[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] big Sendmail problems
- Subject: [cobalt-users] big Sendmail problems
- From: "Benjamin Charles Tehan" <sysadmin@xxxxxxxxxxxx>
- Date: Sun Nov 19 19:55:00 2000
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
I'm having some major problems with sendmail hanging
below stats the current sendmail processes at .11:31
LAA0977 was started at 11:18, its been running for over 13 minutes.
At the stage of (ps aux | grep sendmail) sendmail has crashed, and all
current processes had to be killed for sendmail to restart.
This is happening constantly.
[root@dom1 mqueue]# ps aux | grep sendmail
root 9768 0.0 0.2 2448 1448 ? S 11:18 0:00 sendmail:
server
root 9770 0.0 0.2 2480 1524 ? S 11:18 0:00 sendmail:
LAA0977
root 9970 0.0 0.2 2448 1452 ? S 11:21 0:00 sendmail:
server
root 10000 0.0 0.2 2480 1536 ? S 11:22 0:00 sendmail:
LAA1000
root 10090 0.0 0.2 2448 1448 ? S 11:23 0:00 sendmail:
server
root 10091 0.0 0.2 2480 1524 ? S 11:23 0:00 sendmail:
LAA1009
root 10268 0.0 0.2 2448 1452 ? S 11:26 0:00 sendmail:
server
root 10269 0.0 0.2 2480 1532 ? S 11:26 0:00 sendmail:
LAA1026
root 10306 0.0 0.2 2448 1448 ? S 11:27 0:00 sendmail:
server
root 10307 0.0 0.2 2480 1524 ? S 11:27 0:00 sendmail:
LAA1030
root 10330 0.0 0.2 2448 1452 ? S 11:27 0:00 sendmail:
server
root 10352 0.0 0.2 2480 1528 ? S 11:27 0:00 sendmail:
LAA1035
root 10410 0.0 0.2 2448 1452 ? S 11:29 0:00 sendmail:
server
root 10412 0.0 0.2 2480 1532 ? S 11:29 0:00 sendmail:
LAA1041
root 10413 0.0 0.2 2448 1452 ? S 11:29 0:00 sendmail:
server
root 10414 0.0 0.2 2480 1532 ? S 11:29 0:00 sendmail:
LAA1041
root 10438 0.0 0.2 2448 1448 ? S 11:29 0:00 sendmail:
server
root 10439 0.0 0.2 2480 1516 ? S 11:29 0:00 sendmail:
LAA1043
root 10459 0.0 0.2 2448 1448 ? S 11:29 0:00 sendmail:
server
root 10469 0.0 0.2 2480 1516 ? S 11:30 0:00 sendmail:
LAA1046
root 10470 0.0 0.2 2448 1452 ? S 11:30 0:00 sendmail:
server
root 10480 0.0 0.2 2536 1548 ? S 11:30 0:00 sendmail:
LAA1048
root 10558 0.0 0.0 1164 456 pts/0 S 11:31 0:00 grep sendmail
You have new mail in /var/spool/mail/admin
[root@dom1 mqueue]# ls -l | grep LAA0977
-rw------- 1 root root 0 Nov 20 11:18 dfLAA09770
-rw------- 1 root root 0 Nov 20 11:18 qfLAA09770
-rw------- 1 root root 43 Nov 20 11:18 xfLAA09770
[root@dom1 mqueue]# cat dfLAA09770
[root@dom1 mqueue]# cat qfLAA09770
[root@dom1 mqueue]# cat xfLAA09770
<<< RCPT To:<someone@xxxxxxxxx>
<<< DATA
[root@dom1 mqueue]#
I'm not sure if the information in the LAA0977 files in queue will help, but
there it is.
maillog
Nov 20 11:17:26 dom1 sendmail[9701]: starting daemon (8.9.3):
SMTP+queueing@01:00:00
Nov 20 11:17:44 dom1 sendmail[9725]: LAA09725: from=<email@removed>,
size=1997, class=0, pri=241997, nrcpts=8, msgid=<00150$
Nov 20 11:17:46 dom1 sendmail[9730]: LAA09730: from=<email@removed>,
size=614, class=0, pri=30614, nrcpts=1, msgid=<003401c$
Nov 20 11:17:51 dom1 sendmail[9732]: LAA09730: to=<email@removed>,
ctladdr=<email@removed> (586/100), delay=00:00:05, xde$
Nov 20 11:18:02 dom1 sendmail[9757]: LAA09757: from=<email@removed>,
size=1187, class=0, pri=31187, nrcpts=1, msgid=<NDBBKJEAA$
Nov 20 11:18:03 dom1 sendmail[9727]: LAA09725: to=<email@removed>,
ctladdr=<email@removed> (593/100), delay=0$
Nov 20 11:18:03 dom1 sendmail[9727]: LAA09725: to=<email@removed>,
ctladdr=<email@removed> (593/100), delay=00:0$
Nov 20 11:18:03 dom1 sendmail[9727]: LAA09725: to=<email@removed>,
ctladdr=<email@removed> (593/100), delay=00:00:$
Nov 20 11:18:05 dom1 sendmail[9759]: LAA09757: to=<email@removed>,
ctladdr=<email@removed> (479/100), delay=00:00:03, $
Nov 20 11:18:07 dom1 sendmail[9764]: LAA09764: from=<email@removed>,
size=847, class=0, pri=30847, nrcpts=1, msgid=<383766064.9$
Nov 20 11:18:07 dom1 sendmail[9765]: LAA09764: to=<email@removed>,
delay=00:00:02, xdelay=00:00:00, mailer=local, stat=Sent
Nov 20 11:18:08 dom1 sendmail[9727]: LAA09725: to=<email@removed>,
