SMTP making too much connection
Hello, Recently my server got suspended by the my VPS provider here is the reason they suspend it
Anyone can help me how to resolve this ?
List of processes running on VPS 5136
**********************************************
24944 httpd /usr/local/apache/bin/httpd -k start -DSSL
60439 httpd /usr/local/apache/bin/httpd -k start -DSSL
73386 httpd /usr/local/apache/bin/httpd -k start -DSSL
90976 exim /usr/sbin/exim -q
257719 perl /usr/local/cpanel/3rdparty/bin/perl -x --
/usr/local/assp/assp.pl /usr/local/assp
298348 init init
298352 kthreadd/5136
298353 khelper/5136
298964 udevd /sbin/udevd -d
302386 rsyslogd /sbin/rsyslogd -i /var/run/syslogd.pid -c 5
302598 named /usr/sbin/named -u named
302921 nscd /usr/sbin/nscd
303029 sshd /usr/sbin/sshd
311573 mysqld_safe /bin/sh /usr/bin/mysqld_safe
--datadir=/var/lib/mysql --pid-file=/var/lib/mysql/servercp.vchatx.com.pid
311729 mysqld /usr/sbin/mysqld --basedir=/usr
--datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --user=mysql
--log-error=/var/lib/mysql/servercp.vchatx.com.err --open-files-limit=10000
--pid-file=/var/lib/mysql/servercp.vchatx.com.pid
316810 httpd /usr/local/apache/bin/httpd -k start -DSSL
316827 nginx nginx: master process /usr/sbin/nginx -c
/etc/nginx/nginx.conf
316828 nginx nginx: worker process
316829 nginx nginx: worker process
316830 nginx nginx: cache manager process
316841 pure-uploadscri /usr/sbin/pure-uploadscript -B -r
/usr/share/ilabs_antimalware/pure-ftpd-inspector.php
316874 pure-ftpd pure-ftpd (SERVER)
316876 pure-authd /usr/sbin/pure-authd -s /var/run/ftpd.sock -r
/usr/local/cpanel/bin/pureauth
316887 crond crond
316946 atd /usr/sbin/atd
317064 /usr/local/cpan /usr/local/cpanel/3rdparty/perl/514/sbin/munin-node
318117 cpsrvd (SSL) - cpsrvd (SSL) - waiting f --llu=1455603762
--listen=10,11,4,5,6,7,8,9
319049 mingetty /sbin/mingetty console
319050 mingetty /sbin/mingetty tty2
395906 exim /usr/sbin/exim -q
403545 ssl-params dovecot/ssl-params
405107 dovecot /usr/sbin/dovecot
405112 pop3-login dovecot/pop3-login
405113 imap-login dovecot/imap-login
405114 anvil dovecot/anvil
405115 log dovecot/log
405118 pop3-login dovecot/pop3-login
405120 imap-login dovecot/imap-login
405121 config dovecot/config
411010 queueprocd - wa queueprocd - wait to process a task
411077 cpanel_php_fpm php-fpm: master process
(/usr/local/cpanel/etc/php-fpm.conf)
411087 cPhulkd - proce cPhulkd - processor
411154 cpdavd - accept cpdavd - accepting connections on 2077, 2078, 2079,
and 2080
411169 cpanellogd - sl cpanellogd - sleeping for logs
417200 /usr/local/assp /usr/local/assp/scripts/assplocalemails
417381 tailwatchd tailwatchd
417819 exim /usr/sbin/exim -bd -q60m -oP
/var/spool/exim/exim-daemon.pid
446841 clamd /usr/local/cpanel/3rdparty/bin/clamd
459941 perl /usr/local/cpanel/3rdparty/bin/perl -x --
/usr/local/assp/scripts/asspcheck
496382 lfd - sleeping lfd - sleeping
569907 auth dovecot/auth
683330 leechprotect /usr/local/cpanel/3rdparty/bin/perl
/usr/local/cpanel/bin/leechprotect
683332 httpd /usr/local/apache/bin/httpd -k start -DSSL
683333 httpd /usr/local/apache/bin/httpd -k start -DSSL
683334 httpd /usr/local/apache/bin/httpd -k start -DSSL
