tjmoore

Member
Jun 23, 2005
19
0
151
I awoke to over 300 emails from my server saying CPSRVD and SPAMD is down.

I've tried restarting both to no avail:
Code:
[email protected] [~]# /etc/init.d/exim restart
Shutting down exim:                                        [  OK  ]
Shutting down spamd:                                       [FAILED]
Starting exim:                                             [  OK  ]
0 processes (antirelayd) sent signal 9
/usr/local/cpanel/scripts/update_sa_rules: running in background

Code:
[email protected] [~]# service cpanel restart
Stopping tailwatchd:  [21027] [2014-11-26 10:14:57 +0000] [main] Current process '17024' stopped
                                                           [  OK  ]
Stopping cPanel services:  Waiting for cpsrvd,whostmgrd,cpaneld,webmaild to shutdown ..... terminated.
                                                           [  OK  ]
Stopping cPanel dav services:  [Wed Nov 26 10:14:59 2014] Current process '13525' stopped
Waiting for cpdavd,cpdavd-ssl to shutdown ... not running.
                                                           [  OK  ]
Stopping cPanel queue services:  Graceful shutdown of cPanel TaskQueue Daemon requested. complete
                                                           [  OK  ]
Stopping cPanel brute force detector services:  Waiting for cphulkd.pl,cPhulkd,cphulkd to shutdown ... not running.
                                                           [  OK  ]
Stopping cPanel log services: 
Stopping cPanel Chat services:                             [FAILED]

Stopping cPanel ssl services:  Waiting for (?^:^(?:stunnel$|stunnel-[0-9\.]+local)) to shutdown ... not running.
                                                           [  OK  ]
Stopping mailman services:  Shutting down Mailman's master qrunner
PID unreadable in: /usr/local/cpanel/3rdparty/mailman/data/master-qrunner.pid
[Errno 2] No such file or directory: '/usr/local/cpanel/3rdparty/mailman/data/master-qrunner.pid'
Is qrunner even running?
mailmanctl: no process killed
                                                           [FAILED]
Starting SMTP Tweak: SMTP Mail protection has been enabled.
All outbound SMTP connctions will be redirected to localhost except:
	uid is root (ports: 25,465,587)
	uid is cpanel (ports: 25,465,587)
	gid is mail (ports: 25,465,587)
	gid is mailman (ports: 25,465,587)
                                                           [  OK  ]
Starting cPanel services: Waiting for cpsrvd,whostmgrd,cpaneld,webmaild to shutdown ... not running.
Starting cpsrvd.
                                                           [  OK  ]
Starting cPanel brute force detector services:             [  OK  ]
Starting cPanel dav services:                              [  OK  ]
Starting cPanel Chat services: 

Starting cPanel ssl services: Waiting for (?^:^(?:stunnel$|stunnel-[0-9\.]+local)) to shutdown ... not running.
Using Native SSL support (stunnel not needed)
                                                           [  OK  ]
Starting cPanel Queue services:                            [  OK  ]
Starting tailwatchd: [Wed Nov 26 10:15:16 2014] Starting /usr/local/cpanel/libexec/tailwatch/tailwatchd daemon
Log is at /usr/local/cpanel/logs/tailwatchd_log
                                                           [  OK  ]
Starting cPanel Log services: ==> cPanel Log Daemon version 26.0
                                                           [  OK  ]
Starting mailman services:
When I first restarted cPanel there was an exim stats error which I fixed. I've checked the logs and can't see anything obvious. Unsure where to start.......

Some people say move to Courier then back to Dovecot but don't really want to do that and unsure if that will fix anything ?
 
Last edited:

tjmoore

Member
Jun 23, 2005
19
0
151
It looks like a firewall issue - I stopped the firewall and the services recovered.
What has cPanel changed in 11.46.0 build 17 that uses a port that is obviously blocked ?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,218
463
Hello :)

The change log is available at:

11.46 Change Log

However, there's nothing that would require you to modify the ports that you allow in your firewall. Are you using CSF or custom firewall rules?

Thank you.
 

tjmoore

Member
Jun 23, 2005
19
0
151
Hello :)

The change log is available at:

11.46 Change Log

However, there's nothing that would require you to modify the ports that you allow in your firewall. Are you using CSF or custom firewall rules?

Thank you.
I use APF/BFD.

It may not be from this update - looks like CPSRVD and SPAMD fail if they are restarted or fail (and can't be restarted). The firewall then needs to be stopped - the services restarted - then the firewall restarted.

I block the none SSL ports for cPanel/whm (2086 and 2082) - I also block all access to cPanel and WHM apart from one IP through "host access control". Could this be it ?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,218
463
Hello :)

Are you using the RVGlobalSoft plugin with it's 2 factor authentication module?

Thank you.