ctladdr=<email@removed> (593/100), delay=00:00:26, $
Nov 20 11:19:00 dom1 sendmail[9816]: LAA09816: from=<email@removed>,
size=1285, class=0, pri=121285, nrcpts=4, msgid=<NDBBJBF$
Nov 20 11:19:01 dom1 sendmail[9817]: LAA09816:
to=<email@removed>,<email@removed>,<email@removed>, ctladdr=<herwi$
Nov 20 11:19:01 dom1 sendmail[9817]: LAA09816: to=<email@removed>,
ctladdr=<email@removed> (158/100), delay=00:00:01, xde$
Nov 20 11:19:24 dom1 sendmail[9773]: LAA09773: from=<email@removed>,
size=618792, class=0, pri=648792, nrcpts=1, msgid=<94CA51$
Nov 20 11:19:25 dom1 sendmail[9828]: LAA09773: to=<email@removed>,
delay=00:01:12, xdelay=00:00:01, mailer=local, stat=Sent
Nov 20 11:20:30 dom1 sendmail[9901]: LAA09901: from=<email@removed>,
size=1429, class=0, pri=31429, nrcp$
Nov 20 11:20:30 dom1 sendmail[9902]: LAA09901: to=<email@removed>,
delay=00:00:00, xdelay=00:00:00, mailer=local, stat=Sent
Nov 20 11:20:41 dom1 sendmail[9727]: LAA09725: to=<email@removed>,
ctladdr=<email@removed> (593/100), delay=00:02:59,$
Nov 20 11:20:41 dom1 sendmail[9727]: LAA09725: to=<email@removed>,
ctladdr=<email@removed> (593/100), delay=00:02:$
Nov 20 11:20:41 dom1 sendmail[9727]: LAA09725: to=<email@removed>,
ctladdr=<email@removed> (593/100), delay=00:02:59,$
Nov 20 11:20:48 dom1 sendmail[9727]: LAA09725: to=<email@removed>,
ctladdr=<email@removed> (593/100), delay$
Nov 20 11:25:15 dom1 sendmail[10182]: LAA10182: from=<email@removed>,
size=2474, class=0, pri=32474, nrcpts=1, msgid=<2000112$
Nov 20 11:25:16 dom1 sendmail[10184]: LAA10182: to=<email@removed>,
delay=00:00:05, xdelay=00:00:01, mailer=local, $
Nov 20 11:26:15 dom1 sendmail[10240]: LAA10240: from=<email@removed>,
size=1003, class=0, pri=31003, nrcpts=1, msgid=<000101c0$
Nov 20 11:26:15 dom1 sendmail[10242]: LAA10240: to=<email@removed>,
ctladdr=<email@removed> (631/100), delay=00:$
Nov 20 11:26:38 dom1 sendmail[10243]: LAA10243: from=<email@removed>,
size=102079, class=0, pri=162079, nrcpts=2, msgid=<00020$
Nov 20 11:25:15 dom1 sendmail[10182]: LAA10182: from=<email@removed>,
size=2474, class=0, pri=32474, nrcpts=1, msgid=<2000112$
Nov 20 11:25:16 dom1 sendmail[10184]: LAA10182: to=<email@removed>,
delay=00:00:05, xdelay=00:00:01, mailer=local, $
Nov 20 11:26:15 dom1 sendmail[10240]: LAA10240: from=<email@removed>,
size=1003, class=0, pri=31003, nrcpts=1, msgid=<000101c0$
Nov 20 11:26:15 dom1 sendmail[10242]: LAA10240: to=<email@removed>,
ctladdr=<email@removed> (631/100), delay=00:$
Nov 20 11:26:38 dom1 sendmail[10243]: LAA10243: from=<email@removed>,
size=102079, class=0, pri=162079, nrcpts=2, msgid=<00020$
Nov 20 11:30:04 dom1 imapd[10476]: Login failure user=Active_Monitor_69
host=localhost [127.0.0.1]
Nov 20 11:30:07 dom1 imapd[10476]: command stream end of file, while reading
line user=Active_Monitor_69 host=localhost [127.0.0.1]
Nov 20 11:30:21 dom1 sendmail[10503]: /etc/sendmail.cf: WARNING: dangerous
write permissions
Nov 20 11:30:22 dom1 sendmail[10503]: LAA10503: from=root, size=526,
class=0, pri=60526, nrcpts=2, msgid=<200011200330.LAA10503@dom$
Nov 20 11:30:26 dom1 sendmail[10505]: LAA10503: to=email@removed,
ctladdr=root (0/0), delay=00:00:04, xdelay=00:00:04, mailer=$
Nov 20 11:30:26 dom1 sendmail[10505]: LAA10503: to=admin, ctladdr=root
(0/0), delay=00:00:04, xdelay=00:00:00, mailer=local, stat=S$
Nov 20 11:30:42 dom1 sendmail[9910]: LAA09910: collect: premature EOM:
Connection reset by domain.removed
Nov 20 11:30:42 dom1 sendmail[9910]: LAA09910: SYSERR(root): collect: I/O
error on connection from domain.removed, from=<sentto-123$
Nov 20 11:30:42 dom1 sendmail[9910]: LAA09910:
from=<sentto-1235603-3180-974651690-eloise=email@removed>, size=8$
/etc/sendmail.cf: WARNING: dangerous write permissions <-- could it be this,
I've had this message for a while but it never killed sendmail like is is
currently doing
Is this problem part of an exploit or is sendmail screwed?
If any one can help, id love some advice.
Benjamin