WHM : Spamassassin / spamd not working

Spamassassin / spamd not working — solution

1. When restarting exim it will show

[root@server ~]# /scripts/restartsrv_exim
Starting exim: [ OK ]
Starting exim-smtps: [ OK ]
Starting antirelayd: [ OK ]
Starting spamd: Can’t locate Cpanel/SpamAssassinSandBox.pm in @INC (@INC contains: /usr/lib/perl5/5.8.8/i686-linux /usr/lib/perl5/5.8.8 /usr/lib/perl5/site_perl/5.8.8/i686-linux /usr/lib/perl5/site_perl/5.8.8 /usr/lib/perl5/site_perl/5.8.5 /usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.3 /usr/lib/perl5/site_perl/5.8.2 /usr/lib/perl5/site_perl/5.8.1 /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl/5.6.2 /usr/lib/perl5/site_perl) at /usr/bin/spamd line 27.
BEGIN failed–compilation aborted at /usr/bin/spamd line 27.
Starting antirelayd: [ OK ]

Fix :

/scripts/perlinstaller –force Mail::SpamAssassin
/etc/rc.d/init.d/exim restart

2. When restarting exim it will show

Shutting down spamd: [FAILED] and when starting it will NOT show Starting spamd:

You may have disabled spamd whm > service manager .

so whm will create a file /etc/spamdisable

when you re-eanable spamd through whm > service manager this file may not be deleted.

so delete /etc/spamdisable and restart exim , spamd will function again.

[root@server ~]# service exim restart
Shutting down exim: [ OK ]
Shutting down antirelayd: [ OK ]
Shutting down spamd: [FAILED]
Starting exim: [ OK ]
Starting exim-smtps: [ OK ]
Starting antirelayd: [ OK ]
Starting spamd: [ OK ]
[root@server ~]#

3. Given below is the error when restarting exim.

” Starting spamd: [9128] error: spamd: spamd script is v3.001000, but using modules v3.001001 “

When cpanel update updates spamassassin the updates (executables) will be installed at

/usr/share/scripts/ NOT AT working directory /usr/bin and /etc/rc.d/init.d/ .


Remove these files from /usr/bin/ and /etc/rc.d/init.d/

rm -f /usr/bin/spamc
rm -f /usr/bin/sa-learn
rm -f /usr/bin/spamassassin
rm -f /usr/bin/spamd
rm -f /usr/bin/sa-update
rm -f /etc/rc.d/init.d/spamassassin

Now copy the updated files from /usr/share/scripts/

cp /usr/share/scripts/spamc /usr/bin/
cp /usr/share/scripts/sa-learn /usr/bin/
cp /usr/share/scripts/spamassassin /usr/bin/
cp /usr/share/scripts/spamd /usr/bin/
cp /usr/share/scripts/sa-update /usr/bin/
cp /usr/share/scripts/spamassassin /etc/rc.d/init.d/

Now restart exim. Done


WRT spamd, have you tried:

/etc/init.d/chkservd restart

If that doesn’t work, try:




cPanel : sshd has failed, please contact the sysadmin

If you have changed the shell default Port 22 on a cPanel powered server , restarting sshd from the WHM will fail. You have to ssh to the server and issue the following command to restart sshd…

  • /sbin/service sshd restart

To, temporarily, reset your shell port back to 22, run the following command from the Address field in browser:


Now, you should be able to access shell, and you need to restart sshd at the prompt using the command mentioned above

WHM :: Access Denied

When you login to the WHM, you get the following error:

    Access Denied
    Functions in cPanel / WHM are available only directly through the cPanel and WHM interfaces or through our XML API. It appears that this request is coming from a referring site and might be malicious.

When XSRF attacks is enabled in the WHM, the cPanel will validate the referrer for every page. If the referrer matches one of the domains, the server ‘s hostname , or any of the server’s IPs, then the request is allowed through. If the referrer does not match, then the user is shown the “Access Denied” page with the request information and given the option to proceed.

To get rid of that page:

  1. 1. Login to the WHM >> Server Configuration >> Tweak Settings
  2. Scroll down the page (about half way down) and find “Security”, un-check the checkbox to deactivate “XSRF attacks”
  3. Click on the button Save at the bottom of the page.

WHM / cPanel : Munin MySQL Graphs blank

Make sure that the password in /root/.my.cnf is valid, first.

