spamd ( Spam Assassin Daemon ) spawning loads and consuming memory

buro9 · Nov 10, 2003

I've run into a problem with Spam Assassin.

I don't have many busy domains, in fact I only have one that is even slightly busy... yet my resources keep being sucked dry.

I've gone into dcpumon logs and pulled out that last 'top' prior to my rebooting on the last occasion that the box ground to a halt... and it appears that spamd is using 104.7% of available memory.

Here is my top file:

Code:

 10:18am  up 3 days,  3:07,  0 users,  load average: 178.84, 222.79, 214.24
221 processes: 201 sleeping, 14 running, 6 zombie, 0 stopped
CPU0 states:  9.0% user, 38.2% system,  0.0% nice, 51.2% idle
CPU1 states:  9.0% user, 38.2% system,  0.0% nice, 51.2% idle
Mem:   262144K av,  197828K used,   64316K free,   30236K shrd,       0K buff
Swap:  262144K av,  196636K used,   65508K free                   30324K cached

  PID USER     PRI  NI  SIZE  RSS SHARE STAT %CPU %MEM   TIME COMMAND
15997 root      20   0  1044 1044   712 R    14.6  0.3   0:00 top
15995 root      19   0  1036 1036   712 R    12.9  0.3   0:00 top
15996 root      20   0  1036 1036   712 R    12.9  0.3   0:00 top
15999 root      20   0  2704 2704  2700 R     3.4  1.0   0:00 exim
15889 mysql      2   0  1920 1840  1060 D     2.1  0.7   0:00 mysqld
15976 root      16   0  2664 2664  2588 S     2.1  1.0   0:00 exim
15977 root      16   0  2664 2664  2588 S     1.7  1.0   0:00 exim
16002 root      18   0  2680 2680  2116 R     1.7  1.0   0:00 exim
13101 root      20  19  8540 7464   968 R N   1.2  2.8   0:30 cpanellogd
15963 root      16   0  2664 2664  2588 S     1.2  1.0   0:00 exim
15972 root      16   0  2660 2660  2584 S     1.2  1.0   0:00 exim
15984 root      19   0  2676 2676  2672 S     1.2  1.0   0:00 exim
16000 root      19   0  2704 2704  2664 S     1.2  1.0   0:00 exim
15971 root      15   0  2660 2660  2584 S     0.8  1.0   0:00 exim
16038 root      11   0  1284 1284  1056 R     0.8  0.4   0:00 sendmail
 8596 nobody     1   0   840  236   100 S     0.4  0.0   0:00 httpd
15765 root      17   0  1156 1152   796 S     0.4  0.4   0:00 exim
15967 root      15   0  2664 2664  2588 S     0.4  1.0   0:00 exim
15969 root      15   0  2664 2664  2116 D     0.4  1.0   0:00 exim
15974 mysql      1   0  1920 1840  1060 D     0.4  0.7   0:00 mysqld
16022 bowlie    16   0  2680 2680  2600 S     0.4  1.0   0:00 exim
16024 bowlie    16   0  2680 2680  2600 S     0.4  1.0   0:00 exim
16029 root       9   0   524  524   468 S     0.4  0.1   0:00 initlog
16043 buro9     18   0  2716 2716  2704 S     0.4  1.0   0:00 exim
16050 mailnull  15   0  1504 1504  1248 S     0.4  0.5   0:00 sendmail
    1 root       0   0   104   60    48 S     0.0  0.0   0:08 init
12618 root       0   0   256  216   180 D     0.0  0.0   0:05 syslogd
12623 root       0   0    60    0     0 SW    0.0  0.0   0:00 klogd
12707 nobody     0   0   532  132    88 S     0.0  0.0   0:04 proftpd
12718 root       0   0  1064    0     0 SW    0.0  0.0   0:05 snmpd
12744 root       0   0   192   24     0 S     0.0  0.0   0:14 sshd
12761 root       0   0   180    0     0 SW    0.0  0.0   0:00 xinetd
12783 root       0   0  1324  544   464 S     0.0  0.2   0:11 chkservd
12830 root       0   0 16968  15M 14452 D     0.0  6.0   0:03 spamd
12840 root       0   0   160  108    80 S     0.0  0.0   0:02 crond
12855 root       0   0   180   36     0 S     0.0  0.0   0:00 mysqld_safe
13010 root       0   0   768   80    64 S     0.0  0.0   0:26 httpd
13090 root       0   0  1212  136     0 S     0.0  0.0   0:00 webmaild
13102 root       0   0  1732    0     0 SW    0.0  0.0   0:00 cpaneld
13116 root       0   0  1664    0     0 SW    0.0  0.0   0:02 cppop
13139 cpanel     0   0   216    0     0 SW    0.0  0.0   0:00 stunnel-4.04loc
13146 root       0   0  1420    0     0 SW    0.0  0.0   0:00 whostmgrd
13157 mailman    0   0  2732   36     0 S     0.0  0.0   0:07 mailmanctl
13176 root       0   0    68    0     0 SW    0.0  0.0   0:00 portsentry
13186 mailman    0   0  3040  628   420 S     0.0  0.2   0:06 python2
13192 mailman    0   0  3040 1116   420 S     0.0  0.4   1:18 python2
13193 mailman    0   0  3044 1204   432 S     0.0  0.4   1:16 python2
13195 mailman    0   0  3108 1508   416 S     0.0  0.5   1:19 python2
13196 mailman    0   0  3044 1080   424 S     0.0  0.4   1:17 python2
13208 root       0   0 18416 1604  1372 S     0.0  0.6   0:04 java

