[Dovecot] Apple Mail and too many open files?
Alan Schmitt
alan.schmitt at polytechnique.org
Wed May 24 13:42:24 EEST 2006
On 24 mai 06, at 11:55, Rob Middleton wrote:
> You need to look at the parameters:
> sysctl -a
> kern.maxfiles = 12288
> kern.maxfilesperproc = 10240
> and fix them by creating a file /etc/sysctl.conf
Ah, thanks, this is good to know.
> OS X is configured by default with these numbers way too low. OS X
> has some really dumb processes like AFP that will chew through all
> of your open files and not cope cleanly with running out of
> allowable/available filehandles.
>
> OS X has a DoS vulnerability in the way ssh processes are spawned
> and the ssh interaction with their PAM modules (it exhibits with
> the symptoms you have described). Have you really got port 22
> blocked from the outside world?? Have you tested that? Consider
> running ssh on an alternate port if running OS X server (as Apple's
> GUI config tools for the firewall don't always allow you to block
> port 22).
I do not have port 22 blocked, and I unfortunately need to use it.
> Do consider running your mail services off a machine that is not a
> Mac OS X server. OS X server is merely OS X client/workstation with
> a pretty management utility for some 'nix services. It is not
> stable under high load -- and it is not even stable under moderate
> load without numerous performance tweaks (it doesn't cope at all
> well if the disk queue goes up a touch or loadavg is at all
> interesting - ie it degrades poorly under load).
I'll keep this in mind.
Thanks again,
Alan
--
Alan Schmitt <http://alan.petitepomme.net/>
The hacker: someone who figured things out and made something cool
happen.
.O.
..O
OOO
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20060524/dbde6910/PGP.pgp
More information about the dovecot
mailing list