Skip to main content

How to interpret Excessive Resources Email

Frankenstone
Hey Guys, today i become the following message to my Support Board and wanna ask, how to interpret this. (Do not just the solution but how can I interpret that). Cauz the listed ip.addresses are from any Asian Server. In CPHulk all Asian Countrys are blacklisted - didnt CPHulk should ban him before he can do this? Time: Thu Jan 17 20:19:23 2019 +0100 PID: 349 (Parent PID:23453) Account: myuser Uptime: 23012 seconds Executable: /usr/local/cpanel/3rdparty/perl/526/bin/perl Command Line (often faked in exploits): spamd child Network connections by the process (if any): tcp: 127.0.0.1:783 -> 127.0.0.1:54824 udp: 116.203.54.42:32243 -> 213.133.99.99:53 tcp: 116.203.54.42:52674 -> 208.83.137.115:2703 Files open by the process (if any): /dev/null /usr/local/cpanel/logs/spamd_error_log /usr/local/cpanel/logs/spamd_error_log /usr/local/cpanel/3rdparty/perl/526/bin/spamd /var/cpanel/locale/en.cdb /mnt/volume-c1/home/myuser/.razor/razor-agent.log Memory maps by the process (if any): 00400000-00402000 r-xp 00000000 08:01 253030 /usr/local/cpanel/3rdparty/perl/526/bin/perl 00601000-00602000 r--p 00001000 08:01 253030 /usr/local/cpanel/3rdparty/perl/526/bin/perl 00602000-00603000 rw-p 00002000 08:01 253030 /usr/local/cpanel/3rdparty/perl/526/bin/perl 00e88000-06a14000 rw-p 00000000 00:00 0 [heap] 06a14000-07194000 rw-p 00000000 00:00 0 [heap] 2ae7fa0ea000-2ae7fa10c000 r-xp 00000000 08:01 4274 /usr/lib64/ld-2.17.so 2ae7fa10c000-2ae7fa10d000 rw-p 00000000 00:00 0 2ae7fa117000-2ae7fa11d000 rw-p 00000000 00:00 0 2ae7fa11d000-2ae7fa152000 r--s 00000000 08:01 259300 /var/db/nscd/hosts 2ae7fa173000-2ae7fa17c000 rw-p 00000000 00:00 0 2ae7fa17c000-2ae7fa1b1000 r--s 00000000 08:01 259188 /var/db/nscd/passwd 2ae7fa1b1000-2ae7fa2c3000 rw-p 00000000 00:00 0 2ae7fa2c3000-2ae7fa2f8000 r--s 00000000 08:01 259301 /var/db/nscd/services 2ae7fa30b000-2ae7fa30c000 r--p 00021000 08:01 4274 /usr/lib64/ld-2.17.so 2ae7fa30c000-2ae7fa30d000 rw-p 00022000 08:01 4274 /usr/lib64/ld-2.17.so 2ae7fa30d000-2ae7fa30e000 rw-p 00000000 00:00 0 2ae7fa30e000-2ae7fa315000 r-xp 00000000 08:01 5871 /usr/lib64/libgdbm.so.4.0.0 2ae7fa315000-2ae7fa515000 ---p 00007000 08:01 5871 /usr/lib64/libgdbm.so.4.0.0 2ae7fa515000-2ae7fa516000 r--p 00007000 08:01 5871 /usr/lib64/libgdbm.so.4.0.0 2ae7fa516000-2ae7fa517000 rw-p 00008000 08:01 5871 /usr/lib64/libgdbm.so.4.0.0 2ae7fa517000-2ae7fa6ae000 r-xp 00000000 08:01 252821 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/CORE/libperl.so 2ae7fa6ae000-2ae7fa8ad000 ---p 00197000 08:01 252821 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/CORE/libperl.so 2ae7fa8ad000-2ae7fa8b3000 r--p 00196000 08:01 252821 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/CORE/libperl.so 2ae7fa8b3000-2ae7fa8b7000 rw-p 0019c000 08:01 252821 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/CORE/libperl.so 2ae7fa8b7000-2ae7fa8b8000 rw-p 00000000 00:00 0 2ae7fa8b8000-2ae7fa8cf000 r-xp 00000000 08:01 4307 /usr/lib64/libpthread-2.17.so 2ae7fa8cf000-2ae7faace000 ---p 00017000 08:01 4307 /usr/lib64/libpthread-2.17.so 2ae7faace000-2ae7faacf000 r--p 00016000 08:01 4307 /usr/lib64/libpthread-2.17.so 2ae7faacf000-2ae7faad0000 rw-p 00017000 08:01 4307 /usr/lib64/libpthread-2.17.so 2ae7faad0000-2ae7faad4000 rw-p 00000000 00:00 0 2ae7faad4000-2ae7faaea000 r-xp 00000000 08:01 4291 /usr/lib64/libnsl-2.17.so 2ae7faaea000-2ae7facea000 ---p 00016000 08:01 4291 /usr/lib64/libnsl-2.17.so 2ae7facea000-2ae7faceb000 r--p 00016000 08:01 4291 /usr/lib64/libnsl-2.17.so 2ae7faceb000-2ae7facec000 rw-p 00017000 08:01 4291 /usr/lib64/libnsl-2.17.so 2ae7facec000-2ae7facee000 rw-p 00000000 00:00 0 2ae7facee000-2ae7facf0000 r-xp 00000000 08:01 4287 /usr/lib64/libdl-2.17.so 