buro9 · Nov 10, 2003

Code:

13330 root       0   0 18416 1604  1372 S     0.0  0.6   0:07 java
13331 root       0   0 18416 1604  1372 S     0.0  0.6   0:18 java
13337 root       0   0 18416 1604  1372 S     0.0  0.6   0:00 java
13338 root       0   0 18416 1604  1372 S     0.0  0.6   0:00 java
13381 root       0   0 18416 1604  1372 S     0.0  0.6   6:10 java
13382 root       0   0 18416 1604  1372 S     0.0  0.6   0:00 java
13383 root       0   0 18416 1604  1372 S     0.0  0.6   0:00 java
13384 root       0   0 18416 1604  1372 S     0.0  0.6   0:01 java
13627 root       0   0 18416 1604  1372 S     0.0  0.6   0:02 java
13642 root       0   0 18416 1604  1372 S     0.0  0.6   0:02 java
13644 root       0   0 18416 1604  1372 S     0.0  0.6   0:01 java
13645 root       0   0 18416 1604  1372 S     0.0  0.6   0:01 java
13646 root       0   0 18416 1604  1372 S     0.0  0.6   0:44 java
13647 root       0   0 18416 1604  1372 S     0.0  0.6   0:00 java
13648 root       0   0 18416 1604  1372 S     0.0  0.6   0:00 java
13649 root       0   0 18416 1604  1372 S     0.0  0.6   0:00 java
13650 root       0   0 18416 1604  1372 S     0.0  0.6   0:00 java
13651 root       0   0 18416 1604  1372 S     0.0  0.6   0:04 java
 6816 nobody     0   0   756    0     0 SW    0.0  0.0   0:00 httpd
 6817 nobody     0   0   764   16     8 S     0.0  0.0   0:00 httpd
 6818 nobody     0   0   768   16     8 S     0.0  0.0   0:00 httpd
 6819 nobody     0   0  1152  456   364 S     0.0  0.1   0:00 httpd
 6820 nobody     0   0   976  432   264 D     0.0  0.1   0:00 httpd
 6836 nobody     0   0  1192  740   552 S     0.0  0.2   0:00 httpd
 6841 bowlie     0   0  2616  380   296 D     0.0  0.1   0:02 php
 6842 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 6844 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 6914 nobody     0   0   772   12     8 S     0.0  0.0   0:00 httpd
 6960 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 6991 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 7010 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 7013 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 7016 nobody     0   0   828  140    76 S     0.0  0.0   0:00 httpd
 7021 nobody     0   0   764    0     0 SW    0.0  0.0   0:01 httpd
 7024 nobody     0   0   772   16     8 S     0.0  0.0   0:00 httpd
 7032 nobody     0   0  1324  892   708 S     0.0  0.3   0:00 httpd
 7070 nobody     0   0  1152  456   364 S     0.0  0.1   0:00 httpd
 7128 nobody     0   0   772  140     8 S     0.0  0.0   0:00 httpd
 7133 nobody     0   0   772   16     8 S     0.0  0.0   0:00 httpd
 7134 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 7212 nobody     0   0   772  152     8 S     0.0  0.0   0:00 httpd
 7215 nobody     0   0   772  164     8 S     0.0  0.0   0:00 httpd
 7216 nobody     0   0  1160  456   364 S     0.0  0.1   0:01 httpd
 7412 nobody     0   0   828  148    80 S     0.0  0.0   0:00 httpd
