If you have a dedicated server or VPS with the Config Server Firewall (CSF) software installed (any dedicated or VPS managed by us has this software installed by default) and are receiving a number of "suspicious process" emails that mention the "spamd child" process, this is the result of a recent update to the CSF software. Â The 4.35 version of CSF removed the exclusion it had for the "spamd child" process (this is the spam filter process), so whenever the spamd process is doing a lot of work CSF will identify it as a "suspicious process". Â This can be avoided by adding the exclusion back into CSF. Â Here's how:
- Log into Web Host manager (WHM)
- Click on "ConfigServer Security & Firewall" on the left side of the page at the bottom
- Click on "lfd Process Ignore" in the "lfd - Login Failure Daemon" section
- Add the following line to the list and click "Change":
- Click the "Restart lfd" button
You're done! Â You should no longer receive emails regarding the "spamd child" process.