2ae7facf0000-2ae7faef0000 ---p 00002000 08:01 4287 /usr/lib64/libdl-2.17.so 2ae7faef0000-2ae7faef1000 r--p 00002000 08:01 4287 /usr/lib64/libdl-2.17.so 2ae7faef1000-2ae7faef2000 rw-p 00003000 08:01 4287 /usr/lib64/libdl-2.17.so 2ae7faef2000-2ae7faff3000 r-xp 00000000 08:01 4289 /usr/lib64/libm-2.17.so 2ae7faff3000-2ae7fb1f2000 ---p 00101000 08:01 4289 /usr/lib64/libm-2.17.so 2ae7fb1f2000-2ae7fb1f3000 r--p 00100000 08:01 4289 /usr/lib64/libm-2.17.so 2ae7fb1f3000-2ae7fb1f4000 rw-p 00101000 08:01 4289 /usr/lib64/libm-2.17.so 2ae7fb1f4000-2ae7fb1fc000 r-xp 00000000 08:01 4285 /usr/lib64/libcrypt-2.17.so 2ae7fb1fc000-2ae7fb3fb000 ---p 00008000 08:01 4285 /usr/lib64/libcrypt-2.17.so 2ae7fb3fb000-2ae7fb3fc000 r--p 00007000 08:01 4285 /usr/lib64/libcrypt-2.17.so 2ae7fb3fc000-2ae7fb3fd000 rw-p 00008000 08:01 4285 /usr/lib64/libcrypt-2.17.so 2ae7fb3fd000-2ae7fb42b000 rw-p 00000000 00:00 0 2ae7fb42b000-2ae7fb42d000 r-xp 00000000 08:01 4315 /usr/lib64/libutil-2.17.so 2ae7fb42d000-2ae7fb62c000 ---p 00002000 08:01 4315 /usr/lib64/libutil-2.17.so 2ae7fb62c000-2ae7fb62d000 r--p 00001000 08:01 4315 /usr/lib64/libutil-2.17.so 2ae7fb62d000-2ae7fb62e000 rw-p 00002000 08:01 4315 /usr/lib64/libutil-2.17.so 2ae7fb62e000-2ae7fb7f0000 r-xp 00000000 08:01 4281 /usr/lib64/libc-2.17.so 2ae7fb7f0000-2ae7fb9f0000 ---p 001c2000 08:01 4281 /usr/lib64/libc-2.17.so 2ae7fb9f0000-2ae7fb9f4000 r--p 001c2000 08:01 4281 /usr/lib64/libc-2.17.so 2ae7fb9f4000-2ae7fb9f6000 rw-p 001c6000 08:01 4281 /usr/lib64/libc-2.17.so 2ae7fb9f6000-2ae7fb9fb000 rw-p 00000000 00:00 0 2ae7fb9fb000-2ae7fb9fd000 r-xp 00000000 08:01 3666 /usr/lib64/libfreebl3.so 2ae7fb9fd000-2ae7fbbfc000 ---p 00002000 08:01 3666 /usr/lib64/libfreebl3.so 2ae7fbbfc000-2ae7fbbfd000 r--p 00001000 08:01 3666 /usr/lib64/libfreebl3.so 2ae7fbbfd000-2ae7fbbfe000 rw-p 00002000 08:01 3666 /usr/lib64/libfreebl3.so 2ae7fbbfe000-2ae7fbc65000 r-xp 00000000 08:01 253020 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/re/re.so 2ae7fbc65000-2ae7fbe64000 ---p 00067000 08:01 253020 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/re/re.so 2ae7fbe64000-2ae7fbe65000 r--p 00066000 08:01 253020 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/re/re.so 2ae7fbe65000-2ae7fbe66000 rw-p 00067000 08:01 253020 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/re/re.so 2ae7fbe66000-2ae7fbe6b000 r-xp 00000000 08:01 752405 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Socket6/Socket6.so 2ae7fbe6b000-2ae7fc06a000 ---p 00005000 08:01 752405 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Socket6/Socket6.so 2ae7fc06a000-2ae7fc06b000 r--p 00004000 08:01 752405 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Socket6/Socket6.so 2ae7fc06b000-2ae7fc06c000 rw-p 00005000 08:01 752405 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Socket6/Socket6.so 2ae7fc06c000-2ae7fc074000 r-xp 00000000 08:01 253008 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Socket/Socket.so 2ae7fc074000-2ae7fc273000 ---p 00008000 08:01 253008 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Socket/Socket.so 2ae7fc273000-2ae7fc275000 r--p 00007000 08:01 253008 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Socket/Socket.so 2ae7fc275000-2ae7fc276000 rw-p 00009000 08:01 253008 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Socket/Socket.so 2ae7fc276000-2ae7fc27a000 r-xp 00000000 08:01 252995 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/IO/IO.so 2ae7fc27a000-2ae7fc479000 ---p 00004000 08:01 252995 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/IO/IO.so 2ae7fc479000-2ae7fc47a000 r--p 00003000 08:01 252995 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/IO/IO.so 2ae7fc47a000-2ae7fc47b000 rw-p 00004000 08:01 252995 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/IO/IO.so 