683335 httpd /usr/local/apache/bin/httpd -k start -DSSL
690195 httpd /usr/local/apache/bin/httpd -k start -DSSL
704045 httpd /usr/local/apache/bin/httpd -k start -DSSL
707768 httpd /usr/local/apache/bin/httpd -k start -DSSL
711376 httpd /usr/local/apache/bin/httpd -k start -DSSL
712504 httpd /usr/local/apache/bin/httpd -k start -DSSL
714463 exim /usr/sbin/sendmail -t -i
-fpam_gregory@azadarlive.com
714696 crond CROND
714734 munin-cron /bin/sh
/usr/local/cpanel/3rdparty/perl/514/bin/munin-cron
714992 exim /usr/sbin/sendmail -t -i
-fbonnie_walsh@azadarlive.com
715097 munin-update /usr/local/cpanel/3rdparty/perl/514/bin/perl
/usr/local/cpanel/3rdparty/share/munin/munin-update
715145 exim /usr/sbin/sendmail -t -i
-fethel_moreno@azadarlive.com
715552 exim /usr/sbin/sendmail -t -i
-fconnie_gonzalez@azadarlive.com
715772 /usr/local/cpan /usr/local/cpanel/3rdparty/share/munin/munin-update
[Munin::Master::UpdateWorker]
715821 /usr/local/cpan /usr/local/cpanel/3rdparty/perl/514/sbin/munin-node
[::ffff:127.0.0.1]
716657 exim /usr/sbin/sendmail -t -i
-ftricia_jacobs@azadarlive.com
716681 exim /usr/sbin/sendmail -t -i
-fruby_griffin@azadarlive.com
716746 exim /usr/sbin/exim -bd -q60m -oP
/var/spool/exim/exim-daemon.pid
717210 exim /usr/sbin/sendmail -t -i
-fvickie_williams@azadarlive.com
717714 exim_mailqueue /bin/sh /etc/munin/plugins/exim_mailqueue
717717 exiqgrep /usr/local/cpanel/3rdparty/perl/514/bin/perl
/usr/sbin/exiqgrep -cz
717718 awk awk
BEGIN { frozen=mails="U"; }
/[0-9]+ matches out of [0-9]+ messages/ { frozen=$1; mails=($5-$1); }
END { printf("frozen.value %s\nmails.value %s\n",frozen,mails); }
717774 exim /usr/sbin/exim -bpu
717819 exim /usr/sbin/exim -q
717827 exim /usr/sbin/exim -q
717841 exim /usr/sbin/exim -q
717863 exim /usr/sbin/exim -q
717894 exim /usr/sbin/exim -q
717897 exim /usr/sbin/exim -q
819562 exim /usr/sbin/exim -q
**********************************************
First 285 lines from conntrack table (truncated)
**********************************************
ipv4 2 tcp 6 80 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=57603
dport=125 src=127.0.0.1 dst=127.0.0.1 sport=125 dport=57603 [ASSURED] mark=0
secmark=0 use=2
ipv4 2 tcp 6 55 TIME_WAIT src=192.241.117.180 dst=192.241.117.180
sport=36535 dport=8080 src=192.241.117.180 dst=192.241.117.180 sport=8080
dport=36535 [ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 8 CLOSE src=192.241.117.180 dst=98.138.112.32 sport=34266
dport=25 src=98.138.112.32 dst=192.241.117.180 sport=25 dport=34266 [ASSURED]
mark=0 secmark=0 use=2
ipv4 2 tcp 6 111 TIME_WAIT src=192.241.117.180 dst=63.250.192.46
sport=58618 dport=25 src=63.250.192.46 dst=192.241.117.180 sport=25 dport=58618
[ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 119 TIME_WAIT src=192.241.117.180 dst=98.136.217.203
sport=43015 dport=25 src=98.136.217.203 dst=192.241.117.180 sport=25
dport=43015
[ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 8 CLOSE src=192.241.117.180 dst=98.138.112.35 sport=37136
dport=25 src=98.138.112.35 dst=192.241.117.180 sport=25 dport=37136 [ASSURED]
mark=0 secmark=0 use=2
ipv4 2 udp 17 4 src=192.241.117.180 dst=8.8.8.8 sport=33364 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=33364 mark=0 secmark=0 use=2
