softlayer says disable CSF

[salvatore333]

I had just one user who was using 100% CPU when I did a top -c from root for spamd.

Here is softlayers solution:

Now we have increased the spamd child process. Earlier it was only 2 and the recommended value was 15 - 20. This shall have a effect in it.

Also exim panic log is showing a socket time out error which also was quoted as a reason for this since an internal connection originating from the server gets a socket time out due to firewall.


So as a recommended solution, we have now disabled csf and the issue seems to be resolved.

--------------------------------------------------------------------------

Does this mean I cannot use chirpy's firewall on any of my servers?

Thank you

 

[Infopro]

You might want to turn it back on and make sure you have logging enabled for the firewall and take a closer look on your own.

This guys been drinkin' on the job.

 

[salvatore333]

I turned it on immediately when I went into shock knowing I had no firewall enabled.

I will do some more research. Thank you

 

[mctDarren]

Their solution to a firewall problem was to disable the firewall?? Wow...

Is port 53 open so that the server can do DNS checks?

 

[salvatore333]

Yes, port 53 was and is open. Thank you

 

[arhs]

salvatore333,

Try this:

cd /home/USER/.spam*

then do this:

rm -fr *

 

[salvatore333]

Thank you for the advice ARHS. Can you please tell me exactly what this command does before I run it?

Just being careful, Thanks very much

 

[mctDarren]

It's going to clear out all spamassassin settings for the user, including white/black lists and bayesian records.

 

[arhs]

We had this issue with one of our user’s and we cleared out the spamassassin settings and it solved the high load issue.