2ae7fc47b000-2ae7fc487000 r-xp 00000000 08:01 4299 /usr/lib64/libnss_files-2.17.so 2ae7fc487000-2ae7fc686000 ---p 0000c000 08:01 4299 /usr/lib64/libnss_files-2.17.so 2ae7fc686000-2ae7fc687000 r--p 0000b000 08:01 4299 /usr/lib64/libnss_files-2.17.so 2ae7fc687000-2ae7fc688000 rw-p 0000c000 08:01 4299 /usr/lib64/libnss_files-2.17.so 2ae7fc688000-2ae7fc68e000 rw-p 00000000 00:00 0 2ae7fc68e000-2ae7fc691000 r-xp 00000000 08:01 252987 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Fcntl/Fcntl.so 2ae7fc691000-2ae7fc891000 ---p 00003000 08:01 252987 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Fcntl/Fcntl.so 2ae7fc891000-2ae7fc892000 r--p 00003000 08:01 252987 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Fcntl/Fcntl.so 2ae7fc892000-2ae7fc893000 rw-p 00004000 08:01 252987 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Fcntl/Fcntl.so 2ae7fc893000-2ae7fc8a8000 r-xp 00000000 08:01 253002 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/POSIX/POSIX.so 2ae7fc8a8000-2ae7fcaa7000 ---p 00015000 08:01 253002 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/POSIX/POSIX.so 2ae7fcaa7000-2ae7fcaaa000 r--p 00014000 08:01 253002 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/POSIX/POSIX.so 2ae7fcaaa000-2ae7fcaab000 rw-p 00017000 08:01 253002 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/POSIX/POSIX.so 2ae7fcaab000-2ae7fcab1000 r-xp 00000000 08:01 253013 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Time/HiRes/HiRes.so 2ae7fcab1000-2ae7fccb0000 ---p 00006000 08:01 253013 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Time/HiRes/HiRes.so 2ae7fccb0000-2ae7fccb1000 r--p 00005000 08:01 253013 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Time/HiRes/HiRes.so 2ae7fccb1000-2ae7fccb2000 rw-p 00006000 08:01 253013 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Time/HiRes/HiRes.so 2ae7fccb2000-2ae7fccb9000 r-xp 00000000 08:01 4311 /usr/lib64/librt-2.17.so 2ae7fccb9000-2ae7fceb8000 ---p 00007000 08:01 4311 /usr/lib64/librt-2.17.so 2ae7fceb8000-2ae7fceb9000 r--p 00006000 08:01 4311 /usr/lib64/librt-2.17.so 2ae7fceb9000-2ae7fceba000 rw-p 00007000 08:01 4311 /usr/lib64/librt-2.17.so 2ae7fceba000-2ae7fcebd000 r-xp 00000000 08:01 252972 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Cwd/Cwd.so 2ae7fcebd000-2ae7fd0bc000 ---p 00003000 08:01 252972 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Cwd/Cwd.so 2ae7fd0bc000-2ae7fd0bd000 r--p 00002000 08:01 252972 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Cwd/Cwd.so 2ae7fd0bd000-2ae7fd0be000 rw-p 00003000 08:01 252972 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Cwd/Cwd.so 2ae7fd0be000-2ae7fd0bf000 r-xp 00000000 08:01 253010 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Sys/Hostname/Hostname.so 2ae7fd0bf000-2ae7fd2be000 ---p 00001000 08:01 253010 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Sys/Hostname/Hostname.so 2ae7fd2be000-2ae7fd2bf000 r--p 00000000 08:01 253010 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Sys/Hostname/Hostname.so 2ae7fd2bf000-2ae7fd2c0000 rw-p 00001000 08:01 253010 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Sys/Hostname/Hostname.so 2ae7fd2c0000-2ae7fd2c5000 r-xp 00000000 08:01 751859 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/NetAddr/IP/Util/Util.so 2ae7fd2c5000-2ae7fd4c4000 ---p 00005000 08:01 751859 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/NetAddr/IP/Util/Util.so 2ae7fd4c4000-2ae7fd4c5000 r--p 00004000 08:01 751859 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/NetAddr/IP/Util/Util.so 2ae7fd4c5000-2ae7fd4c6000 rw-p 00005000 08:01 751859 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/NetAddr/IP/Util/Util.so 2ae7fd4c6000-2ae7fd4c9000 r-xp 00000000 08:01 252998 