I have setup Monit to report me whenever CPU or MEM limit peaks. I now get warnings all the time about too much CPU and MEM being used.
I looked into the server during one of those alerts, seems like the process clamscan was using like 50% CPU. Another 40% was in use by apache.
Is this normal?
Are there alternatives for clamscan to use less CPU, or should I just let it use up the CPU. I reckon the high CPU usage won`t be a problem since it will use less CPU whenever other processes need it such as Apache. However, I want some kind of monitoring and now clamscan is causing all these alerts.
I saw spikes with clamscan when i get more incoming emails in short amount of time. For example once i sent 25+ emails to my server in just few seconds and memory went from ~450MB up to 700+MB but didnt test how much hit got the CPU (at the time didnt need this info).
On other side i made several test with clamscan and infected email attachments and i must say it failed miserably. Even the spam filter is not the best one compared to spamexperts or other similar services. If your server have problems with CPU/Memory spikes because of clamscan then maybe the best solution would be to upgrade your server or go for external service for emails like GoogleApps (or other cheaper alternatives). If you go for second solution then you can disable clamscan and spamassassin.
Thanks again everyone for your help. Great community!
@Andreychek, I run your command during one of the alerts (memory alert) and the result is: Mail queue is empty. So no problems there I guess?
@Diabolico, using an alternative mail service is not really an option. Al least, this is not preferred due to migration work and costs. And I’m afraid that the free or cheap alternatives will be causing problems such as mailserver reputation. What is your experience with cheap alternatives or for example with GoogleApps. I can imagine that this would cause lots of delivery problems since proably lots of people are using these services and the server reputation wouldn`t be too good. But maybe I’m wrong? I was on shared hosting before and we had mail delivery issues all the time. Mostly because the server got blacklisted somewhere. Since I’m on my own dedicated mailserver we never had any problem with delivery.
Last thing, as I mentioned I just got a spike in CPU and MEM. I checked processes using TOP command. Strang thing is that this is eating all the memory at the moment: 11580 root 39 19 455024 417000 208 R 46.6 41.0 4:22.75 find
So PID 11580 with user root is using up 46.6% CPU and 41% MEM. The command is ‘find’.
What’s going on, any tips or commands on how I can find out more details about what exactly is causing the find command to use up this CPU. Strange thing is, i’m the only one on this server so why would a root user be using this many resources with a find command?
Al least, this is not preferred due to migration work
Quite contrary, during migration your emails will be always safe as they are not hosted with your server but as external service. If you use external DNS and not self hosted you dont need to worry if you will get emails during migration or in case your server for whatever reason go down.
And I’m afraid that the free or cheap alternatives will be causing problems such as mailserver reputation. What is your experience with cheap alternatives or for example with GoogleApps.
GoogleApps is great and based on my experience works without any problem. Other alternative i tested is Zoho Mail, cheaper than GoogleApps but comes with almost everything as them plus Zoho have more services then just email hosting and its worth to check them. But there are more in this field like Rackspace Email, used them in the past and they are another good email provider.
You should really read more about this subject. Hosting externally emails, DNS DB… sometimes is necessity and not option to consider like with big web stores (eCommerce) where security, failsafe, server offload and other things are actually asking you to not host everything on the same server.
But based on your last post it could be there is something else causing high server load.
@Diabolico, thanks. You got me thinking I already host DB seperately, but I think in future and maybe for some existing VPS-es , I will look into external mailservices. Would save me a lot of pain too
@andreycheck: thanks for the command, really helpful! Next time it peaks I`ll look into it to find out more.
