-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Good morning.
I joined this list as a last-ditch effort to fix the problem I'm having
with courier-pop, postfix, and LDAP.
Brief background:
I have two mail servers. One with ~22k users on it, another with ~4k
users on it. Both have a default installation of courier-pop,
courier-imap, courier-authdaemon on Ubuntu 6.10 . The authdaemon uses
authpam and authldap to authenticate users. Authpam is plugged in to use
LDAP, so no matter how you slice it, you hit LDAP.
For about 6 months, it was only the one "large" server (The ~22k user
one) and things ran fine. We have a Foundry SI4G load balancer which we
were using to load balance LDAP requests over 3 servers (one linux, two
solaris.)
We finally added the second server, which is hosting a different domain,
and mail basically fell apart. Users trying to pop their mail get
'Enter network user and password', and in the logs, I see a lot of
tempfails, unable to contact LDAP server.
What we found is that Courier-authdaemon will make a heck of a lot of
connections to LDAP, and never close them down - so we were overflowing
our LDAP servers ("too many open files"). Initially we tried to add LDAP
servers ( we added 9 more of various capacities) but courier would
simply hit one system, flood and kill it , move to the next, flood and
kill it, etc. We then set up an idle timeout on the LDAP servers for
courier, but courier doesn't appear to like that, and we'll get
tempfails frequently, but not AS frequently, as courier tries to wake up
an idle thread (I'm assuming) and find it's not there anymore.
I have also tried changing the number of daemons that the authdaemon
fires up, but that doesn't seem to make much of a difference. It has
ranged from 500 to 55 (I have it at 55 currently) but no matter what,
courier tempfails and irritates the users.
I'm at the end of my rope, and I can't figure out what to do next. Any
help would be appreciated.
Adam
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGeCvVdftsbvGFaP4RAv7GAJ4kkKl5MkmGeHRhQAPYNYj87N8U0wCgk+85
Pc5Vxq9eg0Qz58wRAGcKA18=
=io2J
-----END PGP SIGNATURE-----
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