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/MIME/Base64/Base64.so 2ae7fd4c9000-2ae7fd6c8000 ---p 00003000 08:01 252998 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/MIME/Base64/Base64.so 2ae7fd6c8000-2ae7fd6c9000 r--p 00002000 08:01 252998 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/MIME/Base64/Base64.so 2ae7fd6c9000-2ae7fd6ca000 rw-p 00003000 08:01 252998 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/MIME/Base64/Base64.so 2ae7fd6ca000-2ae7fd6cf000 r-xp 00000000 08:01 252989 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/File/Glob/Glob.so 2ae7fd6cf000-2ae7fd8ce000 ---p 00005000 08:01 252989 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/File/Glob/Glob.so 2ae7fd8ce000-2ae7fd8cf000 r--p 00004000 08:01 252989 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/File/Glob/Glob.so 2ae7fd8cf000-2ae7fd8d0000 rw-p 00005000 08:01 252989 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/File/Glob/Glob.so 2ae7fd8d0000-2ae7fd8d9000 r-xp 00000000 08:01 252977 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Digest/SHA/SHA.so 2ae7fd8d9000-2ae7fdad8000 ---p 00009000 08:01 252977 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Digest/SHA/SHA.so 2ae7fdad8000-2ae7fdad9000 r--p 00008000 08:01 252977 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Digest/SHA/SHA.so 2ae7fdad9000-2ae7fdada000 rw-p 00009000 08:01 252977 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Digest/SHA/SHA.so 2ae7fdada000-2ae7fdaea000 r-xp 00000000 08:01 751933 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/HTML/Parser/Parser.so 2ae7fdaea000-2ae7fdcea000 ---p 00010000 08:01 751933 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/HTML/Parser/Parser.so 2ae7fdcea000-2ae7fdceb000 r--p 00010000 08:01 751933 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/HTML/Parser/Parser.so 2ae7fdceb000-2ae7fdcec000 rw-p 00011000 08:01 751933 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/HTML/Parser/Parser.so 2ae7fdcec000-2ae7fdcf4000 r-xp 00000000 08:01 252981 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Encode/Encode.so 2ae7fdcf4000-2ae7fdef3000 ---p 00008000 08:01 252981 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Encode/Encode.so 2ae7fdef3000-2ae7fdef4000 r--p 00007000 08:01 252981 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Encode/Encode.so 2ae7fdef4000-2ae7fdef5000 rw-p 00008000 08:01 252981 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Encode/Encode.so 2ae7fdef5000-2ae7fdf0e000 r-xp 00000000 08:01 1379085 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Encode/Detect/Detector/Detector.so 2ae7fdf0e000-2ae7fe10e000 ---p 00019000 08:01 1379085 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Encode/Detect/Detector/Detector.so 2ae7fe10e000-2ae7fe10f000 r--p 00019000 08:01 1379085 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Encode/Detect/Detector/Detector.so 2ae7fe10f000-2ae7fe119000 rw-p 0001a000 08:01 1379085 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Encode/Detect/Detector/Detector.so 2ae7fe119000-2ae7fe202000 r-xp 00000000 08:01 4595 /usr/lib64/libstdc++.so.6.0.19 2ae7fe202000-2ae7fe401000 ---p 000e9000 08:01 4595 /usr/lib64/libstdc++.so.6.0.19 2ae7fe401000-2ae7fe409000 r--p 000e8000 08:01 4595 /usr/lib64/libstdc++.so.6.0.19 2ae7fe409000-2ae7fe40b000 rw-p 000f0000 08:01 4595 /usr/lib64/libstdc++.so.6.0.19 2ae7fe40b000-2ae7fe420000 rw-p 00000000 00:00 0 2ae7fe420000-2ae7fe435000 r-xp 00000000 08:01 6659 /usr/lib64/libgcc_s-4.8.5-20150702.so.1 2ae7fe435000-2ae7fe634000 ---p 00015000 08:01 6659 /usr/lib64/libgcc_s-4.8.5-20150702.so.1 2ae7fe634000-2ae7fe635000 r--p 00014000 08:01 6659 /usr/lib64/libgcc_s-4.8.5-20150702.so.1 2ae7fe635000-2ae7fe636000 rw-p 00015000 08:01 6659 /usr/lib64/libgcc_s-4.8.5-20150702.so.1 2ae7fe636000-2ae7fe63d000 