ipv4 2 udp 17 13 src=192.241.117.180 dst=8.8.8.8 sport=48727 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=48727 mark=0 secmark=0 use=2
ipv4 2 udp 17 22 src=192.241.117.180 dst=8.8.8.8 sport=52739 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=52739 mark=0 secmark=0 use=2
ipv4 2 udp 17 14 src=192.241.117.180 dst=8.8.8.8 sport=42200 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=42200 mark=0 secmark=0 use=2
ipv4 2 tcp 6 53 TIME_WAIT src=192.241.117.180 dst=192.241.117.180
sport=36490 dport=8080 src=192.241.117.180 dst=192.241.117.180 sport=8080
dport=36490 [ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 53 TIME_WAIT src=192.241.117.180 dst=192.241.117.180
sport=36492 dport=8080 src=192.241.117.180 dst=192.241.117.180 sport=8080
dport=36492 [ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 105 TIME_WAIT src=192.241.117.180 dst=66.196.118.36
sport=56945 dport=25 src=66.196.118.36 dst=192.241.117.180 sport=25 dport=56945
[ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 104 TIME_WAIT src=192.241.117.180 dst=98.138.112.37
sport=38269 dport=25 src=98.138.112.37 dst=192.241.117.180 sport=25 dport=38269
[ASSURED] mark=0 secmark=0 use=2
ipv4 2 udp 17 73 src=192.241.117.180 dst=8.8.8.8 sport=46364 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=46364 [ASSURED] mark=0 secmark=0
use=2
ipv4 2 tcp 6 119 TIME_WAIT src=192.241.117.180 dst=98.138.112.35
sport=33353 dport=25 src=98.138.112.35 dst=192.241.117.180 sport=25 dport=33353
[ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 299 ESTABLISHED src=192.241.117.180 dst=98.136.217.202
sport=54805 dport=25 src=98.136.217.202 dst=192.241.117.180 sport=25
dport=54805
[ASSURED] mark=0 secmark=0 use=2
ipv4 2 udp 17 1 src=192.241.117.180 dst=8.8.8.8 sport=57000 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=57000 mark=0 secmark=0 use=2
ipv4 2 udp 17 0 src=192.241.117.180 dst=8.8.8.8 sport=41731 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=41731 mark=0 secmark=0 use=2
ipv4 2 udp 17 3 src=192.241.117.180 dst=8.8.8.8 sport=53737 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=53737 mark=0 secmark=0 use=2
ipv4 2 udp 17 17 src=192.241.117.180 dst=8.8.8.8 sport=60645 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=60645 mark=0 secmark=0 use=2
ipv4 2 tcp 6 53 TIME_WAIT src=192.241.117.180 dst=192.241.117.180
sport=36466 dport=8080 src=192.241.117.180 dst=192.241.117.180 sport=8080
dport=36466 [ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 49 TIME_WAIT src=192.241.117.180 dst=192.241.117.180
sport=36410 dport=8080 src=192.241.117.180 dst=192.241.117.180 sport=8080
dport=36410 [ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 53 TIME_WAIT src=192.241.117.180 dst=192.241.117.180
sport=36470 dport=8080 src=192.241.117.180 dst=192.241.117.180 sport=8080
dport=36470 [ASSURED] mark=0 secmark=0 use=2
ipv4 2 udp 17 172 src=192.241.117.180 dst=8.8.8.8 sport=43729 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=43729 [ASSURED] mark=0 secmark=0
use=2
ipv4 2 tcp 6 58 TIME_WAIT src=192.241.117.180 dst=192.241.117.180
sport=36554 dport=8080 src=192.241.117.180 dst=192.241.117.180 sport=8080
dport=36554 [ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 116 TIME_WAIT src=192.241.117.180 dst=192.241.117.180
