Page 1 of 1

excesive process warning dovecote/dict

Posted: 22 Dec 2013, 09:23
by dvk01
Since last night, I am getting loads of lfd alerts
Time: Sun Dec 22 08:01:31 2013 +0000
Account: dovecot
Resource: Process Time
Exceeded: 34326 > 2400 (seconds)
Executable: /usr/libexec/dovecot/dict
Command Line: dovecot/dict
PID: 24272 (Parent PID:7206)
Killed: No

is this another one we have to add to csf pignore where cpanel have buggered up dovecote again with their incessant fiddling or have I got a problem on my server and it is warning on genuine attacks. It seems to have started at about 11pm GMT last night and I have had an hourly warning ever since
EXE:/usr/libexec/dovecot/dict

Re: excesive process warning dovecote/dict

Posted: 22 Dec 2013, 09:33
by ForumAdmin
Looks like it's a valid Dovecot process, so ignore it unless it seems to be looping/causing a performance issue:
http://wiki2.dovecot.org/Services#dict

Re: excesive process warning dovecote/dict

Posted: 22 Dec 2013, 11:33
by vince
The cPanel support response is here FYI:
http://forums.cpanel.net/f5/dovecot-iss ... ost1501081

Re: excesive process warning dovecote/dict

Posted: 22 Dec 2013, 13:43
by dvk01
Vince, that Cpanel entry is a different issue
everybody knows about the lfd problems with auth and anvil and the default csf/lfd pignore contains those entries, but this is a new one that just started after the latest cpanel update, so they appear to have buggered things up again

Re: excesive process warning dovecote/dict

Posted: 23 Dec 2013, 00:01
by vince
I see, sorry, didn't realise your issue was dovecote/dict instead of /anvil, I should read more carefully.
But in case it helps, my /anvil problem is only on one VPS which has WHM 1.4.0 and csf v6.38, but this problem doesn't happen on another VPS with WHM 1.4.1 and csf v6.37
Not sure if you are able to downgrade to csf v6.37 easily to test ?