At Thu, 30 Jun 2011 05:12:12 +0800 CentOS mailing list <centos at centos.org> wrote: > > On 6/30/11, Robert Heller <heller at deepsoft.com> wrote: > > If the problem is excessive load because Sendmail / Mimedefang / spamd / > > etc. is too busy handling tons of mail/spam being dumped on your server, you > > might want to look at these sendmail options: > > Mail was my first suspect because I had similar issues with exim/spamd > locking up bad on another server. But usually that includes a high cpu > % as well. Although this suspicion did help me pinpoint one of the > causes, a script that periodically went through the email > accounts/Maildirs and that was fixed from learning about ionice on the > list. > > For a while I thought problem solved, but these couple of days, it's > acting up again and nothing's jumping out screaming "I'm the problem!" > and not being able to SSH to see what's exactly going on is making it > difficult. I have discovered that my VPS (which is a Mail and Web server), would become impossible to ssh into sometimes. If I was patient enoungh, slogin would eventualy get me on the system. Ps would show lots and lots of sendmail, mimedefang, spamd, and clamav processes and insane load average values. I generally could manage to stop sendmail, and the load average to begin to go down as the various mail related processes wound down (once things became sane, I'd restart sendmail and any crashed daemons). I put in sendmail settings to throttle back on accepting connections when things got excessively 'busy'. This was NOT anything running on my server, but caused but some overeager spambot (or spambot farm), pushing a vast amount of spam at my server. This is a 'random' event and does not seem to follow any sort of meaningful or predictable schedule. I guess being proactive with sendmail settings, including the throttling setting and populating the accessdb with DSL/Cable modem networks (DISCARD) and various other random troublesome networks (REJECT) helps. (The networks in the accessdb cut off lots of connections without firing up mimedefang and crew.) I also have the SpamCop rule enabled as well. If the machine is a public-facing smtp server, I would look first to see if you are getting the problem I was having. Maybe looking at the maillog to see if the volume of incoming mail is just overwhelming the system. In which case you need to do things to keep sendmail from running to many processes, either by throttling the connection rate and/or be using the accessdb to discard or reject connection from known problem networks. > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > > -- Robert Heller -- 978-544-6933 / heller at deepsoft.com Deepwoods Software -- http://www.deepsoft.com/ () ascii ribbon campaign -- against html e-mail /\ www.asciiribbon.org -- against proprietary attachments