… well, for a while, at least.
I noticed that my ssh window was stalled, so I tried pinging it. It responded just fine, and was also still routing the NATted computers. So I went downstairs to try a console.
They were locked up, or so I thought, it was just very very slow. I managed to get a top running, and to my surprise, there were about 40 spamassassin processes running, eating up all of the memory and swapping constantly, causing the machine to be very slow. Thinking that if I cut the supply of incoming mail, it might free up the machine, I killed the fetchmail process.
It took about half an hour, but it eventually settled back down to normal. I then upgraded spamassassin and procmail and pretty much everything else on the machine, hoping that it would solve the problem. I started it back up, and within seconds, the processes were back and it was locked again. I killed the process and waited another 30 minutes, tried poking around, and eventually just gave up, let the thing run and hoped it had worked it all out by the morning.
This morning, it was back to normal, I had 250 new emails (all for the same thing, obviously part of the same drop) that made it through the spam filter and who knows how many more that got caught.
God. Damned. Spam.
It sounds like one hell of a nasty mail bomb. What’re you running for an OS on that machine?
I learned how to read the subject. Duh.
I’ve had similiar attacks on my box, in upwards of like 50 spamassassin procs running, and it wasn’t quite that slow for me. It’s a shitty box, too. Do you have other intensive procs running on that machine?