Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Higher server load than normal..

Discussion in 'General Discussion' started by julzk, Oct 8, 2004.

  1. julzk

    julzk Member

    Joined:
    Oct 8, 2004
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    151
    Over the past 6 days there has been higher server loads than normal. Between the 1.xx and the 6.xx mark on one of our servers. We have been looking into the issue and cannot seem to find the problem thus far. After restarting exim and cpop services, the server laod would drop which gives me an indication it's the mail server causing the high load. It also was reported that spamcop has added the server ip to their database listing. I have a strong feeling someone is sending out mass spam from our server. The hard part is trying to track and find the abuser. Is there any way I can find out through ssh or within cpanel who is sending out the spam?
     
    #1 julzk, Oct 8, 2004
  2. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,741
    Likes Received:
    76
    Trophy Points:
    203
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    I dont think its a strong feeling that someone is spamming its a fact

    You need to search you mail logs for the ofending messages(s) and see which user is sending them


    see if you have a formail exploit
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 dalem, Oct 8, 2004
  3. julzk

    julzk Member

    Joined:
    Oct 8, 2004
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    151
    Just for example, after 2 days of server being up, there are over 67,000 emails sitting in the queue.. which is just a little too much don't you think? How on earth can I go through that many emails and try to find the offender?
     
    #3 julzk, Oct 11, 2004
  4. vivek

    vivek Well-Known Member

    Joined:
    Mar 2, 2004
    Messages:
    93
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    India
    Dear friend,

    Regularly check the maillog and traceout the mail address which is sending spam, also check the mail headers wo that you can clear cut idea who sending spam. The mail queue clearly indicates that there is spam done. Take necessary steps soon else your server will be unplugged due to outbound attack (depending upon the data center. i have servers at ev1servers.net and they have such policy). Take care of it. Also configure your sendmail.cf.
    If you have more queries feel free to ask :)

    Vivek.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 vivek, Oct 11, 2004
(You must log in or sign up to post here.)
Loading...
Similar Threads - Higher server load
  1. Sametto Chan

    MySQL Database crashed/CPU higher on server to down

    Sametto Chan, Oct 21, 2017, in forum: Workarounds and Optimization
    Replies:
    10
    Views:
    1,086
    Sametto Chan
    Oct 26, 2017
  2. Daniel Villela

    In Progress [CPANEL-23096] Display a warning when cPHulk brute force protection periods are higher than 1440

    Daniel Villela, Mar 2, 2018, in forum: General Discussion
    Replies:
    5
    Views:
    297
    cPanelMichael
    Sep 19, 2018
  3. SuperBaby

    SOLVED cPanel has Ioncube Loader higher than v5.1.1 ?

    SuperBaby, Oct 19, 2017, in forum: General Discussion
    Replies:
    5
    Views:
    952
    Muhammed Fasal
    Oct 19, 2017
  4. 2Pro4u

    Incremental backups with retention higher than one?

    2Pro4u, Jan 30, 2017, in forum: Data Protection
    Replies:
    6
    Views:
    1,088
    alinford
    Mar 16, 2017
  5. Rogerio

    New Thread Force regenerate server's SSL certificate

    Rogerio, Oct 18, 2018 at 11:08 AM, in forum: Security
    Replies:
    0
    Views:
    32
    Rogerio
    Oct 18, 2018 at 11:08 AM

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice