache, 112M Buf, 135M Free
    Swap: 8762M Total, 768K Used, 8761M Free

    PID USERNAME VCSW IVCSW READ WRITE FAULT TOTAL PERCENT COMMAND
    29073 root 218 1 0 40 0 40 50.63% perl
    76426 root 206 1 0 29 0 29 36.71% perl
    43993 mailnull 69 4 0 0 0 0 0.00% exim-4.62-0
    43988 mailnull 1 0 0 0 0 0 0.00% exim-4.62-0
    43958 nobody 29 0 0 0 0 0 0.00% httpd
    43957 nobody 17 0 0 0 0 0 0.00% httpd
    43945 nobody 0 0 0 0 0 0 0.00% httpd
    43944 nobody 23 0 0 0 0 0 0.00% httpd
    43934 nobody 22 0 0 0 0 0 0.00% httpd
    43873 root 28 1 0 0 0 0 0.00% top
    43799 nobody 22 0 0 0 0 0 0.00% httpd

    COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
    perl 29073 root cwd VDIR 4,19 512 2522289 /usr/local/etc/exim
    perl 29073 root rtd VDIR 4,16 512 2 /
    perl 29073 root txt VREG 4,19 10084 2472964 /usr/local/bin/perl5.8.7
    perl 29073 root txt VREG 4,16 142236 70693 /libexec/ld-elf.so.1
    perl 29073 root txt VREG 4,19 1133264 3135258 /usr/local/lib/perl5/5.8.7/mach/CORE/libperl.so
    perl 29073 root txt VREG 4,16 120004 24603 /lib/libm.so.3
    perl 29073 root txt VREG 4,16 28644 24602 /lib/libcrypt.so.2
    perl 29073 root txt VREG 4,16 43100 24606 /lib/libutil.so.4
    perl 29073 root txt VREG 4,19 136020 1648684 /usr/lib/libpthread.so.1
    perl 29073 root txt VREG 4,16 884716 24607 /lib/libc.so.5
    perl 29073 root 0u VCHR 5,0 0t43798310 91 /dev/ttyp0
    perl 29073 root 1u VCHR 5,0 0t43798310 91 /dev/ttyp0
    perl 29073 root 2u VCHR 5,0 0t43798310 91 /dev/ttyp0
    perl 29073 root 3r VREG 4,20 11609914 1978421 /var/log/maillog
     
    #1 hicom, Jul 26, 2006
    Last edited: Jul 26, 2006
  2. hicom

    hicom Well-Known Member

    Joined:
    May 23, 2003
    Messages:
    272
    Likes Received:
    0
    Trophy Points:
    16
    For the sake of testing things out, I've killed these two perl processes (antirelayd) and noticed no problem sending/receiving emails using SMTP authentication. The load didn't reduce significantly, but load average never risen again.

    Additionally, when running gstat i'd notice the / partition was always busy when antirelayd was running, the moment i've killed that process, the / partition calmed down to almost no activity.

    Should I disable antirelayd completely ?
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    You've most likely not been checking your syslog. A search for antirelayd would have shown this thread:
    http://forums.cpanel.net/showthread.php?t=28863

    You can disable antirelayd in WHM > Service Manager. POP before SMTP will stop working, of course as the /etc/relayhosts file will no longer be updated, so you will have to use SMTP AUTH instead.
     
  4. hicom

    hicom Well-Known Member

    Joined:
    May 23, 2003
    Messages:
    272
    Likes Received:
    0
    Trophy Points:
    16
    Just to add disabling antirelayd helped in helping the server performance a bit. However, there also appears to be a bug in cPanel, after a reboot, antirelayd automatically launches even though it is disabled and I can't find any other bootup script that initiates it.

    in /etc there /etc/disableantirelayd file which is what chksrvd checks for before starting a script.
     
Loading...

Share This Page