The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SpamAssassin

Discussion in 'General Discussion' started by teck, Feb 26, 2002.

  1. teck

    teck Well-Known Member

    Joined:
    Aug 10, 2001
    Messages:
    164
    Likes Received:
    0
    Trophy Points:
    16
    Spamassassin keeps taking up all my cpu/memory. I keep killing it and it the process keeps coming back:

    28019 username 33 0 84856 79M 0 R 0 98.8 33.8 40:10 spamassass

    I guess this has been running all night, making my load 1.5 steady. Why does it keep doing this and how do I stop it?
     
  2. feanor

    feanor Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    836
    Likes Received:
    0
    Trophy Points:
    16
    I think this occurs when the mailbox being analyzed by the UNHOLY ASSASSIN is a gigantic mailbox. Such as huge 'n stuff ( over 10 megs, etc )...

    do a search and destroy for large mailboxes and you will be in better shape.
     
  3. teck

    teck Well-Known Member

    Joined:
    Aug 10, 2001
    Messages:
    164
    Likes Received:
    0
    Trophy Points:
    16
    But then the user's mailbox gets deleted. I don't want to wipe out all his pop mail :)
     
  4. Craig

    Craig Well-Known Member

    Joined:
    Aug 10, 2001
    Messages:
    171
    Likes Received:
    0
    Trophy Points:
    16
    email him and tell him to check his mail :)

    Sorry couldnt resist :)

    Craig.
     
  5. teck

    teck Well-Known Member

    Joined:
    Aug 10, 2001
    Messages:
    164
    Likes Received:
    0
    Trophy Points:
    16
    Theres only about 25 pop emails totally 315k. I don't think thats big at all.. I keep killing it and it keeps coming back.
     
  6. feanor

    feanor Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    836
    Likes Received:
    0
    Trophy Points:
    16
    What about the contents of /var/spool/exim
    Are the subdirectories huge / clogged , etc?

    The domain calling the ASSASIN of LOVE might be tripping on some huge matching headers for the domain within those spool directories.....
     
  7. teck

    teck Well-Known Member

    Joined:
    Aug 10, 2001
    Messages:
    164
    Likes Received:
    0
    Trophy Points:
    16
    input and msglog total like 5 files.. i just deleted that .spamassassinenable file from the home dir and the problems went away. it's by no means a permanent solution though.
     
  8. feanor

    feanor Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    836
    Likes Received:
    0
    Trophy Points:
    16
    next time strace that instance of the process and it might reveal what it is hanging on, or what huge thing it is attempting to parse through.

    if I see this happen anywhere I'll do the same and post any intriguing results here.....
     
  9. teck

    teck Well-Known Member

    Joined:
    Aug 10, 2001
    Messages:
    164
    Likes Received:
    0
    Trophy Points:
    16
    strace? I've never heard of that? I tried reading man pages but it didn't help one bit. Care to shed some light on it?
     
  10. Brad

    Brad Well-Known Member

    Joined:
    Aug 16, 2001
    Messages:
    231
    Likes Received:
    0
    Trophy Points:
    16
    SpamAssissin is Assassinating us tonight too..

    Here's one from top tonight ..

    Didn't last long, but jeez, worse then nightly backups ..

    PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME COMMAND
    7412 UserName 14 0 9616 9616 1440 R 78.2 1.9 0:01 spamassassin
     
  11. feanor

    feanor Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    836
    Likes Received:
    0
    Trophy Points:
    16
    strace shows you exactly what a process is doing, when it's in memory. it won't make much sense, most of it, but when it gives you file paths and locations at least you know what it is touching on your machine so you can start investigating.

    strace -p PID# -f

    -f = follow spawns / etc

    It's fun for all.
    :p
     
  12. teck

    teck Well-Known Member

    Joined:
    Aug 10, 2001
    Messages:
    164
    Likes Received:
    0
    Trophy Points:
    16
    Thanks travis
     
  13. SHSaeed

    SHSaeed Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    245
    Likes Received:
    0
    Trophy Points:
    16
    I tried the strace command and this is what I get..