 7419 nobody     0   0   772   16     8 S     0.0  0.0   0:00 httpd
 7442 nobody     0   0   828  144    80 S     0.0  0.0   0:00 httpd
 7540 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 7563 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 7570 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 7596 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 7603 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 7605 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 7606 nobody     0   0   772    0     0 SW    0.0  0.0   0:00 httpd
 7633 nobody     0   0   788    0     0 SW    0.0  0.0   0:00 httpd
 7634 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 7635 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 7639 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 7649 nobody     0   0   800  128    40 S     0.0  0.0   0:00 httpd
 7650 nobody     0   0  1184  720   560 S     0.0  0.2   0:00 httpd
 7651 nobody     0   0   772   56     8 S     0.0  0.0   0:00 httpd
 7654 nobody     0   0   772   16     8 S     0.0  0.0   0:00 httpd
 7865 nobody     0   0   776  144     4 S     0.0  0.0   0:00 httpd
 7898 nobody     0   0   764    0     0 SW    0.0  0.0   0:01 httpd
 7918 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 7922 nobody     0   0   788    0     0 SW    0.0  0.0   0:00 httpd
 7926 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 7992 nobody     0   0   772   60     8 S     0.0  0.0   0:00 httpd
 8039 nobody     0   0   772   28     8 S     0.0  0.0   0:01 httpd
 8041 nobody     0   0   772  164     8 S     0.0  0.0   0:00 httpd
 8065 nobody     0   0   764    0     0 SW    0.0  0.0   0:02 httpd
 8071 nobody     0   0   772   16     8 S     0.0  0.0   0:00 httpd
 8160 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 8180 nobody     0   0   772   16     8 S     0.0  0.0   0:00 httpd
 8220 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 8266 nobody     0   0   764    0     0 SW    0.0  0.0   0:00 httpd
 8304 nobody     0   0   772  204     8 S     0.0  0.0   0:00 httpd
 8314 nobody     0   0   772  164     8 S     0.0  0.0   0:00 httpd
 9796 mailman    0   0  3040 2724   300 S     0.0  1.0   0:03 python2
10139 root       0   0    92    0     0 SW    0.0  0.0   0:00 crond
10145 root       0   0   120    0     0 SW    0.0  0.0   0:00 sh
10473 nobody     0   0   740    4     0 S     0.0  0.0   0:01 httpd
10616 root       1   0  1928 1672   764 S     0.0  0.6   0:03 dcpumon
11485 nobody     0   0   772   48     8 S     0.0  0.0   0:00 httpd
11738 root       0   0  1696  340   136 S     0.0  0.1   0:01 cppop
12076 nobody     0   0  1192  740   572 S     0.0  0.2   0:00 httpd
12149 nobody     0   0   756   64    36 S     0.0  0.0   0:00 httpd
12341 root       0   0    92    0     0 SW    0.0  0.0   0:00 crond
12344 root       0   0   120   16     0 S     0.0  0.0   0:00 sh
13258 root       1   0  1920 1652   692 S     0.0  0.6   0:01 dcpumon
