• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Slower than molassas - Qmail problem?

M

mrshlomi

Guest
My server (running RH 7.3 and PSA reloaded 7.5) started running extremly slow a couple days ago. Checking with the top command, it seems that there is a whole slew of qmail-smtpd running, which I think is slowing things down. Things are going so slow it takes 10 minutes to load the control panel, and it occasionaly does not open at all. Any suggestions?

Tia,

Sid

Here is a sample of the first page of the top results:

11:00am up 3 days, 11:18, 1 user, load average: 288.13, 284.57, 277.73
532 processes: 228 sleeping, 289 running, 14 zombie, 1 stopped
CPU states: 98.4% user, 1.5% system, 0.0% nice, 0.0% idle
Mem: 578752K av, 531164K used, 47588K free, 0K shrd, 102140K buff
Swap: 1172704K av, 62108K used, 1110596K free 177760K cached

PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME COMMAND
1497 qmaild 20 0 788 728 572 R 0.7 0.1 3:05 qmail-smtpd
2341 qmaild 20 0 788 784 572 R 0.7 0.1 3:03 qmail-smtpd
4291 qmaild 20 0 792 788 572 R 0.7 0.1 2:56 qmail-smtpd
7116 qmaild 20 0 788 784 572 R 0.7 0.1 2:45 qmail-smtpd
11822 qmaild 20 0 788 664 572 R 0.7 0.1 2:30 qmail-smtpd
12455 qmaild 20 0 788 784 572 R 0.7 0.1 2:27 qmail-smtpd
13556 qmaild 20 0 792 788 572 R 0.7 0.1 2:20 qmail-smtpd
15895 qmaild 20 0 788 784 572 R 0.7 0.1 2:13 qmail-smtpd
16752 qmaild 20 0 788 784 572 R 0.7 0.1 2:09 qmail-smtpd
16837 qmaild 20 0 788 784 572 R 0.7 0.1 2:09 qmail-smtpd
17839 qmaild 20 0 788 784 572 R 0.7 0.1 2:05 qmail-smtpd
18270 qmaild 20 0 788 784 572 R 0.7 0.1 2:03 qmail-smtpd
18950 qmaild 20 0 792 788 572 R 0.7 0.1 2:00 qmail-smtpd
21522 qmaild 20 0 792 788 572 R 0.7 0.1 1:52 qmail-smtpd
21554 qmaild 20 0 792 788 572 R 0.7 0.1 1:51 qmail-smtpd
21722 qmaild 20 0 792 788 572 R 0.7 0.1 1:51 qmail-smtpd
22268 qmaild 20 0 784 780 572 R 0.7 0.1 1:48 qmail-smtpd
23312 qmaild 19 0 788 752 572 R 0.7 0.1 1:46 qmail-smtpd
24204 qmaild 20 0 792 788 572 R 0.7 0.1 1:45 qmail-smtpd
24548 qmaild 20 0 792 788 572 R 0.7 0.1 1:44 qmail-smtpd
24603 qmaild 20 0 788 784 572 R 0.7 0.1 1:44 qmail-smtpd
25833 qmaild 20 0 788 784 572 R 0.7 0.1 1:43 qmail-smtpd
28426 qmaild 20 0 788 784 572 R 0.7 0.1 1:38 qmail-smtpd
30783 qmaild 20 0 788 768 572 R 0.7 0.1 1:32 qmail-smtpd
31648 qmaild 20 0 788 784 572 R 0.7 0.1 1:29 qmail-smtpd
4754 qmaild 20 0 792 664 572 R 0.7 0.1 1:10 qmail-smtpd
5276 qmaild 20 0 788 784 572 R 0.7 0.1 1:09 qmail-smtpd
6680 qmaild 20 0 788 784 572 R 0.7 0.1 1:05 qmail-smtpd
10878 qmaild 20 0 1112 984 892 R 0.7 0.1 0:51 qmail-smtpd
11635 qmaild 20 0 1108 1104 892 R 0.7 0.1 0:50 qmail-smtpd
13350 qmaild 20 0 1112 1108 892 R 0.7 0.1 0:43 qmail-smtpd
14387 qmaild 20 0 1108 1104 892 R 0.7 0.1 0:40 qmail-smtpd
16051 qmaild 20 0 1108 1104 892 R 0.7 0.1 0:36 qmail-smtpd
17998 qmaild 20 0 1172 1168 956 R 0.7 0.2 0:31 qmail-smtpd
19030 qmaild 19 0 1172 1084 956 R 0.7 0.1 0:28 qmail-smtpd
20134 qmaild 20 0 1172 1148 956 R 0.7 0.1 0:27 qmail-smtpd
21088 qmaild 20 0 1176 1172 956 R 0.7 0.2 0:26 qmail-smtpd
Click to expand...
 
tail -f /usr/local/psa/var/log/maillog

use this command to get an idea of what qmail is doing this will point you in the direction of what you need to check
 
I dont really understand everything I saw there, except that one of the domains on the server is getting a huge amount of spam... Any way to limit that? Another things I saw over and over was the following...

