[BUGS] [root: seaholm security check output]

[Jerahmy Pocott]

On 23/01/2008, at 8:02 AM, jonathan michaels wrote:

> one of teh things that bothers me me is that this full table
> issue seems to be trancient, i am starting to think that it is
> being caused by a system user, as in teh mail handler itself
> that is causing teh proc table full errors, can this happen ??
>
> if this actually the case than how can i go about protection
> teh system as it exists now from what could be a potential
> 'driven to destruction' overload situation ??

Yes that was my concern when reading your original post..

It's all very well to increase the proc table if there is a legitimate  
need, but just increasing could hide an error else where that is  
actually causing the table to fill.

The box is the MX for the domain? Do you know how if it's sendmail  
thats fulling the table? I guess it probably is..

You don't have anything like 'ForkEachJob' defined?

The values you could play with are:

MaxDaemonChildren=
ConnectionRateThrottle=

Which limit the amount of incoming connections sendmail accepts. The  
first being the upper limit and the second being how many per second.  
I'm not sure of the volume of mail you get, but if the table filling  
is due to say a flood of incoming connections the throttle value is  
probably enough and would still allow legitimate connections, while  
setting the max children could make it more difficult for legitimate  
connections in the event of a flood but would make sure you never  
spawned too many processes..

That's assuming the issue is with incoming connections of course..