r-xp 00000000 08:01 252974 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Data/Dumper/Dumper.so 2ae7fe63d000-2ae7fe83c000 ---p 00007000 08:01 252974 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Data/Dumper/Dumper.so 2ae7fe83c000-2ae7fe83d000 r--p 00006000 08:01 252974 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Data/Dumper/Dumper.so 2ae7fe83d000-2ae7fe83e000 rw-p 00007000 08:01 252974 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Data/Dumper/Dumper.so 2ae7fe83e000-2ae7fe843000 r-xp 00000000 08:01 1130648 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Net/LibIDN/LibIDN.so 2ae7fe843000-2ae7fea42000 ---p 00005000 08:01 1130648 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Net/LibIDN/LibIDN.so 2ae7fea42000-2ae7fea43000 r--p 00004000 08:01 1130648 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Net/LibIDN/LibIDN.so 2ae7fea43000-2ae7fea44000 rw-p 00005000 08:01 1130648 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Net/LibIDN/LibIDN.so 2ae7fea44000-2ae7fea76000 r-xp 00000000 08:01 5702 /usr/lib64/libidn.so.11.6.11 2ae7fea76000-2ae7fec75000 ---p 00032000 08:01 5702 /usr/lib64/libidn.so.11.6.11 2ae7fec75000-2ae7fec76000 r--p 00031000 08:01 5702 /usr/lib64/libidn.so.11.6.11 2ae7fec76000-2ae7fec77000 rw-p 00032000 08:01 5702 /usr/lib64/libidn.so.11.6.11 2ae7fec77000-2ae7fec81000 r-xp 00000000 08:01 252997 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/List/Util/Util.so 2ae7fec81000-2ae7fee80000 ---p 0000a000 08:01 252997 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/List/Util/Util.so 2ae7fee80000-2ae7fee81000 r--p 00009000 08:01 252997 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/List/Util/Util.so 2ae7fee81000-2ae7fee82000 rw-p 0000a000 08:01 252997 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/List/Util/Util.so 2ae7fee82000-2ae7fee85000 r-xp 00000000 08:01 253011 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Sys/Syslog/Syslog.so 2ae7fee85000-2ae7ff084000 ---p 00003000 08:01 253011 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Sys/Syslog/Syslog.so 2ae7ff084000-2ae7ff085000 r--p 00002000 08:01 253011 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Sys/Syslog/Syslog.so 2ae7ff085000-2ae7ff086000 rw-p 00003000 08:01 253011 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/Sys/Syslog/Syslog.so 2ae7ff086000-2ae7ff090000 r-xp 00000000 08:01 252973 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/DB_File/DB_File.so 2ae7ff090000-2ae7ff28f000 ---p 0000a000 08:01 252973 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/DB_File/DB_File.so 2ae7ff28f000-2ae7ff290000 r--p 00009000 08:01 252973 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/DB_File/DB_File.so 2ae7ff290000-2ae7ff291000 rw-p 0000a000 08:01 252973 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/5.26.0/x86_64-linux-64int/auto/DB_File/DB_File.so 2ae7ff291000-2ae7ff446000 r-xp 00000000 08:01 4779 /usr/lib64/libdb-5.3.so 2ae7ff446000-2ae7ff646000 ---p 001b5000 08:01 4779 /usr/lib64/libdb-5.3.so 2ae7ff646000-2ae7ff64d000 r--p 001b5000 08:01 4779 /usr/lib64/libdb-5.3.so 2ae7ff64d000-2ae7ff650000 rw-p 001bc000 08:01 4779 /usr/lib64/libdb-5.3.so 2ae7ff650000-2ae7ff655000 r-xp 00000000 08:01 633077 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Digest/SHA1/SHA1.so 2ae7ff655000-2ae7ff854000 ---p 00005000 08:01 633077 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Digest/SHA1/SHA1.so 2ae7ff854000-2ae7ff855000 r--p 00004000 08:01 633077 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Digest/SHA1/SHA1.so 2ae7ff855000-2ae7ff856000 rw-p 00005000 08:01 633077 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Digest/SHA1/SHA1.so 2ae7ff856000-2ae7ff85a000 r-xp 00000000 08:01 1379672 