In /etc/munin/plugin-conf.d , you will see a file called cpanel.conf . Modify it completely to look like so:


user root
group wheel

env.mysqladmin /usr/bin/mysqladmin

env.mysqlopts -u [MySQL_usr] -p[MySQL_usrpassword]

### [MySQL_usr] is a valid MySQL user and [MySQL_usrpassword] is it’s password
### you can use mysql root too.

group mail

group mail

user mailman

then restart munin

/etc/init.d/munin-node restart

This tells munin to pull the mysql environment from the file necessary
Of course , in this case you will need munin to run as ROOT. To do this:
su to your munin user

su munin

remove the munin crontab

crontab -e

remove the line, or just add an # to the beginning of it

then exit out of the shell, and add the SAME crontab (that was in the munin user) to root, adding –force-root to the end of the statement, so it’d be something like:

*/5 * * * * /usr/bin/munin-cron --force-root

WHM / cPanel : Munin graphs are Blank

WHM / cPanel Provides Munin for the Server Monitoring. It shows graphs for Disk, Exim, Mysql, Network, and Other Processes. I faced a issue on clients server where installation goes fine and Munin graphs are blank. I have made a short guide to trace the issue.

Restart Munin node and Watch for the logs for munin using :

/etc/init.d/munin-node restart

tail -f /var/log/munin/munin-node.log

Munin Errors :

2008/05/13-23:32:46 Server closing!
Process Backgrounded
2008/05/13-23:32:46 MyPackage (type Net::Server::Fork) starting! pid(25631)
Binding to TCP port 4949 on host *
Setting gid to “10 10”
Use of uninitialized value in eval {block} exit at /usr/sbin/munin-node line 452, line 8.

Munin uses port 4949, check the firewall and if possible disable the firewall during the troubleshooting.

munin 4949/tcp # Munin Graphing Framework
munin 4949/udp # Munin Graphing Framework

#telnet localhost 4949
Connected to localhost.
Escape character is ‘^]’.
# munin node at [your server name]

Solution :

The above errors are when expected node hostname does not match the actual hostname of the server.

Ensure that the hostname entry is at the top and is correct in the /etc/hosts file.

Restart the munin node and use command to execute the munin.

/usr/bin/munin-cron –force-root

The munin should work fine now.

Invalid command ‘SSLEngine’

CentOS release 4.5 (Final)

Server version: Apache/1.3.37 (Unix)

You can get this error for lots of reasons (including the mod_ssl.c module not being loaded) but my problem to day was the above error spat out by:

apachectl configtest

The reason is that apachectl DOES NOT define SSL (i.e. when it’s checking the config file). Therefore the httpd.conf will ALWAYS look broken if mod_ssl.c specific directives are in it. That is unless they are bracketed with:

<IfDefine SSL> or <IfModule mod_ssl.c>

in which case what’s the point of using “apachectl configtest” to test the config file?

httpd -S

gives the same error unless you also pass -DSSL like this:

httpd -S -DSSL

Be safe: use the actual boot scripts to stop and start the server if you’re using SSL:

/etc/init.d/httpd stop

/etc/init.d/httpd startssl

WHM / cPanel :

You may get errors for SSLEngine while installing SSL from WHM :

Syntax error on line 29945 of /usr/local/apache/conf/httpd.conf.installssl.1210663778.980885407.445848-domain.com:
Invalid command ‘SSLEngine’, perhaps mis-spelled or defined by a module not included in the server configuration

root@devel [/usr/share/ssl/private]# service httpd startssl
[Tue Jul 18 15:51:15 2006] [warn] module bytes_log_module is already loaded, skipping
Syntax error on line 1211 of /usr/local/apache/conf/httpd.conf:
Invalid commandSSLEngine‘, perhaps mis-spelled or defined by a module not included in the server configuration
/etc/init.d/httpd startssl: httpd could not be started


Rebuild Apache using easyapache or from WHM which will fix the issue with SSL.

root@devel [/usr/share/ssl/private]# service httpd restart
/etc/init.d/httpd restart: httpd not running, trying to start
/etc/init.d/httpd restart: httpd started

Formatting and Mounting a new drive in Linux

I have installed a new slave hard drive. How do I format it and mount it?


1. Login as root: and type the following command:

[root@34 root]# fdisk /dev/hdc

2. This screen will appear:

The number of cylinders for this disk is set to 10011.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs

3. Press p for print, this will show you the current partitons on the drive:

Command (m for help): p

Disk /dev/hdc: 82.3 GB, 82348277760 bytes
255 heads, 63 sectors/track, 10011 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System

4. There are no current partitions, if there were, press d to delete them. Then press n to create a new partition and follow the rest of the commands:

Command (m for help): n
Command action
e extended
p primary partition (1-4)
Partition number (1-4): 1
First cylinder (1-10011, default 1): Enter
Using default value 1: Enter
Last cylinder or +size or +sizeM or +sizeK (1-10011, default 10011): Enter
Using default value 10011

5: Write your new partiton to the drive:

Command (m for help): w
The partition table has been altered!


