Dear Eric, I have changed configuration as you advised and monitored couple of days . It was working fine now. Thanks a lot friends.
On Fri, Jul 24, 2015 at 6:36 PM, Chandran Manikandan <[email protected]> wrote: > Dear Eric, > Thanks for your assist me. I have done your correction in local.conf and > checked doveconf -n. It's shown the new settings. Let me track this issue > another few more days. If still face the same issue then will update. If > it's fixed also will update you. Thanks a lot Eric. > > On Fri, Jul 24, 2015 at 11:49 AM, Eric Broch <[email protected]> > wrote: > >> Chandran, >> >> Use 'doveconf -n' (NOT 'doveconf -d') which will show all the settings >> with NON-DEFAULT values. >> >> Dovecot operates off of the configuration files. You do NOT, or most >> likely shouldn't, have to reinstall Dovecot. >> >> I'll bet that when you run 'doveconf -n' you'll most likely see the >> current setting from local.conf. >> >> Eric >> >> >> >> >> On 7/23/2015 9:14 PM, Chandran Manikandan wrote: >> >> Dear Eric, >> Thanks for your help. I tried your above advise and changed in >> local.conf file then i restarted the service dovecot restart. After restart >> the server i tried this command doveconf -d still service count shows 1. >> FYR below. >> >> service imap-login { >> chroot = login >> client_limit = 0 >> drop_priv_before_exec = no >> executable = imap-login >> extra_groups = >> group = >> idle_kill = 0 >> inet_listener imap { >> address = >> port = 143 >> reuse_port = no >> ssl = no >> } >> inet_listener imaps { >> address = >> port = 993 >> reuse_port = no >> ssl = yes >> } >> privileged_group = >> process_limit = 0 >> process_min_avail = 0 >> protocol = imap >> service_count = 1 >> type = login >> user = $default_login_user >> vsz_limit = 18446744073709551615 B >> } >> >> My changes in local.conf. >> >> service imap-login { >> service_count = 0 >> #client_limit = $default_client_limit >> #process_min_avail = 0 >> #vsz_limit = 64M >> } >> service pop3-login { >> service_count = 0 >> } >> >> My 10-master.conf under conf.d file below. >> >> service imap-login { >> inet_listener imap { >> # process_limit = 15 >> # client_limit = 10740 >> #port = 143 >> } >> inet_listener imaps { >> #port = 993 >> #ssl = yes >> } >> >> # Number of connections to handle before starting a new process. >> Typically >> # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0 >> # is faster. <doc/wiki/LoginProcess.txt> >> #service_count = 1 >> >> # Number of processes to always keep waiting for more connections. >> #process_min_avail = 0 >> >> # If you set service_count=0, you probably need to grow this. >> #vsz_limit = $default_vsz_limit >> } >> >> service pop3-login { >> inet_listener pop3 { >> #port = 110 >> } >> inet_listener pop3s { >> #port = 995 >> #ssl = yes >> } >> } >> >> >> I think the problem is whatever change did in dovecot folder means >> local.conf or toaster.conf or 10-master.conf it's not overwrite in doveconf >> file that's why i couldn't fix this issue. >> >> Is any mismatch configuration there in dovecot package or qmailtoaster. >> >> Or do i reinstall the current dovecot toaster package will it fix this >> issue. >> >> Please advise it and help me. >> >> If i need to do reinstall kindly let me know the command procedures. >> Because this is live server and would not affect any email accounts or data. >> >> Please help me to resolve this issue. >> >> On Thu, Jul 23, 2015 at 7:45 PM, Eric Broch <[email protected]> >> wrote: >> >>> Chandran, >>> >>> From the configuration you sent you have the following setting... >>> >>> service imap-login { >>> . >>> . >>> . >>> service_count = 1 >>> . >>> . >>> . >>> } >>> >>> from http://wiki2.dovecot.org/LoginProcess >>> >>> It should be... >>> >>> service imap-login { >>> service_count = 0 >>> } >>> >>> For High-performance mode. >>> >>> And, I would not change any configuration file in /etc/dovecot/conf.d >>> directory, make all your changes in local.conf >>> >>> In the above link, here's the High-Performance section: >>> >>> High-performance mode >>> >>> You can enable high-performance mode with: >>> >>> service imap-login { service_count = 0 #client_limit = >>> $default_client_limit #process_min_avail = 0 #vsz_limit = 64M}service >>> pop3-login { service_count = 0} >>> >>> It works by using a number of long running login processes, each >>> handling a number of connections. This loses much of the security benefits >>> of the login process design, because in case of a security hole (in Dovecot >>> or SSL library) the attacker is now able to see other users logging in and >>> steal their passwords, read their mails, etc. >>> >>> - >>> >>> process_min_avail should be set to be at least the number of CPU >>> cores in the system, so that all of them will be used. >>> - Otherwise new processes are created only once an existing one's >>> connection count reaches client_limit >>> - Default client_limit * process_limit = 1000*100 = 100k connections >>> - vsz_limit should be increased to avoid out of memory errors, >>> especially if you're using SSL/TLS. >>> >>> >>> >>> Eric >>> >>> >>> >>> On 7/23/2015 1:01 AM, Chandran Manikandan wrote: >>> >>> Dear Eric, >>> Please find the attached file FYR . please check and help me to resolve >>> it. >>> >>> On Wed, Jul 22, 2015 at 8:21 PM, Eric Broch < <[email protected]> >>> [email protected]> wrote: >>> >>>> >>>> Look here http://wiki2.dovecot.org/LoginProcess >>>> >>>> >>>> On 7/22/2015 3:56 AM, Chandran Manikandan wrote: >>>> >>>> Dear Friends, >>>> I have faced below issues since two weeks to till now. Could anyone >>>> help me to rectify this issue. >>>> >>>> Below message retrieve from logs and getting disconnection from >>>> Outlook and other email clients. >>>> >>>> Error Message >>>> >>>> master: Warning: service(imap-login): process_limit (100) reached, >>>> client connections are being dropped >>>> >>>> My local.conf from dovecot folder >>>> >>>> protocol imap { >>>> imap_client_workarounds = "delay-newmail" >>>> mail_max_userip_connections = 20 >>>> default_process_limit = 300 >>>> } >>>> >>>> 10-master.conf >>>> >>>> default_process_limit = 300 >>>> default_client_limit = 1000 >>>> >>>> service imap-login { >>>> inet_listener imap { >>>> # process_limit = 15 >>>> # client_limit = 300 >>>> #port = 143 >>>> } >>>> protocol imap {"process_limit = 300"} >>>> >>>> Please check above config. I have modified in dovecot folder but >>>> doesn't reflect the server. Is there anything in toaster issue. could any >>>> one help me to solve it. >>>> >>>> My server toaster is dovecot-2.2.7-0.qt.el6.i686 >>>> Server is Centos 6.6 >>>> >>>> >>>> >>>> -- >>>> *Thanks,* >>>> *Manikandan.C* >>>> *System Administrator* >>>> >>>> >>>> >>> >>> >>> -- >>> *Thanks,* >>> *Manikandan.C* >>> *System Administrator* >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [email protected] >>> For additional commands, e-mail: [email protected] >>> >>> >>> >> >> >> -- >> *Thanks,* >> *Manikandan.C* >> *System Administrator* >> >> >> > > > -- > *Thanks,* > *Manikandan.C* > *System Administrator* > -- *Thanks,* *Manikandan.C* *System Administrator*