Mar 16 23:53:32 server19 qmail-queue: dwlib[30887]: mail: all addreses are uncheckable - need to skip scanning (by deny mode)

Mar 16 23:53:32 server19 qmail-queue: dwlib[30887]: scan: the message(drweb.tmp.vdBbM0) sent by IMCEANOTES-Peter+20Baxter_HEALTHCARE+40HEALTHCARE+40NORWICHUNION@morleyfm.com to [email protected] should be passed without checks, because contains uncheckable addresses
Click to expand...

What can I do to stop the server from getting overloaded? Its going so slow I cant usually load the Plesk CP anymore.

Thanks!
 
some ideas for you,

sent the domains catch-all account to reject this could cause the client problems if they are using it though

turn qmail off and let the load die down and then log into plesk and make any alterations, and then restart qmail once you have changed the things you need to

setup MAPS to see if that helps

turn virus scanning off on the domain in question as this will reduce load

black list the email addresses that are sending the spam
 
How can I turn off qmail to do that? I already have MAPS working, though it does not seem to be doing much good. I will disable the virus scanning and see if that helps.

Thanks
 
service qmail stop

this will shut down qmail and stop it from accepting emails, all emails being sent you you clients will be stored on the sending server until you start it again using service qmail start

be warned though your going to have a large influx of email as soon as you turn it back on that will cause the load to spike
 
Tried that, the server is stil overloaded like crazy, here is a partial output of PS AUX | More. For some reason the load levels are up to 500 when they are normally at 30 or so. What else can I try to get this under control? I cant log into the CP without rebooting first.

