hi, i'm new on this forum and i say hello to everyone! i have a big and strange problem on my ispconfig box. first of all, here the system spec: VPS with 1GB RAM debian squeeze 6.0.2 (updated today) ispconfig 3.0.3.2 clamav 0.97 amavisd-new-2.6.4 my problem is that or clamav or amavis (or both) are not running or they are running bad from monday 15 aug and for that, postif not deliver emails to mailbox. here an example from mail.log: Aug 17 14:58:33 vps-0017 postfix/smtp[5993]: F0C57124E77: to=<[email protected]>, relay=none, delay=2524, delays=2524/0.27/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused) or that: Aug 17 09:42:24 vps-0017 postfix/error[7809]: 15D54124E53: to=<[email protected]>, relay=none, delay=269, delays=0.49/269/0/0.04, dsn=4.4.2, status=deferred (delivery temporarily suspended: conversation with 127.0.0.1[127.0.0.1] timed out while receiving the initial server greeting) i discover that the problem is related to amavis (listening on 10024) and clamav. when i try to restart clamav, i got this error: /etc/init.d/clamav-daemon restart Stopping ClamAV daemon: clamd. Starting ClamAV daemon: clamd failed! log output: Wed Aug 17 17:15:41 2011 -> +++ Started at Wed Aug 17 17:15:41 2011 Wed Aug 17 17:15:41 2011 -> clamd daemon 0.97 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) Wed Aug 17 17:15:41 2011 -> Log file size limited to -1 bytes. Wed Aug 17 17:15:41 2011 -> Reading databases from /var/lib/clamav Wed Aug 17 17:15:41 2011 -> Not loading PUA signatures. Wed Aug 17 17:15:56 2011 -> Loaded 1019664 signatures. Wed Aug 17 17:16:52 2011 -> LOCAL: Unix socket file /var/run/clamav/clamd.ctl Wed Aug 17 17:16:52 2011 -> LOCAL: Setting connection queue length to 15 Wed Aug 17 17:16:52 2011 -> ERROR: daemonize() failed: Cannot allocate memory Wed Aug 17 17:16:52 2011 -> Socket file removed. is seems to be a memory related issue. it is possible? i have to upgrade memory on VPS? now i have disabled mail filtering in main.cf (#content_filter = amavis:[127.0.0.1]:10024), but that solution in not acceptable (whole spam are delivered in incoming folder!). have you an idea? thx a lot
Hello, Try to find what is eating your ram, 1GB must be ok. I'm running ispconfig with your setup without problems. Just list your process and try to admin them. New soft installed? Cheers
thx for fast reply. from 15th aug no new software installed, nor server updating: no change to services installed...it very strange, it is not possible that frashclam had downloaded a bad upgrade? however, process's list ordered by memory usage 619 root 20 0 321m 75m 1016 S 0 7.6 0:54.29 saslauthd 623 root 20 0 313m 75m 1024 S 0 7.5 0:52.22 saslauthd 621 root 20 0 313m 72m 1024 S 0 7.2 0:54.29 saslauthd 620 root 20 0 296m 70m 1024 S 0 7.0 0:48.65 saslauthd 618 root 20 0 311m 69m 1024 S 0 7.0 0:53.27 saslauthd 21426 mysql 20 0 338m 60m 2756 S 0 6.0 15:31.81 mysqld 7521 root 20 0 230m 48m 488 S 0 4.9 0:17.30 spamd 7523 root 20 0 230m 48m 424 S 0 4.9 0:00.03 spamd 7522 root 20 0 230m 48m 424 S 0 4.9 0:00.05 spamd 9362 www-data 20 0 380m 44m 4988 S 0 4.4 0:03.38 apache2 19001 amavis 20 0 209m 36m 4 S 0 3.6 0:08.04 amavisd-new 9158 www-data 20 0 373m 36m 5496 S 0 3.6 0:03.85 apache2 8927 www-data 20 0 371m 35m 5088 S 0 3.6 0:04.01 apache2 9686 www-data 20 0 371m 35m 5048 S 0 3.6 0:01.42 apache2 9984 www-data 20 0 371m 35m 4964 S 0 3.6 0:01.43 apache2 6322 www-data 20 0 373m 35m 4616 S 0 3.6 0:04.02 apache2 8919 www-data 20 0 368m 32m 5060 S 0 3.2 0:03.15 apache2 10756 www-data 20 0 367m 31m 4832 S 0 3.2 0:00.67 apache2 10662 www-data 20 0 352m 16m 4300 S 0 1.6 0:00.11 apache2 10817 www-data 20 0 248m 15m 4260 S 0 1.6 0:00.17 apache2 19015 amavis 20 0 205m 10m 4 S 0 1.0 0:00.01 amavisd-new 1616 root 20 0 244m 7444 212 S 0 0.7 3:57.51 apache2 15030 www-data 20 0 158m 6392 92 S 0 0.6 0:01.42 apache2 10820 postfix 20 0 103m 5852 4380 S 0 0.6 0:00.03 smtpd 15029 root 20 0 39536 5468 1024 