Hello,
On a server with (Postfix and) Dovecot 2.3.18 (on a VM running CentOS 7
- 1 CPU, 5 GB RAM) with the config you will see below, we are facing
occasional (infrequent) service disruptions: IMAP service seems
unavailable to some users.
Jun 6 12:01:25 vweb2 roundcube: <1eecb0d4> IMAP Error: Login failed for
imaptester against vmail2.noa.gr from 195.251.202.xxx. Could not connect
to ssl://vmail2.noa.gr:993: Connection rejected in
/var/webs/webmail/rcube/program/lib/Roundcube/rcube_imap.php on line 211
(POST /?_task=login&_action=login)
At that time there was no associated logged event in dovecot log. (Other
users are logging in and out.)
However, I see some warnings (I list the two of them closest to the
above event):
Jun 06 12:01:22 imap(user1)<29639><Vr0atcPg5M3BXBCl>: Warning: Inotify
instance limit for user 500 (UID vmail) exceeded, disabling. Increase
/proc/sys/fs/inotify/max_user_instances
...
Jun 06 12:01:26 imap(user2)<29793><rZuSt8PgztoKyVSG>: Warning: Inotify
instance limit for user 500 (UID vmail) exceeded, disabling. Increase
/proc/sys/fs/inotify/max_user_instances
(In above log excerpts I've only modified real usernames.)
Restarting Dovecot returns things back to normal.
I have tried to use "service_count = 100" in all configured services, to
see how it goes.
Most of the config is inherited from the past (older versions) and is
not optimized. For example one can observe different "process_limit"
values for different services, for no apparent reason I am aware of.
Could anyone suggest changes and/or additions to the OS and/or Dovecot
to resolve this issue?
Any additional suggestions will also be welcome.
Thanks in advance for your kind assistance.
Here is the config (I've only changed postmaster address):
=======================================================================
protocols = imap pop3 sieve lmtp
login_greeting = Dovecot NOA ICXC-NIKA
log_path = /var/log/dove.log
mail_location = maildir:~/Maildir/
mail_gid = 500
mail_uid = 500
auth_mechanisms = plain login
auth_username_format = %Ln
auth_verbose = no
auth_debug = no
mail_debug = no
disable_plaintext_auth = no
mail_plugins = quota mail_log notify
protocol imap {
imap_client_workarounds = "delay-newmail"
mail_plugins = quota imap_quota mail_log notify
mail_max_userip_connections = 400
namespace inbox {
mailbox Trash {
autoexpunge = 15d
}
}
}
protocol pop3 {
mail_max_userip_connections = 3
mail_plugins = quota notify
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
pop3_uidl_format = %08Xu%08Xv
namespace inbox {
mailbox Trash {
autoexpunge = 15d
}
}
}
protocol lda {
auth_socket_path = /var/run/dovecot/auth-master
mail_plugins = quota notify sieve
postmaster_address = xxxxxx...@noa.gr
sendmail_path = /usr/lib/sendmail
}
protocol lmtp {
auth_socket_path = /var/run/dovecot/auth-master
postmaster_address = xxxxxx...@noa.gr
mail_plugins = quota notify sieve
sendmail_path = /usr/lib/sendmail
}
protocol sieve {
managesieve_max_line_length = 65536
mail_max_userip_connections = 10
managesieve_logout_format = bytes=%i/%o
managesieve_max_compile_errors = 10
}
userdb {
args = /etc/dovecot/dovecot-usrdb-ldap.conf
driver = ldap
}
passdb {
args = /etc/dovecot/dovecot-passdb-ldap.conf
driver = ldap
}
plugin {
mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename flag_change save mailbox_create
mail_log_fields = uid box msgid size flags vsize from subject
quota = maildir:User quota
quota_rule = *:storage=15G
quota_rule2 = Trash:storage=+3%%
quota_warning = storage=75%% quota-warning 75 %u
quota_warning2 = storage=90%% quota-warning 90 %u
sieve = file:~/sieve;active=~/.dovecot.sieve
sieve_max_script_size = 0
sieve_max_actions = 0
sieve_max_redirects = 2
}
service quota-warning {
executable = script /opt/mail1.sh
user = vmail
unix_listener quota-warning {
user = vmail
}
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-master {
group = vmail
mode = 0660
user = vmail
}
user = root
}
service imap-login {
service_count = 100
vsz_limit = 64 M
process_limit = 500
}
service pop3-login {
service_count = 100
vsz_limit = 64 M
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
service_count = 100
process_min_avail = 0
vsz_limit = 64M
}
service managesieve {
process_limit = 1024
}
service imap {
executable = imap postlogin
process_limit = 2048
}
service pop3 {
executable = pop3 postlogin
}
service postlogin {
executable = script-login -d rawlog
unix_listener postlogin {
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl = yes
ssl_cert = </etc/pki/tls/certs/star_noa_gr-cert-with_CA-rev-754868755.crt
ssl_key = </etc/pki/tls/private/star_noa_gr-1243437.key
namespace inbox {
separator = .
prefix =
inbox = yes
mailbox Drafts {
special_use = \Drafts
auto = subscribe
}
mailbox Junk {
special_use = \Junk
auto = subscribe
}
mailbox Trash {
special_use = \Trash
auto = subscribe
}
mailbox Sent {
special_use = \Sent
auto = subscribe
}
}
=======================================================================
Nick
