The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SPAMd / EXIM fails frequently... Any solutions?

Discussion in 'General Discussion' started by ramcjbin, Jun 13, 2006.

  1. ramcjbin

    ramcjbin Member

    Joined:
    Mar 12, 2005
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    Hi,

    100's of processes like the ones shown below causes SPAMd / EXIM to crash.

    1053 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1136 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1219 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1413 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1419 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1421 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1422 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1482 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1490 mailnull 0 0.0 0.2 /usr/sbin/exim -bd -q60m
    1541 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1542 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1592 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1593 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1597 mailnull 0 0.0 0.2 /usr/sbin/exim -bd -q60m
    1621 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1642 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1692 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1693 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m
    1697 mailnull 0 0.0 0.2 /usr/sbin/exim -bd -q60m
    1801 mailnull 0 0.0 0.1 /usr/sbin/exim -bd -q60m

    How to correct this problem?
     
  2. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    What's your Kernel version? You might have a script that loops indefinitely, or spammer using a script to deliver their spam. Did you check email traffic on your server? Does that cause server high load?
     
  3. ramcjbin

    ramcjbin Member

    Joined:
    Mar 12, 2005
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    My kernel version is 2.6.14.3.dn2.64

    MRTG shows mostly in single digit of received & send mails. Many times 1 to 5.

    I use chripy's dictionary attack in EXIM and even reduced the allowed failure from 3 to 2

    I see rejections in Exim logs.

    Server load is very low.

    Now installed PRM to intervene mailnull processes to keep control of it.

    Dictionary attacks are going on as usual as per mail log and that too has only 2 to 3 attack entries in a minute.

    Still lot of EXIM connections for very few mails.

    Any idea where to check further?
     
Loading...

Share This Page