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Razor2/Preproc/deHTMLxs/deHTMLxs.so 2ae7ff85a000-2ae7ffa59000 ---p 00004000 08:01 1379672 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Razor2/Preproc/deHTMLxs/deHTMLxs.so 2ae7ffa59000-2ae7ffa5a000 r--p 00003000 08:01 1379672 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Razor2/Preproc/deHTMLxs/deHTMLxs.so 2ae7ffa5a000-2ae7ffa5b000 rw-p 00004000 08:01 1379672 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Razor2/Preproc/deHTMLxs/deHTMLxs.so 2ae7ffa5b000-2ae7ffabf000 r-xp 00000000 08:01 751706 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Net/SSLeay/SSLeay.so 2ae7ffabf000-2ae7ffcbe000 ---p 00064000 08:01 751706 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Net/SSLeay/SSLeay.so 2ae7ffcbe000-2ae7ffcbf000 r--p 00063000 08:01 751706 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Net/SSLeay/SSLeay.so 2ae7ffcbf000-2ae7ffcc1000 rw-p 00064000 08:01 751706 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Net/SSLeay/SSLeay.so 2ae7ffcc1000-2ae7ffd28000 r-xp 00000000 08:01 6771 /usr/lib64/libssl.so.1.0.2k 2ae7ffd28000-2ae7fff28000 ---p 00067000 08:01 6771 /usr/lib64/libssl.so.1.0.2k 2ae7fff28000-2ae7fff2c000 r--p 00067000 08:01 6771 /usr/lib64/libssl.so.1.0.2k 2ae7fff2c000-2ae7fff33000 rw-p 0006b000 08:01 6771 /usr/lib64/libssl.so.1.0.2k 2ae7fff33000-2ae800167000 r-xp 00000000 08:01 6769 /usr/lib64/libcrypto.so.1.0.2k 2ae800167000-2ae800367000 ---p 00234000 08:01 6769 /usr/lib64/libcrypto.so.1.0.2k 2ae800367000-2ae800383000 r--p 00234000 08:01 6769 /usr/lib64/libcrypto.so.1.0.2k 2ae800383000-2ae800390000 rw-p 00250000 08:01 6769 /usr/lib64/libcrypto.so.1.0.2k 2ae800390000-2ae800394000 rw-p 00000000 00:00 0 2ae800394000-2ae8003a9000 r-xp 00000000 08:01 4746 /usr/lib64/libz.so.1.2.7 2ae8003a9000-2ae8005a8000 ---p 00015000 08:01 4746 /usr/lib64/libz.so.1.2.7 2ae8005a8000-2ae8005a9000 r--p 00014000 08:01 4746 /usr/lib64/libz.so.1.2.7 2ae8005a9000-2ae8005aa000 rw-p 00015000 08:01 4746 /usr/lib64/libz.so.1.2.7 2ae8005aa000-2ae8005f4000 r-xp 00000000 08:01 7055 /usr/lib64/libgssapi_krb5.so.2.2 2ae8005f4000-2ae8007f4000 ---p 0004a000 08:01 7055 /usr/lib64/libgssapi_krb5.so.2.2 2ae8007f4000-2ae8007f5000 r--p 0004a000 08:01 7055 /usr/lib64/libgssapi_krb5.so.2.2 2ae8007f5000-2ae8007f7000 rw-p 0004b000 08:01 7055 /usr/lib64/libgssapi_krb5.so.2.2 2ae8007f7000-2ae8008d0000 r-xp 00000000 08:01 7065 /usr/lib64/libkrb5.so.3.3 2ae8008d0000-2ae800acf000 ---p 000d9000 08:01 7065 /usr/lib64/libkrb5.so.3.3 2ae800acf000-2ae800add000 r--p 000d8000 08:01 7065 /usr/lib64/libkrb5.so.3.3 2ae800add000-2ae800ae0000 rw-p 000e6000 08:01 7065 /usr/lib64/libkrb5.so.3.3 2ae800ae0000-2ae800ae3000 r-xp 00000000 08:01 4816 /usr/lib64/libcom_err.so.2.1 2ae800ae3000-2ae800ce2000 ---p 00003000 08:01 4816 /usr/lib64/libcom_err.so.2.1 2ae800ce2000-2ae800ce3000 r--p 00002000 08:01 4816 /usr/lib64/libcom_err.so.2.1 2ae800ce3000-2ae800ce4000 rw-p 00003000 08:01 4816 /usr/lib64/libcom_err.so.2.1 2ae800ce4000-2ae800cfd000 r-xp 00000000 08:01 7059 /usr/lib64/libk5crypto.so.3.1 2ae800cfd000-2ae800efc000 ---p 00019000 08:01 7059 /usr/lib64/libk5crypto.so.3.1 2ae800efc000-2ae800efe000 r--p 00018000 08:01 7059 /usr/lib64/libk5crypto.so.3.1 2ae800efe000-2ae800eff000 rw-p 0001a000 08:01 7059 /usr/lib64/libk5crypto.so.3.1 2ae800eff000-2ae800f0c000 r-xp 00000000 08:01 7067 /usr/lib64/libkrb5support.so.0.1 2ae800f0c000-2ae80110c000 ---p 0000d000 08:01 7067 /usr/lib64/libkrb5support.so.0.1 2ae80110c000-2ae80110d000 r--p 0000d000 08:01 7067 /usr/lib64/libkrb5support.so.0.1 2ae80110d000-2ae80110e000 rw-p 0000e000 08:01 7067 /usr/lib64/libkrb5support.so.0.1 2ae80110e000-2ae801111000 r-xp 00000000 08:01 5897 /usr/lib64/libkeyutils.so.1.5 2ae801111000-2ae801310000 ---p 00003000 08:01 5897 /usr/lib64/libkeyutils.so.1.5 