sport=37043 dport=8080 src=192.241.117.180 dst=192.241.117.180 sport=8080
dport=37043 [ASSURED] mark=0 secmark=0 use=2
ipv4 2 udp 17 115 src=192.241.117.180 dst=8.8.8.8 sport=41641 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=41641 [ASSURED] mark=0 secmark=0
use=2
ipv4 2 tcp 6 115 TIME_WAIT src=192.241.117.180 dst=192.241.117.180
sport=36974 dport=8080 src=192.241.117.180 dst=192.241.117.180 sport=8080
dport=36974 [ASSURED] mark=0 secmark=0 use=2
ipv4 2 udp 17 19 src=192.241.117.180 dst=8.8.8.8 sport=49802 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=49802 mark=0 secmark=0 use=2
ipv4 2 udp 17 18 src=192.241.117.180 dst=8.8.8.8 sport=38116 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=38116 mark=0 secmark=0 use=2
ipv4 2 udp 17 14 src=192.241.117.180 dst=8.8.8.8 sport=40950 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=40950 mark=0 secmark=0 use=2
ipv4 2 tcp 6 111 TIME_WAIT src=192.241.117.180 dst=98.136.216.25
sport=40822 dport=25 src=98.136.216.25 dst=192.241.117.180 sport=25 dport=40822
[ASSURED] mark=0 secmark=0 use=2
ipv4 2 udp 17 0 src=192.241.117.180 dst=8.8.8.8 sport=54081 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=54081 mark=0 secmark=0 use=2
ipv4 2 tcp 6 116 TIME_WAIT src=192.241.117.180 dst=98.138.112.35
sport=34359 dport=25 src=98.138.112.35 dst=192.241.117.180 sport=25 dport=34359
[ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 112 TIME_WAIT src=192.241.117.180 dst=66.196.118.36
sport=46888 dport=25 src=66.196.118.36 dst=192.241.117.180 sport=25 dport=46888
[ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 115 TIME_WAIT src=192.241.117.180 dst=192.241.117.180
sport=36967 dport=8080 src=192.241.117.180 dst=192.241.117.180 sport=8080
dport=36967 [ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 119 TIME_WAIT src=192.241.117.180 dst=66.196.118.33
sport=42449 dport=25 src=66.196.118.33 dst=192.241.117.180 sport=25 dport=42449
[ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 110 TIME_WAIT src=192.241.117.180 dst=98.136.217.203
sport=45089 dport=25 src=98.136.217.203 dst=192.241.117.180 sport=25
dport=45089
[ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 49 TIME_WAIT src=192.241.117.180 dst=192.241.117.180
sport=36395 dport=8080 src=192.241.117.180 dst=192.241.117.180 sport=8080
dport=36395 [ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 118 TIME_WAIT src=192.241.117.180 dst=66.196.118.240
sport=56287 dport=25 src=66.196.118.240 dst=192.241.117.180 sport=25
dport=56287
[ASSURED] mark=0 secmark=0 use=2
ipv4 2 tcp 6 112 TIME_WAIT src=192.241.117.180 dst=63.250.192.45
sport=33701 dport=25 src=63.250.192.45 dst=192.241.117.180 sport=25 dport=33701
[ASSURED] mark=0 secmark=0 use=2
ipv4 2 udp 17 19 src=192.241.117.180 dst=8.8.8.8 sport=55699 dport=53
src=8.8.8.8 dst=192.241.117.180 sport=53 dport=55699 mark=0 secmark=0 use=2
ipv4 2 udp 17 3 src=192.241.117.180 dst=8.8.8.8 sport=59653 dport=53
-- Anyone can help me how to resolve this ?
-
Hello :) The following document is a good place to start: How to Prevent Email Abuse - cPanel Knowledge Base - cPanel Documentation Thank you. 0
Please sign in to leave a comment.
Comments
1 comment