From owner-freebsd-isp@FreeBSD.ORG Thu Jun 5 10:00:11 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8CDC037B40C for ; Thu, 5 Jun 2003 10:00:11 -0700 (PDT) Received: from alcatraz.wolfpaw.net (alcatraz.wolfpaw.net [204.209.44.3]) by mx1.FreeBSD.org (Postfix) with SMTP id D271743F75 for ; Thu, 5 Jun 2003 10:00:10 -0700 (PDT) (envelope-from admin-lists@wolfpaw.net) Received: (qmail 15042 invoked by uid 0); 5 Jun 2003 17:00:09 -0000 Received: from unknown (HELO wolf) (216.123.201.128) by 0 with SMTP; 5 Jun 2003 17:00:09 -0000 From: "Wolfpaw - Dale Corse" To: "Eric W. Bates" , "Wolfpaw - Dale Corse" , Date: Thu, 5 Jun 2003 11:14:51 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <026c01c32b7f$e694fab0$68c311cc@fortiva> X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Subject: RE: login class for mail users X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2003 17:00:12 -0000 Could someone be attacking the port spamd is on? You should only need one spamd I think.. that's all we have going.. looks like: spamc 18863 0.0 0.8 25396 4180 ? S May24 1:18 perl /usr/local/bin/spamd -L -x -d -u spamc and anything it spawns would run as spamc.. you may want to consider maybe replacing spamd with a script that invokes a limited shell (lshell maybe?) and that way.. you could limit how many it can spawn.. perhaps you can write a script to check and see if there is a spam error and restart spamd.. not sure.. mine doesn't have this problem :( Hope something helps :) D. -------------------------------- Dale Corse System Administrator Wolfpaw Services Inc. http://www.wolfpaw.net (780) 474-4095 > -----Original Message----- > From: Eric W. Bates [mailto:ericx@vineyard.net] > Sent: Thursday, June 05, 2003 10:31 AM > To: Wolfpaw - Dale Corse; freebsd-isp@freebsd.org > Subject: Re: login class for mail users > > > We're using postfix (Gasp!) and have settled on > procmail-->spamc-->spamd to allow customer control. > > What happens intermittently (about once every 2-3 days) is > spamd will start spawning multiple copies of itself > apparantly for the same message. Eventually there are 3 or > 4 thousand procs and the machine is hosed. Forensics have > been difficult because it happens somewhat sporatically, > and by the time alarms start going off the machine is locked. > > spamd runs as root, out of rc.d; but it spawns copies of > itself and changes uid to the user. If I set spamd's > --max-children option; then spam filtering fails for > everyone when this error occurs. If I can figure out how > to gracefully limit procs for the individual user; then at > least filtering should continue to work for everyone else > when the silly thing wedges. > > I suspect that a 'mailuser' might not address the problem; > because I think the process is spawned before EUID is demoted. > > ----- Original Message ----- > From: "Wolfpaw - Dale Corse" > To: "Eric W. Bates" ; > Sent: Thursday, June 05, 2003 11:43 AM > Subject: RE: login class for mail users > > > > Actually.. just to mention something. I don't have the class you > > seek.. but I have noticed something about spamassassin. We were > > using qmail-scanner-queue to process mail with it.. and it works > > excellent.. except that its a massive waste of system resources. > > > > I would do the following before setting any limits (which should > > be there anyway).. it worked well for us: > > > > A) Make sure your mail servers use spamc, not spamassassin > > B) Use the following as a processing script replacement for > > qmail-queue: > > > > #!/bin/sh > > /usr/local/bin/spamc | /var/qmail/bin/qmail-queue > > > > Perl is a horrible resource hog at startup time.. one should avoid > > running large numbers of perl scripts over and over again at all > > costs I would say. It is excellent for some things.. but mail is > > not one of them, IMO :) > > > > Obviously, if your not using qmail (Gasp?!) this doesn't apply :) > > > > Just my 2 cents. :) > > D. > > -------------------------------- > > Dale Corse > > System Administrator > > Wolfpaw Services Inc. > > http://www.wolfpaw.net > > (780) 474-4095 > > > > > -----Original Message----- > > > From: owner-freebsd-isp@freebsd.org > > > [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Eric W. Bates > > > Sent: Thursday, June 05, 2003 9:09 AM > > > To: freebsd-isp@freebsd.org > > > Subject: login class for mail users > > > > > > > > > Anyone have a login class for mail users which they have > > > found sets reasonable limits? > > > > > > I've found I need to cap SpamAssassin. > > > > > > Thanks. > > > > > > > > > Eric W. Bates > > > ericx@vineyard.net > >