    old_mmap(NULL, 4046848, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x455b6000
    munmap(0x455b6000, 4046848) = 0
    old_mmap(NULL, 4046848, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x455b6000
    munmap(0x455b6000, 4046848) = 0
    old_mmap(NULL, 4046848, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x455b6000
    munmap(0x455b6000, 4046848) = 0
    old_mmap(NULL, 4046848, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x455b6000
    munmap(0x455b6000, 4046848) = 0
    old_mmap(NULL, 4046848, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x455b6000

    I have no idea what this means or what to do about this spamassassin problem. This customer's mail dir is 8kb only.

    Anyone have a solution to this problem?
     
  14. SHSaeed

    SHSaeed Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    245
    Likes Received:
    0
    Trophy Points:
    16
    AARRRGGH!!! I cought it running again, this time it had been running for over 45 minutes!! Server load over 1.24 (normally between 0.00 and 0.20 when busy)!! If there is no solution to this, then how can I disable it so users can not enable it?
     
  15. Marty

    Marty Well-Known Member

    Joined:
    Oct 10, 2001
    Messages:
    630
    Likes Received:
    1
    Trophy Points:
    18
    I am having the same problem, guys. I will try to catch it running too and see what I can find out. It is eating my cpu alive.
     
  16. feanor

    feanor Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    836
    Likes Received:
    0
    Trophy Points:
    16
    ? If it's running, then it's because a customer has deemed it worthy to filter their mail. It literally can crunch for hours at a time, if a customer's inbox is large enough. It is a chance you take, offering that in your cpanel theme.

    some love it, some hate it but still use it. Either way it can sit and spin on an inbox indefinitely. All you can do is intervene and kill the process and hope they got what they wanted out of it. It's much more well suited for a box with a domain or two on it.... not hundreds of people with hundreds of pop3s- it gets pretty scary then.

    Just my .02
     
  17. LinuxFreaky

    LinuxFreaky Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    87
    Likes Received:
    0
    Trophy Points:
    6
    This thing is happening to me too. And I see that the PID is owned by a particular user. I checked his mail folder, the /var/spool/exim/ folder, and did a strace. His emails total about 200-300kb and the strace just produced:

    munmap(0x4ca7e000, 5840896) = 0
    old_mmap(NULL, 5840896, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4ca7e000

    Ok so what's next? Is there something else that can be causing this? Every couple of hours spamassassin would act up.
     
  18. newfield

    newfield Active Member

    Joined:
    Mar 2, 2002
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    State of Confusion
    white_list, and threshold

    Is there going to be an option in cPanel for the account owner
    to add addresses to the SA whitelist, &/or adjust the threshold for their own account? As it stands right now, the cPanel manual instructs the users to & .. ask your systems administrator or ISP's helpdesk .. & (I don't think so, I just tell customers we don't support those options, and to disable the SA.)
     
  19. Curious Too

    Curious Too Well-Known Member

    Joined:
    Aug 31, 2001
    Messages:
    427
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    [quote:bed55bf8a5][i:bed55bf8a5]Originally posted by newfield[/i:bed55bf8a5]

    Is there going to be an option in cPanel for the account owner
    to add addresses to the SA whitelist, &/or adjust the threshold for their own account? As it stands right now, the cPanel manual instructs the users to & .. ask your systems administrator or ISP's helpdesk .. & (I don't think so, I just tell customers we don't support those options, and to disable the SA.) [/quote:bed55bf8a5]

    They can manually change their preferences by modifying the user_prefs file in the .spamassassin folder in their root directory.

    The user preferences options are here: http://www.spamassassin.org/doc/Mail_SpamAssassin_Conf.html#user_preferences
     
  20. newfield

    newfield Active Member

    Joined:
    Mar 2, 2002
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    State of Confusion
    edit user_prefs

    Yeah, I know how to do that, and have done it before, :) but cPanel was designed to shield the enduser from &editing& text files ;) , right? The general public is used to clicking this, and clicking that, not configuring.
     
Loading...

Share This Page