Help: Server overload up to 200 caused by EXIM processes!!

[email protected]

Active Member
May 18, 2003
32
0
156
Hello,

I run a server with RedHot 9 (kernel 2.4.20-28.9). I got a problem today that the program Exim pushed my server load to as high as 200 and freezed my server several times. I had to stop the exim service, even need to disable the exim program to make it un-executable in order to stop this problem.

I noticed that once I enable/restart the exim service, many many Exim process start to run like crazy and push the server load right up to 100 and 200. I noticed that the Exim processes were run under user name "mailnull" and "root".

I know something was going on. Is there something wrong with my server, or someone sends a large number of spam emails to my server consistently?

Right now, I can not receive or send emails for a whole day because I had to stop Exim service.

Could someone provide some hints how to fix it?

Thanks a lot.
John
 
Last edited:

randomuser

Well-Known Member
Jun 25, 2005
147
0
166
1 . Check the logs? tail -f /var/log/exim_mainlog (while Exim is running, or just look over the logs manually)

2. Learn the logs - http://exim.org/exim-html-4.50/doc/html/spec_48.html#CHAP48

3. check /etc/valiases/* and replace all instances of :blackhole: with :fail: No Such User Here (make a backup of the dir first, and search the forums more info on how to do this rather easily)