Major system emails generated
Posted: 29 Nov 2014, 14:02
First of all, I'd like to say I am most impressed with the work done on CSF, it's leaps and bounds ahead of manually editing iptables at the command prompt. Especially for someone who isn't very strong in linux. With that said..
We have a new server build of Ubuntu 10 LTS, which originally came with a DirectAdmin control panel. DA had huge issues in getting along with Webmin, so the ISP rebuilt the server and did not install DA.
We put in Webmin and Virtualmin, and then installed CSF. Other than taking the system out of testing mode, and white listing my ip address, and changing one setting for log file reporting, nothing much else has been done.
But there is something majorly wrong. Within seconds of booting the server, our email system is generating WAY too much stuff about issues with CSF and LFD. At present, its been up for about 2 minutes and I have over 50 emails generated, most of them about excessive resource usage in multiple modules (clamav, www-data etc ), suspicious processes running under multiple modules (mysql, dovecot, www-data etc) ... oh, and 1 blocked IP from China (yeah!)
Since we are still setting up and configuring the server, I shut it down before bed. Yesterday it was up for about 6 hours, and there were in excess of 400 emails of these same sorts of things.
Whats going on? Some advice would be great. We certainly cant run the server under these conditions...
We have a new server build of Ubuntu 10 LTS, which originally came with a DirectAdmin control panel. DA had huge issues in getting along with Webmin, so the ISP rebuilt the server and did not install DA.
We put in Webmin and Virtualmin, and then installed CSF. Other than taking the system out of testing mode, and white listing my ip address, and changing one setting for log file reporting, nothing much else has been done.
But there is something majorly wrong. Within seconds of booting the server, our email system is generating WAY too much stuff about issues with CSF and LFD. At present, its been up for about 2 minutes and I have over 50 emails generated, most of them about excessive resource usage in multiple modules (clamav, www-data etc ), suspicious processes running under multiple modules (mysql, dovecot, www-data etc) ... oh, and 1 blocked IP from China (yeah!)
Since we are still setting up and configuring the server, I shut it down before bed. Yesterday it was up for about 6 hours, and there were in excess of 400 emails of these same sorts of things.
Whats going on? Some advice would be great. We certainly cant run the server under these conditions...