S 0 0.5 0:03.56 vlogger 1183 root 20 0 207m 4096 1048 S 1 0.4 83:57.09 fail2ban-server 10821 postfix 20 0 52544 3332 2544 S 0 0.3 0:00.01 proxymap 10822 postfix 20 0 52556 3320 2568 S 0 0.3 0:00.01 trivial-rewrite 10869 postfix 20 0 52512 3072 2376 S 0 0.3 0:00.00 cleanup 10870 postfix 20 0 52416 2964 2296 S 0 0.3 0:00.00 pipe 5486 postfix 20 0 54172 2944 548 S 0 0.3 0:05.97 qmgr 10881 postfix 20 0 39356 2404 1884 S 0 0.2 0:00.38 showq 10793 postfix 20 0 39224 2352 1856 S 0 0.2 0:00.00 anvil 9990 postfix 20 0 39224 2320 1836 S 0 0.2 0:00.01 pickup 7162 root 20 0 71628 2112 200 S 0 0.2 0:02.34 sshd 8015 clamav 20 0 42700 2008 1104 S 0 0.2 0:03.14 freshclam 5589 postfix 20 0 41744 1772 816 S 0 0.2 0:00.03 tlsmgr 10885 root 20 0 19064 1368 1004 R 1 0.1 0:00.02 top 7164 root 20 0 121m 1216 644 S 0 0.1 0:01.89 bash 582 root 20 0 117m 1136 468 S 0 0.1 5:16.76 rsyslogd 24408 bind 20 0 142m 868 364 S 0 0.1 0:06.77 named 15051 vmail 20 0 25724 728 464 S 0 0.1 0:00.42 imapd 4726 vmail 20 0 25728 724 432 S 0 0.1 0:01.89 imapd 5479 root 20 0 37160 708 188 S 0 0.1 0:02.11 master 1571 ntp 20 0 38332 592 432 S 0 0.1 2:37.96 ntpd 743 root 20 0 31860 588 376 S 0 0.1 0:15.05 authdaemond 740 root 20 0 31860 584 376 S 0 0.1 0:15.46 authdaemond 741 root 20 0 31860 584 372 S 0 0.1 0:15.25 authdaemond cat /proc/meminfo MemTotal: 1022808 kB MemFree: 26152 kB Buffers: 7248 kB Cached: 169172 kB SwapCached: 1100 kB Active: 513456 kB Inactive: 434072 kB Active(anon): 377716 kB Inactive(anon): 394772 kB Active(file): 135740 kB Inactive(file): 39300 kB Unevictable: 0 kB Mlocked: 0 kB SwapTotal: 1048568 kB SwapFree: 4 kB Dirty: 88 kB Writeback: 0 kB AnonPages: 770044 kB Mapped: 13328 kB Shmem: 1376 kB Slab: 23320 kB SReclaimable: 15088 kB SUnreclaim: 8232 kB KernelStack: 1320 kB PageTables: 14020 kB NFS_Unstable: 0 kB Bounce: 0 kB WritebackTmp: 0 kB CommitLimit: 1559972 kB Committed_AS: 2482192 kB VmallocTotal: 34359738367 kB VmallocUsed: 6200 kB VmallocChunk: 34359732008 kB HardwareCorrupted: 0 kB HugePages_Total: 0 HugePages_Free: 0 HugePages_Rsvd: 0 HugePages_Surp: 0 Hugepagesize: 2048 kB DirectMap4k: 1048576 kB DirectMap2M: 0 kB free total used free shared buffers cached Mem: 1022808 996648 26160 0 7252 169192 -/+ buffers/cache: 820204 202604 Swap: 1048568 1048564 4 may not be possible to only enable spamassassin for now? thx
the problem would be swap space is full? SwapTotal: 1048568 kB SwapFree: 4 kB only 1GB would be a small space? it is possible to increase swap space in any way?
I think if you increase swap space it would work, but this seems only a temporally solution. The right solution is know why your RAM and your swap is full. The only thing that occurred to me is to reboot the server
after a server reboot, all services are strted correctly and the filter activity is now normal. it was a memory issue, related, i think, to a too small swap space (1GB on 1GB RAM). you know a trick to increase a swap space without repartitioning hd? thx
One idea. You can swap your swap If you have a 3 Gb partition for /home backup it and convert it in swap space. And your swap space in your /home.
Can you check if your are currently getting a bruteforce attack? Check your auth.log This amount of memory for saslauthd is not normal. Also check your mail.log, maybe someone is sending a lot of emails... Cheers
after reboot i was able to process mail queue and to retrive old emails. very well, but free -m say that: total used free shared buffers cached Mem: 998 785 213 0 6 354 -/+ buffers/cache: 424 574 Swap: 1023 143 880 swap usage is dramatically increasing again and i'm afraid to restart the server in a few days. for now I created a new area on a swap file by following this article http://www.go2linux.org/Swap-memory-increase-with-swap-file. hope that this help.
I have noticed some attempts to connect with different users (root admin oracle postgres): in this case should not be activated fail2ban?
