Exim processes running as root and mailnull

E

Escaflowne

Active Member
May 5, 2004
40
0
156
PL
Hello!

Here's a simple question (simple, but I can't seem to find the answer): why are some of exim's processes running as user mailnull and some as user root?

And here's a bonus question: is this normal?

Exim 4.62 on a FreeBSD 4.9 box.
 
W

websupport

Well-Known Member
Jun 24, 2006
92
0
156
Don't worry

Hello,

It's important to know what processes are running on your server, so you can
spot any abnormalities and potential security breaches.

Root and mailnull are the normal processes. Don't worry about it.
mailnull is a mail user account, used for exim.

:)
 
chirpy

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
33
473
Go on, have a guess
It is normal. Like several server daemons (such as httpd) they have an initial process that runs up under the root account so that they can access the necessary system files. They then launch child processes under a non-priveleged user account for the processing work. The reason they do this is simple - security. Because these processes usually process data derived from an untrusted source, i.e. the internet, should then ever be compromised, then the hacker would usually only have access to the non-privileged account instead of the root account.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
P Too much processes /usr/sbin/exim Email 2
postcd Server overloaded - SPAM? Exim processes Email 22
P Exim too many processes Email 1
9 Too much Exim Processes. Email 4
V Spamassassin causing zombie Exim processes Email 1
Similar threads
Too much processes /usr/sbin/exim
Server overloaded - SPAM? Exim processes
Exim too many processes
Too much Exim Processes.
Spamassassin causing zombie Exim processes
Top Bottom