2ae801310000-2ae801311000 r--p 00002000 08:01 5897 /usr/lib64/libkeyutils.so.1.5 2ae801311000-2ae801312000 rw-p 00003000 08:01 5897 /usr/lib64/libkeyutils.so.1.5 2ae801312000-2ae801328000 r-xp 00000000 08:01 4309 /usr/lib64/libresolv-2.17.so 2ae801328000-2ae801527000 ---p 00016000 08:01 4309 /usr/lib64/libresolv-2.17.so 2ae801527000-2ae801528000 r--p 00015000 08:01 4309 /usr/lib64/libresolv-2.17.so 2ae801528000-2ae801529000 rw-p 00016000 08:01 4309 /usr/lib64/libresolv-2.17.so 2ae801529000-2ae80152b000 rw-p 00000000 00:00 0 2ae80152b000-2ae80154f000 r-xp 00000000 08:01 4635 /usr/lib64/libselinux.so.1 2ae80154f000-2ae80174e000 ---p 00024000 08:01 4635 /usr/lib64/libselinux.so.1 2ae80174e000-2ae80174f000 r--p 00023000 08:01 4635 /usr/lib64/libselinux.so.1 2ae80174f000-2ae801750000 rw-p 00024000 08:01 4635 /usr/lib64/libselinux.so.1 2ae801750000-2ae801752000 rw-p 00000000 00:00 0 2ae801752000-2ae8017b2000 r-xp 00000000 08:01 4745 /usr/lib64/libpcre.so.1.2.0 2ae8017b2000-2ae8019b2000 ---p 00060000 08:01 4745 /usr/lib64/libpcre.so.1.2.0 2ae8019b2000-2ae8019b3000 r--p 00060000 08:01 4745 /usr/lib64/libpcre.so.1.2.0 2ae8019b3000-2ae8019b4000 rw-p 00061000 08:01 4745 /usr/lib64/libpcre.so.1.2.0 2ae8019b4000-2ae8019b7000 rw-p 00000000 00:00 0 2ae8019b7000-2ae8019bb000 r-xp 00000000 08:01 752201 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/BSD/Resource/Resource.so 2ae8019bb000-2ae801bba000 ---p 00004000 08:01 752201 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/BSD/Resource/Resource.so 2ae801bba000-2ae801bbb000 r--p 00003000 08:01 752201 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/BSD/Resource/Resource.so 2ae801bbb000-2ae801bbc000 rw-p 00004000 08:01 752201 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/BSD/Resource/Resource.so 2ae801bbc000-2ae801cdb000 r-xp 00000000 08:01 1388668 /var/lib/spamassassin/compiled/5.026/3.004002/auto/Mail/SpamAssassin/CompiledRegexps/body_0/body_0.so 2ae801cdb000-2ae801eda000 ---p 0011f000 08:01 1388668 /var/lib/spamassassin/compiled/5.026/3.004002/auto/Mail/SpamAssassin/CompiledRegexps/body_0/body_0.so 2ae801eda000-2ae801edb000 r--p 0011e000 08:01 1388668 /var/lib/spamassassin/compiled/5.026/3.004002/auto/Mail/SpamAssassin/CompiledRegexps/body_0/body_0.so 2ae801edb000-2ae801edc000 rw-p 0011f000 08:01 1388668 /var/lib/spamassassin/compiled/5.026/3.004002/auto/Mail/SpamAssassin/CompiledRegexps/body_0/body_0.so 2ae801edc000-2ae801fce000 rw-p 00000000 00:00 0 2ae801fce000-2ae801fd6000 r-xp 00000000 08:01 1131656 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Crypt/OpenSSL/Bignum/Bignum.so 2ae801fd6000-2ae8021d5000 ---p 00008000 08:01 1131656 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Crypt/OpenSSL/Bignum/Bignum.so 2ae8021d5000-2ae8021d6000 r--p 00007000 08:01 1131656 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Crypt/OpenSSL/Bignum/Bignum.so 2ae8021d6000-2ae8021d7000 rw-p 00008000 08:01 1131656 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Crypt/OpenSSL/Bignum/Bignum.so 2ae8021d7000-2ae8021de000 r-xp 00000000 08:01 1131758 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Crypt/OpenSSL/RSA/RSA.so 2ae8021de000-2ae8023dd000 ---p 00007000 08:01 1131758 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Crypt/OpenSSL/RSA/RSA.so 2ae8023dd000-2ae8023de000 r--p 00006000 08:01 1131758 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Crypt/OpenSSL/RSA/RSA.so 2ae8023de000-2ae8023df000 rw-p 00007000 08:01 1131758 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Crypt/OpenSSL/RSA/RSA.so 2ae8023df000-2ae802460000 rw-p 00000000 00:00 0 2ae802460000-2ae8024d8000 rw-p 00000000 00:00 0 2ae8024d8000-2ae8024de000 r-xp 00000000 08:01 253047 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/CDB_File/CDB_File.so 