6. Now to make the file system.

[root@34 root]# mkfs.ext3 /dev/hdc1
mke2fs 1.32 (09-Nov-2002)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
10059776 inodes, 20103331 blocks
1005166 blocks (5.00%) reserved for the super user
First data block=0
614 block groups
32768 blocks per group, 32768 fragments per group
16384 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624, 11239424


7. Now to make a directory to mount the new drive to.

[root@34 root]# mkdir /backups
[root@34 root]# mount /dev/hdc1 /backups
[root@34 root]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/hda3 75G 1.3G 70G 2% /
/dev/hda1 99M 14M 81M 15% /boot
none 243M 0 243M 0% /dev/shm
/dev/hdc1 76G 33M 72G 1% /backups

You will see that the new drive is labled /dev/hdc1 and is mounted to /backups.

8. Now edit the /etc/fstab so that the mount is there after a reboot.

Current fstab is shown below:

LABEL=/ / ext3 defaults 1 1
LABEL=/boot /boot ext3 defaults 1 2
none /dev/pts devpts gid=5,mode=620 0 0
none /proc proc defaults 0 0
none /dev/shm tmpfs defaults 0 0
/dev/hda2 swap swap defaults 0 0

9. Now we are going to add one line at the end:

[root@34 root]# vi /etc/fstab
LABEL=/ / ext3 defaults 1 1
LABEL=/boot /boot ext3 defaults 1 2
none /dev/pts devpts gid=5,mode=620 0 0
none /proc proc defaults 0 0
none /dev/shm tmpfs defaults 0 0
/dev/hda2 swap swap defaults 0 0
/dev/hdc1 /backups ext3 defaults 0 0

Save and quit vi.

What is Virtuozzo / Parallels Power Panel?

Virtuozzo / Parallels Power Panel also known as VZPP / PPP is used to manage a VPS / Container efficiently. A user can Restart, Stop, Start, and Fast Stop his/her VPS when an emergency occurs. Using Virtuozzo also helps a user to get better information of his/her VPS such as Change password, File Manager, Resources, System Services, System Processes, Firewall, SSH Connection, Status Changes, QoS Alerts, Action Log, Traffic Log etc.

Virtuozzo Power Panel Features:-

* Start/Stop VPS: Start, stop, fast stop and restart the VPS.

* VPS Resource Monitoring: Monitor VPS resource utilization for CPU, system, disk space and disk inodes.

* VPS Backup/Restore: Back up and restore the VPS from the backup including all system and user files.

* VPS Repair: Start the VPS in repair mode when a VPS is broken and does not boot.

-> Embedded SSH Client: Connect via integrated SSH client to the VPS.

* VPS Re-install: Reinstall the VPS from scratch, either saving or discarding existing files.

* VPS Actions Log: View the VPS actions log to monitor resource shortage alerts and various VPS events

* VPS Resources: Shows package name, Additional Information, CPU Usage with graphic, System Usage with Graphic, Disk Usage and Network Usage. By pressing the Extended button you will get a more detailed CPU Parameters, Disk Quota, and UBCs.

* File Manager: Lets you see the files on your VPS.

* Change Password: You can use this option to change the VPS Password.

* System Services: Shows the running applications.

* System Processes: Shows running application/processes. Lets you see CPU%, Mem%, the command and PID.

* Status Changes: Shows the VPS changes such as restarts, stops, locked, etc.

* Actions Log: Shows a list of actions, both running and already finished.

* QoS Alerts: This will be the first thing that is going to tell you when a problem occurs.

How to access Virtuozzo?

VZPP is accessible via 4643 port. For example: If your main VPS Container IP,

Users can access VZPP in the following manner –

username: root

password: your_current_root_password

Plesk – Cannot FTP to a domain after its physical hosting has been recreated

1. Physical hosting on a domain had been removed.

2. Then it was recreated using the same FTP user name.

3. After that it’s impossible to login by ftp to the domain, the FTP server returns an error:

530 User fp1 cannot log in, home directory inaccessible.
IIS cache causes this problem.
Here is two possible ways to resolve:

1. Clean up IIS FTP service cache. To reset FTP cache restart IIS FTP service

net stop MSFTPSvc
net start MSFTPSvc

2. Disable IIS FTP cache. To completely disable caching set the following parameter:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\InetInfo\Parameters\DisableMemoryCache DWORD 1