First, take a big deep breath and turn down the hyperbole, it's not going to help you affect a solution.
On Jan 3, 2011, at 12:08 PM, LuKreme wrote: > On 2-Jan-2011, at 22:18, Dan Shoop wrote: >> >> it's getting loaded on demand and because someone is trying to connect to >> your server via IMAP or POP > > Not every 10 seconds they aren't. No one suggested they were, the process is just being relaunched with this frequency, most likely because there is a pending request. But since you've presented no evidence to suggest differently, it remains a possibility. To determine you'd need to do a tcpdump. You wrote: >> I am seeing this about ever 10-11 seconds >> >> Jan 2 16:24:07 shiva org.dovecot.dovecotd[22677]: Warning: Last died with >> error (see error log for more information): Auth process died too early - >> shutting down >> Jan 2 16:24:07 shiva dovecot[22677]: Fatal: auth(default): Unknown >> authentication mechanism 'none' >> Jan 2 16:24:07 shiva dovecot[22677]: Fatal: Auth process died too early - >> shutting down >> Jan 2 16:24:07 shiva com.apple.launchd[1] (org.dovecot.dovecotd[22677]): >> Exited with exit code: 89 >> Jan 2 16:24:07 shiva com.apple.launchd[1] (org.dovecot.dovecotd): >> Throttling respawn: Will start in 10 seconds >> >> The machine is NOT running dovecot (or any mail service), but it appears >> this gets loaded by default by OS X Server. which shows it restarting every ten seconds, not receiving requests every ten seconds. There is a big difference which I'm sure you're capable of understanding. I'd also note that OS X Server *does run* dovecot. You may not have it _enabled_for_users_ but it will get invoked on demand as this is how it properly operates and is expected behavior for OS X Server. It may not be what you desired or expected but it is in keeping with OS X Server. Many processes in the course of their activity, such as cron, send mail and mail is often delivered for root as well during normal operations. Since dovecot is the MDA (mail delivery agent) in OS X this is what will be delivering the message to the mailbox. It's likely if you look at your mail queues you'll see mail even if you don't operate mail services. This is just a function of expected behavior. These messages present on the queues will also invoke, on demand, services required for their delivery. > And anyway, just like I don't want a ftpd processes trying to spawn if > someone tries > to connect to port 21, nor apache trying to startup just because someone > connects to port 80, likewise I don't want dovecot trying to start -EVER-. In > fact, I don't want anything, ever, to launch on demand after I've told it not > to launch. Then OS X Server has specific methodologies which you, the sysadmin, can use to inact your policies. Consider using the firewall to block traffic requests and SACLs to limit what services are available and to whom. OS X Server is not OS X. As a server there are many operations for which we expect messages as part of their normal behavior. > I do not want to remove the plist file 1) because it's in /System and I don't > muck about in /System and 2) The next system update will simply put it back. And no one suggested you do this. > I also don't necessarily want to block the ports dovecot thinks it wants to > use. Maybe I want to run courier on the machine instead. Then you have a bunch of additional work to perform if you want to run a replacement service. You will need to make sure that However, I'm not sure there are any advantages you would gain in running courier over dovecot as dovecot offers a superset replacement for courier. That would be a matter for you to evaluate based on your requirements. You will also need to completely disable all the various mail services included with OS X Server (postfix, amavis, mailman, spamassassin, dovecot, lmtp, ...), lock them, and avoid using Server Admikn for management of your server. You'll need to build new versions of them in /usr/local and rely on those and configure and manage them all manually. OS X Server is a distribution package that includes many services as part of providing a highly integrated solution. If you don't want or need these features then perhaps OS X Server is not the right fit and OS X or another OS may be a better solution for you. And considering all the work required to replace and assure they stay disabled (since you're fighting against the distro) it may not be worth the effort and you may need additional heavy understanding of the internals of OS X Server's interoperations of mail services to assure proper replacement. > Right now, but I have not rebooted, unloading the agent and then removing it > (both via launchctl) has prevented it trying to spawn every 10-11 seconds, > but I did this once before and it came back then. If it's unloaded, which is what it sounds like you want (rather than disabling it, which is a different sort of action) then it should not relaunch. It's likely your prior attempt to unload wasn't successful or properly performed. > My biggest problem is that Steve insists on serving PURPLE Kool Aid, an > I don't like PURPLE <sip sip> Kool Aid. Well there's you're problem. OS X Server has a very specific methodology of operations for which it expects you to follow and specific idea of operations. If you don't want the purple cool-aid then don't choose cups that contain it when selecting your beverages. -d ------------------------------------------------------------------------ Dan Shoop [email protected] GoogleVoice: 1-646-402-5293 aim: iWiring twitter: @colonelmode _______________________________________________ MacOSX-admin mailing list [email protected] http://www.omnigroup.com/mailman/listinfo/macosx-admin