2ae8024de000-2ae8026dd000 ---p 00006000 08:01 253047 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/CDB_File/CDB_File.so 2ae8026dd000-2ae8026de000 r--p 00005000 08:01 253047 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/CDB_File/CDB_File.so 2ae8026de000-2ae8026df000 rw-p 00006000 08:01 253047 /usr/local/cpanel/3rdparty/perl/526/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/CDB_File/CDB_File.so 2ae8026df000-2ae802979000 r--s 00000000 08:01 132733 /var/cpanel/locale/en.cdb 7fff7b512000-7fff7b533000 rw-p 00000000 00:00 0 [stack] 7fff7b5a9000-7fff7b5ab000 r-xp 00000000 00:00 0 [vdso] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Thanks in advance. Greetings Frankenstone

Comments

2 comments

Date Votes
  • Infopro
    This may be of some use to you:
    0
  • fuzzylogic
    Where to start... The email with the contents you posted would have had an email subject of... lfd on host.name.com: Suspicious process running under user username lfd Excessive Resource Usage warning emails always have the 2 lines: Resource: Some Resource Exceeded: some measured value > the max allowed value (units) Your email does not have this. OK, so I will explain this lfd Suspicious process running warning email. Time: Thu Jan 17 20:19:23 2019 +0100 (OK) PID: 349 (Parent PID:23453) (OK. Process ID and Parent Process ID. Look them up in WHM System Health if you want) Account: myuser (OK. just your users usernname) Uptime: 23012 seconds (OK. Long uptime for process but Spamassassin holds these processes open waiting for connections) Executable: /usr/local/cpanel/3rdparty/perl/526/bin/perl (OK. Its just perl most server processes will be using it.) Command Line (often faked in exploits): spamd child (OK for a process by this name to exist. But as stated above this is not proof that it is legitimate) Network connections by the process (if any): tcp: 127.0.0.1:783 -> 127.0.0.1:54824 (OK. Network request from localhost to localhost) udp: 116.203.54.42:32243 -> 213.133.99.99:53 (outgoing connection from your server's ip to DNS server for Hertzner Data Centers) (Likely a DNS lokup for the Cloudmark IP) (OK if this is expected) tcp: 116.203.54.42:52674 -> 208.83.137.115:2703 (outgoing connection from your server's ip to Cloudmark IP reputation system) (OK if this is expected) Files open by the process (if any): /dev/null (OK. Not unexpected) /usr/local/cpanel/logs/spamd_error_log (OK. Not unexpected) /usr/local/cpanel/logs/spamd_error_log (OK. Not unexpected) /usr/local/cpanel/3rdparty/perl/526/bin/spamd (OK. Not unexpected) /var/cpanel/locale/en.cdb (OK. Not unexpected) /mnt/volume-c1/home/myuser/.razor/razor-agent.log (OK. Not unexpected, razor is a spamassassin module) Memory maps by the process (if any): (May help in determining false positives if you know what to expect to be mapped) ============ My take on this warning is that it is a false positive and that everything I can see here is part of the expected behavior of Spamassassin. It was most likely flagged because of the outgoing connections. The tutorial infopro linked to gives a variety of ways to prevent warning emails being generated if that is want you decide to do. 116.203.54.42, your server's ip is geolocated to Delhi, India. So either your server is not where you thought it is, or the IP has been sold or leased recently and the geolocation database has not been updated yet. YOU SHOULD NOT POST YOUR SERVER'S IP ON THESE FORUMS. 213.133.99.99 Hetzner is in Germany. 208.83.137.115 Cloudmark is in California, US. CPHulk stops server service logins (WHM, cPanel, POP3, SMTP, SSH) from succeeding if from a denied country. None of these ips are trying to log in to anything so CPHulk is irrelevant here.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post