Thanks,

Sid

Code: 
[root]# ps aux | more
USER       PID %CPU %MEM   VSZ  RSS TTY      STAT START   TIME COMMAND
root         1  0.4  0.0  1376  484 ?        S    06:29   0:03 init
root         2  0.0  0.0     0    0 ?        SW   06:29   0:00 [keventd]
root         3  0.0  0.0     0    0 ?        SW   06:29   0:00 [kapmd]
root         4  0.0  0.0     0    0 ?        SWN  06:29   0:00 [ksoftirqd_CPU0]
root         5  0.0  0.0     0    0 ?        SW   06:29   0:00 [kswapd]
root         6  0.0  0.0     0    0 ?        SW   06:29   0:00 [kscand/DMA]
root         7  0.0  0.0     0    0 ?        SW   06:29   0:00 [kscand/Normal]
root         8  0.0  0.0     0    0 ?        SW   06:29   0:00 [kscand/HighMem]
root         9  0.0  0.0     0    0 ?        SW   06:29   0:00 [bdflush]
root        10  0.0  0.0     0    0 ?        SW   06:29   0:00 [kupdated]
root        11  0.0  0.0     0    0 ?        SW<  06:29   0:00 [mdrecoveryd]
root        18  0.0  0.0     0    0 ?        SW<  06:29   0:00 [raid5d]
root        19  0.0  0.0     0    0 ?        SW   06:29   0:00 [kjournald]
root        99  0.0  0.0     0    0 ?        SW   06:29   0:00 [khubd]
root       236  0.0  0.0     0    0 ?        SW   06:29   0:00 [kjournald]
root       237  0.0  0.0     0    0 ?        SW   06:29   0:00 [kjournald]
root       238  0.0  0.0     0    0 ?        SW   06:29   0:00 [kjournald]
root       239  0.0  0.0     0    0 ?        SW   06:29   0:00 [kjournald]
root       761  0.0  0.0     0    0 ?        SW   06:30   0:00 [eth0]
root       946  0.0  0.0  1428  540 ?        S    06:32   0:00 syslogd -m 0
root       951  0.0  0.0  1364  440 ?        S    06:32   0:00 klogd -x
rpc        971  0.0  0.0  1508  536 ?        S    06:32   0:00 portmap
rpcuser    999  0.0  0.1  1568  712 ?        S    06:32   0:00 rpc.statd
root      1111  0.0  0.0  1360  472 ?        S    06:32   0:00 /usr/sbin/apmd -p
named     1164  0.0  0.6 11620 3752 ?        S    06:32   0:00 named -u named -c
named     1166  0.0  0.6 11620 3752 ?        S    06:32   0:00 named -u named -c
named     1167  0.2  0.6 11620 3752 ?        S    06:32   0:01 named -u named -c
named     1168  0.0  0.6 11620 3752 ?        S    06:32   0:00 named -u named -c
named     1169  0.0  0.6 11620 3752 ?        S    06:32   0:00 named -u named -c
root      1189  0.0  0.2  2632 1248 ?        S    06:32   0:00 /usr/sbin/sshd
root      1223  0.0  0.1  2288 1056 ?        S    06:32   0:00 xinetd -stayalive
root      1261  0.0  0.2  2440 1184 ?        S    06:32   0:00 /bin/sh /usr/bin/
mysql     1309  0.0  1.0 29288 6204 ?        S    06:32   0:00 /usr/libexec/mysq
mysql     1311  0.0  1.0 29288 6204 ?        S    06:32   0:00 /usr/libexec/mysq
mysql     1312  0.0  1.0 29288 6204 ?        S    06:32   0:00 /usr/libexec/mysq
mysql     1313  0.0  1.0 29288 6204 ?        S    06:32   0:00 /usr/libexec/mysq
popuser   1315  0.1  3.1 20224 18268 ?       S    06:32   0:00 /usr/bin/spamd -u
root      1338  0.0  0.0  1576  576 ?        S    06:32   0:00 /usr/lib/courier-
root      1341  0.0  0.0  1344  304 ?        S    06:32   0:00 /usr/lib/courier-
root      1350  0.0  0.0  1572  576 ?        S    06:32   0:00 /usr/lib/courier-
root      1353  0.0  0.0  1348  308 ?        S    06:32   0:00 /usr/lib/courier-
root      1360  0.0  0.1  1576  584 ?        S    06:32   0:00 /usr/lib/courier-
root      1362  0.0  0.0  1364  416 ?        S    06:32   0:00 /usr/lib/courier-
root      1371  0.0  0.0  1568  572 ?        S    06:32   0:00 /usr/lib/courier-
root      1373  0.0  0.0  1344  304 ?        S    06:32   0:00 /usr/lib/courier-
qmailr    1392  0.0  0.0  1384  340 ?        S    06:32   0:00 qmail-rspawn
tomcat4   1448  0.9  4.8 236552 28088 ?      S    06:32   0:06 /usr/java/j2sdk1.
tomcat4   1479  0.0  4.8 236552 28088 ?      S    06:32   0:00 /usr/java/j2sdk1.
tomcat4   1480  0.1  4.8 236552 28088 ?      S    06:32   0:00 /usr/java/j2sdk1.
tomcat4   1493  0.0  4.8 236552 28088 ?      S    06:32   0:00 /usr/java/j2sdk1.
tomcat4   1494  0.0  4.8 236552 28088 ?      S    06:32   0:00 /usr/java/j2sdk1.
root      1500  0.0  0.0  1404  440 ?        S    06:32   0:00 gpm -t ps/2 -m /d
qmailr    1512  0.0  0.2  2524 1164 ?        S    06:32   0:00 qmail-remote flas
tomcat4   1534  0.0  4.8 236552 28088 ?      S    06:32   0:00 /usr/java/j2sdk1.
qmaild    1536  6.1  0.2  2468 1180 ?        R    06:32   0:42 /var/qmail/bin/qm
tomcat4   1537  0.0  4.8 236552 28088 ?      S    06:32   0:00 /usr/java/j2sdk1.
tomcat4   1538  0.1  4.8 236552 28088 ?      S    06:32   0:01 /usr/java/j2sdk1.
tomcat4   1539  0.0  4.8 236552 28088 ?      S    06:32   0:00 /usr/java/j2sdk1.
qmailr    1615  0.0  0.1  2504  748 ?        S    06:32   0:00 qmail-remote nyc-
qmailr    1649  0.0  0.1  2508  752 ?        S    06:32   0:00 qmail-remote deci
qmailr    1652  0.0  0.2  2520 1160 ?        S    06:32   0:00 qmail-remote buff
qmaild    1653  5.8  0.2  2468 1180 ?        R    06:32   0:38 /var/qmail/bin/qm
tomcat4   1691  0.0  4.8 236552 28088 ?      S    06:32   0:00 /usr/java/j2sdk1.
tomcat4   1695  0.0  4.8 236552 28088 ?      S    06:32   0:00 /usr/java/j2sdk1.
postgres  1754  0.0  0.3  8136 1800 ?        S    06:32   0:00 /usr/bin/postmast
postgres  1756  0.0  0.3  9128 1784 ?        S    06:32   0:00 postgres: stats b
tomcat4   1757  0.0  4.8 236552 28088 ?      S    06:32   0:00 /usr/java/j2sdk1.
postgres  1758  0.0  0.3  8160 1816 ?        S    06:32   0:00 postgres: stats c
tomcat4   1844  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1845  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1847  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1848  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1849  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1852  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1853  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1854  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1856  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
root      1850  0.0  0.7 11424 4488 ?        S    06:33   0:00 /usr/local/psa/ad
tomcat4   1858  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1863  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1864  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1865  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1866  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1870  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1878  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1879  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1880  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1881  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
tomcat4   1882  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
qmaild    1883  0.0  0.1  2372  600 ?        S    06:33   0:00 /var/qmail/bin/qm
qmaild    1884  0.0  0.1  2372  600 ?        S    06:33   0:00 /var/qmail/bin/qm
tomcat4   1885  0.0  4.8 236552 28088 ?      S    06:33   0:00 /usr/java/j2sdk1.
qmaild    1886  0.0  0.1  2372  600 ?        S    06:33   0:00 /var/qmail/bin/qm
qmaild    1887  0.0  0.1  2372  600 ?        S    06:33   0:00 /var/qmail/bin/qm
qmaild    1888  0.0  0.1  2372  600 ?        S    06:33   0:00 /var/qmail/bin/qm
qmaild    1915  0.0  0.1  2372  600 ?        S    06:33   0:00 /var/qmail/bin/qm
qmaild    1921  0.0  0.1  2376  600 ?        S    06:33   0:00 /var/qmail/bin/qm
qmaild    1923  0.0  0.1  2376  600 ?        S    06:33   0:00 /var/qmail/bin/qm
drweb     1944  0.0  1.0  7572 5948 ?        S    06:33   0:00 /opt/drweb/drwebd
root      1962  0.0  0.1  1556  656 ?        S    06:33   0:00 crond
xfs       2014  0.0  0.5  4496 3148 ?        S    06:33   0:00 xfs -droppriv -da
daemon    2050  0.0  0.0  1404  516 ?        S    06:33   0:00 /usr/sbin/atd
root      2071  0.0  0.1  1640  624 ?        S    06:33   0:00 rhnsd --interval
root      2075  0.0  0.0  1344  396 tty1     S    06:33   0:00 /sbin/mingetty tt
root      2076  0.0  0.0  1344  396 tty2     S    06:33   0:00 /sbin/mingetty tt
 
