Cpanel - Spamassassin 100% CPU Usage

There have been numerous reports recently regarding excessive CPU utilization by spamd. This is occurring as a result of a bug in the berkelydb implementation used by SpamAssassin, which causes spamd children to enter an infinite loop when attempting to open a temporary file in the user's ~./.spamassassin directory.

You can determine whether or not this is the case by executing a trace against the spamd process in question, and monitoring the trace for repeated calls to open() a file in ~/.spamassassin/__db.[DB_NAME].

For example, you can launch a trace on the affected process with the following command:

strace -vvFf -s 4096 -e trace=file -p [PID]

A trace on an affected server would repeated output something similar to the following:

open("/home/user/.spamassassin/__db.bayes_toks.new",
O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0600) = -1 EEXIST (File exists) open("/home/user/.spamassassin/__db.bayes_toks.new",
O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0600) = -1 EEXIST (File exists) open("/home/user/.spamassassin/__db.bayes_toks.new",
O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0600) = -1 EEXIST (File exists) open("/home/user/.spamassassin/__db.bayes_toks.new",
O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0600) = -1 EEXIST (File exists)

We have devised a work around for SpamAssassin, which can be applied by taking the following steps:

killall -TERM spamd
# ensure all hung spamd processes are terminated killall -9 spamd # ensure all hung spamd processes are terminated

Visit the following WHM URL:

https://__your_sever_ip_here__:2087/scripts2/autofixer

Enter spamd_dbm_fix into the input field, and click 'Submit'

Once the patch has been applied, the spamd loads should subside. If the problem persists after applying the patch, please let our support team know, and they will investigate any outstanding issues.

Expect that this will be resolved in versions 3.2.4 and greater.