13810 buro9      0   0 17100  15M  8168 S     0.0  6.0   0:00 spamd
14194 buro9      0   0 17480  15M  8204 D     0.0  6.2   0:00 spamd
14195 buro9      0   0     0    0     0 Z     0.0  0.0   0:00 spamd <defunct>
14196 buro9      0   0 16560  15M  7512 D     0.0  5.8   0:00 spamd
14199 buro9      0   0 17240  16M  8508 D     0.0  6.2   0:00 spamd
14526 mailman    0   0  3752 3628  1000 S     0.0  1.3   0:00 python2
14603 buro9      0   0 17528  16M  8564 D     0.0  6.4   0:00 spamd
14604 buro9      0   0     0    0     0 Z     0.0  0.0   0:00 spamd <defunct>
14609 buro9      0   0     0    0     0 Z     0.0  0.0   0:00 spamd <defunct>
14698 mysql      0   0  1860 1780  1060 S     0.0  0.6   0:00 mysqld
14811 buro9      0   0    80    0     0 SW    0.0  0.0   0:00 spamc
14822 buro9      0   0     0    0     0 Z     0.0  0.0   0:00 spamd <defunct>
14828 buro9      0   0    80   40     0 S     0.0  0.0   0:00 spamc
14843 buro9      0   0    80   40     0 S     0.0  0.0   0:00 spamc
14854 buro9      0   0    80   40     0 S     0.0  0.0   0:00 spamc
14865 buro9      0   0    80    0     0 SW    0.0  0.0   0:00 spamc
14874 buro9      0   0    80   40     0 S     0.0  0.0   0:00 spamc
14879 buro9      0   0    80   40     0 S     0.0  0.0   0:00 spamc
14884 buro9      0   0    80   40     0 S     0.0  0.0   0:00 spamc
14941 buro9      0   0 17000  15M  8088 D     0.0  6.0   0:00 spamd
14942 buro9      0   0 17240  15M  8500 D     0.0  6.2   0:00 spamd
14943 buro9      0   0 17428  16M  8348 D     0.0  6.3   0:00 spamd
14944 buro9      0   0 17000  15M  8092 D     0.0  6.0   0:00 spamd
14947 buro9      0   0 17348  16M  8688 D     0.0  6.3   0:00 spamd
14948 buro9      0   0 17228  15M  8504 D     0.0  6.2   0:00 spamd
14949 buro9      0   0 17532  16M  8472 D     0.0  6.4   0:00 spamd
14983 buro9      0   0    80   60     0 S     0.0  0.0   0:00 spamc
15016 buro9      0   0    80    0     0 SW    0.0  0.0   0:00 spamc
15022 buro9      0   0    80    0     0 SW    0.0  0.0   0:00 spamc
15049 buro9      0   0    80    0     0 SW    0.0  0.0   0:00 spamc
15051 buro9      0   0    80   40     0 S     0.0  0.0   0:00 spamc
15056 buro9      0   0    80   40     0 S     0.0  0.0   0:00 spamc
15086 buro9      0   0    80   40     0 S     0.0  0.0   0:00 spamc
15116 root       0   0    92    0     0 SW    0.0  0.0   0:00 crond
15201 root       0   0   120   92     0 S     0.0  0.0   0:00 sh
15212 buro9      0   0    80   40     0 S     0.0  0.0   0:00 spamc
15217 buro9      0   0    80    0     0 SW    0.0  0.0   0:00 spamc
15261 buro9      0   0    80    0     0 SW    0.0  0.0   0:00 spamc
15265 buro9      0   0    80    0     0 SW    0.0  0.0   0:00 spamc
15276 bowlie     0   0  1668 1428   564 D     0.0  0.5   0:00 php
15303 buro9      0   0    80   40     0 S     0.0  0.0   0:00 spamc
15345 buro9      0   0    80    0     0 SW    0.0  0.0   0:00 spamc