when I run the top command, I normally have very few processes running. It now seems that qmail-smtpd is running hundreds of times. When its up for a few days, it gets up to about 800 active processes. any ideas of what I can try?
 
it sounds like something is trying to send or your recieving lots of email, when you stoped qmail the load should have gone down as there is no program to deal with email running,

maybe your being spammed or someone is using your server to spam ???
 
I thought it was possible the server is being spammed, I turned off a bunch of the catch all accounts. I diddnt see a noticable decrease in traffic though.

Sid
 
best solution i have for you at the moment is to turn off all the plesk related services and your load will drop and then restart them one by one and see which services causes your load to jump.

there will be something in one of the logs about this and i think it might be your maillog as your telling me that there are 100's of qmail-send's
 
You must log in or register to reply here.

Similar threads

T
Issue Mysql server under pressure (too much ?)
2
Replies
27
Views
4K
Teal_cfr
T
Q
Resolved problem with ram server
Replies
8
Views
2K
Qusay
Q
Vik P
Issue Higher memory usage - Memory Maxing out | Need Help ASAP
Replies
2
Views
4K
iHuman
I
F
Resolved Hard Drive - Status Red??
Replies
2
Views
1K
Filipe Silva
F
I
Issue MAILER-DAEMON
Replies
0
Views
2K
Ickov
I
Back
Top