cPanel spamd resource consumption high

Spamd is one the highest resource consumer on a cPanel server. It allocates a lot of memory from the get-go and holds on to it throughout. There is a way to limit the number of spamd processes that are spawned. On a cPanel server, which is what this guide covers, there is a configuration file called /etc/cpspamd.conf with the following lines:


maxspare=1
maxchildren=3


For a leaner server. we recommend dropping maxchildren to 1 and maxspare to 1. This will save a good hundred of megs of memory. Don’t forget to restart exim for these changes to take effect.

To check Which process hogging the CPU

ps -eo pcpu,pid,user,args | sort -k 1 -r | head -10

Server Sending Spam at 127.0.0.1

Comment the following lines.

dnl # Uncomment and edit the following line if your outgoing mail needs to

dnl # be sent out through an external mail server:

dnl #

dnl # define(`SMART_HOST', `127.0.0.1')dnl

dnl #

Since  sendmail daemon accepts mail on 127.0.0.1. Your php script submits email there, or forks the sendmail executable which in turn submits email there (check your submit.mc / submit.cf to verify this)

Also The emails were all from nobody@myhost

Find all processes that is running as nobody:

ps -U nobody

SMTP connection from [127.0.0.1]:36667 (TCP/IP connection count = 1)

Run netstat under watch to see which process is connecting to port 25:

watch 'netstat -na | grep :25'

These steps can help you find out the culprit is the... web server. Then you can run a strace to see which script is called when an email is sent:

strace -f -e trace=open,stat -p 1234 -o wserver.strace

(1234 is the parent PID of the web server process)

 

svc: warning: unable to control /service/proftpd/log: supervise not running

if u ever found this error on FreeBSD  try this command then

 svc: warning: unable to control /service/proftpd/log: supervise not running

# svscanboot &

Free BSD- shell error /var: create/symlink failed, no inodes free

Fix For   /var: create/symlink failed, no inodes free in Shell -- FreeBSD


buraglio@rtr%  umount -f /var
buraglio@rtr%  fsck -y -f /dev/ad1s1f
** /dev/ad1s1f
** Last Mounted on /var
** Phase 1 - Check Blocks and Sizes
** Phase 2 - Check Pathnames
** Phase 3 - Check Connectivity
** Phase 4 - Check Reference Counts
** Phase 5 - Check Cyl groups
FREE BLK COUNT(S) WRONG IN SUPERBLK
SALVAGE? yes

605 files, 2203376 used, 7039334 free (782 frags, 879819 blocks, 0.0% fragmentation)

***** FILE SYSTEM WAS MODIFIED *****


buraglio@rtr%  mount /dev/ad1s1f /var/

Command to enable/disable ICMP PING

Ping command is basically working on sending an Internet Control Message Protocol (ICMP) echo request packets to the target host and waiting for an ICMP response.

echo “0″ >> /proc/sys/net/ipv4/icmp_echo_ignore_all

Many server provider and host  disabled the PING command to secure the server, refer to the following command to disable the PING command.

echo “1″ >> /proc/sys/net/ipv4/icmp_echo_ignore_all

Backup of mysql database using cron job.

To generate the backup of mysql database using cron job refer following three format as per your requirement.

1) Cron job to generate  database backup in  .sql format

* * * * * /usr/bin/mysqldump -u databaseusername databasename -ppassword > /path of database database.sql

2) Cronjob to compress database backup in .bz2 format

* * * * * /usr/bin/mysqldump -u datbaseusername databasename -pdatbasepassword|bzip2 -c > /path of database database.bz2

3)  Cronjob to compress database backup in .gz format

* * * * * /usr/bin/mysqldump -u databaseusername databasename -ppassword|gzip > /path of databasedatabase.gz