buro9 · Nov 10, 2003

Code:

15368 root       1   0  1916 1644   696 S     0.0  0.6   0:00 dcpumon
15554 buro9      0   0 17332  15M  8440 S     0.0  6.1   0:00 spamd
15556 buro9      0   0 17344  16M  8720 D     0.0  6.2   0:00 spamd
15576 mysql      0   0  1920 1840  1060 S     0.0  0.7   0:00 mysqld
15577 mysql      0   0  1920 1840  1060 S     0.0  0.7   0:00 mysqld
15601 buro9      0   0    80    0     0 SW    0.0  0.0   0:00 spamc
15603 buro9      0   0    80    0     0 SW    0.0  0.0   0:00 spamc
15605 buro9      0   0    80   28     0 S     0.0  0.0   0:00 spamc
15651 buro9      0   0    80    0     0 SW    0.0  0.0   0:00 spamc
15755 root       0   0  1324  576   464 S     0.0  0.2   0:00 chkservd
15769 buro9      0   0 17600  16M  8988 D     0.0  6.4   0:00 spamd
15784 root       0   0  1560 1524  1232 S     0.0  0.5   0:00 sshd
15786 bowlie     0   0  4768 4768  2536 S     0.0  1.8   0:00 php
15811 buro9      0   0    80   40     0 S     0.0  0.0   0:00 spamc
15894 mysql      0   0  1920 1840  1060 S     0.0  0.7   0:00 mysqld
15917 mysql      0   0  1920 1840  1060 S     0.0  0.7   0:00 mysqld
15964 buro9      0   0 17068  15M 14484 D     0.0  6.0   0:00 spamd
15980 bowlie     1   0  4744 4744  2536 S     0.0  1.8   0:00 php
16021 bowlie    15   0     0    0     0 Z     0.0  0.0   0:00 exim <defunct>
16023 bowlie    16   0  2680 2680  2600 S     0.0  1.0   0:00 exim
16025 bowlie    16   0  2680 2680  2600 S     0.0  1.0   0:00 exim
16027 bowlie     8   0  2680 2680  2600 S     0.0  1.0   0:00 exim
16028 bowlie     8   0  2680 2680  2600 S     0.0  1.0   0:00 exim
16037 buro9     15   0  2716 2716  2688 S     0.0  1.0   0:00 exim
16039 buro9     10   0  2712 2712  2692 S     0.0  1.0   0:00 exim
16040 buro9     10   0   524  524   444 S     0.0  0.1   0:00 spamc
16042 buro9     19   0  2716 2716  2704 S     0.0  1.0   0:00 exim
16045 buro9     19   0  2716 2716  2704 S     0.0  1.0   0:00 exim
16046 mailnull  10   0  1504 1504  1248 S     0.0  0.5   0:00 sendmail
16047 buro9     10   0  2712 2712  2692 S     0.0  1.0   0:00 exim
16048 buro9     15   0   508  508   440 S     0.0  0.1   0:00 spamc
16049 buro9     18   0  2716 2716  2704 R     0.0  1.0   0:00 exim
16051 buro9     17   0  2712 2712  2692 S     0.0  1.0   0:00 exim
16052 buro9     19   0  2716 2716  2712 R     0.0  1.0   0:00 exim
16053 buro9     19   0  2716 2716  2712 R     0.0  1.0   0:00 exim
16054 buro9     15   0  2712 2712  2708 R     0.0  1.0   0:00 exim
16055 buro9     17   0  2712 2712  2708 R     0.0  1.0   0:00 exim
16056 buro9     19   0  2716 2716  2712 R     0.0  1.0   0:00 exim
16057 buro9     19   0  2716 2716  2712 R     0.0  1.0   0:00 exim
16058 buro9     15   0     0    0     0 Z     0.0  0.0   0:00 exim <defunct>

Which you can see has a load average of around 200.

Which obviously is killing MySql and PHP.

Now... I've read elsewhere that spamd can sometimes do this if it is strained too much, or cannot resolve remote hosts (such as blacklists):

http://www.exim.org/pipermail/exim-users/Week-of-Mon-20030630/056205.html

Where the best piece of advice is to try and run spamd in Local mode using the '-L' flag when starting spamd so that it doesn't resolve remote hosts and use remote rules.

This I think is the solution.

But where do I configure spamd to start with the '-L' flag? And has anyone else experienced this? And if so, what did you do to resolve it?

Cheers

David K

Thread starter	Similar threads	Forum	Replies	Date
S	EXIM and Spamassassin fails: "spam acl condition: cannot parse spamd output"!	Email	4	Nov 29, 2013
S	spamassassin/spamd log level	Email	0	Oct 14, 2012
	Spam Assassin spamd max children setting?	Email	5	Aug 16, 2007
A	Spamassassin / spamd not working -- solution	Email	4	Mar 13, 2006
G	SpamAssassin Problems - spamd failed, message queue clogging up	Email	5	Aug 29, 2005

Search

Search

spamd ( Spam Assassin Daemon ) spawning loads and consuming memory

buro9

Member

buro9

Member

buro9

Member