Bruce Bodger wrote: > > On Jun 8, 2009, at 4:17 PM, Scott Haneda wrote: > >> Thanks, I have been looking at those adjustments. My concern, is >> that if Dovecot uses a process per imap or pop connection, 2048 is >> not nearly enough for any significant email system. > > There are several parameters in dovecot.conf that can be adjusted to > prevent the problem that you're concerned about... > > # Should each login be processed in it's own process (yes), or should one > # login process be allowed to process multiple connections (no)? Yes > is more > # secure, espcially with SSL/TLS enabled. No is faster since there's > no need > # to create processes all the time. > login_process_per_connection = no > > # Maximum number of login processes to create. The listening process > count > # usually stays at login_processes_count, but when multiple users > start logging > # in at the same time more extra processes are created. To prevent > fork-bombing > # we check only once in a second if new processes should be created - > if all > # of them are used at the time, we double their amount until the limit > set by > # this setting is reached. > login_max_processes_count = 128
This only partly addresses the concern. There will still be a process per IMAP or POP connection once the connection is logged in. I believe those settings only control what happens until a successful authentication. David
