I desperately need some help from this community. My server was overloaded to an extremely high level --> over 100 and at one time reached 200. It virtually freezed my server. I had to reboot it.
The problem was caused by many "Exim" processes running by user "mailnull" and "root". I had to shut down the Exim service and even disable the exim program. However, as long as I restarted the Exim service, many exim processess come up like crazy and pushed the server load to 100 in seconds.
I do not know if someone is attacking my server, or something was compromised within my server. After I shut down Exim, the server load was down to below 0.1. But I can not use the emails now.
Please tell me what maight be the potential problems and how to check it and stop it.
I already disabled "sendmail" program since yesterday. Is there other program can be used for sending emails out from the sever? I do not know why the program "exim" was run by two users "mailnull" and "root".