[Dovecot] log message about client_limit may in fact be due to ulimit

Christoph Bußenius busseniu at in.tum.de
Tue Feb 14 17:04:25 EET 2012


our Dovecot proxy started logging about reaching the client_limit once 
there were about 1000 connections running over it:

Feb 14 15:22:02 vmmailproxy1 dovecot: master: Warning: service(anvil): 
client_limit (100000) reached, client connections are being dropped
Feb 14 15:22:18 vmmailproxy1 dovecot: master: Warning: service(ipc): 
client_limit (100000) reached, client connections are being dropped

I was a bit perplexed because 100.000 is far above 1000.  However we 
found out that in fact the problem was the number of open files, and we 
have fixed it by putting 'ulimit -n 6000' into the init script.

Even though the log claims that connections would be dropped, the number 
of imap-login processes kept rising above 1000.  The "doveadm proxy 
list" would fail with an error message:

$ sudo doveadm proxy list
doveadm(root): Error: LIST failed: Disconnected
Segmentation fault

The segfault did not happen every time I tried it.  I'm sorry I don't 
have any core dumps or backtraces, because I was more concerned about 
putting the proxy into a sane state.  Maybe I can reproduce this on a 
test server if you would like a back trace.

Anyway, I suggest changing the log message if the failure is not 
actually due to the client_limit.

# 2.0.18: /etc/ports/dovecot/dovecot.conf
# OS: Linux 2.6.32-38-server x86_64 Ubuntu 10.04.2 LTS
auth_username_format = %n
default_client_limit = 60000
default_process_limit = 10000
disable_plaintext_auth = no
mail_location = maildir:/nonexistent
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date ihave
passdb {
   args = /etc/ports/dovecot/passwd
   driver = passwd-file
protocols = imap pop3 lmtp sieve
service anvil {
   client_limit = 100000
service auth {
   client_limit = 60000
service ipc {
   client_limit = 100000
service managesieve-login {
   inet_listener sieve {
     port = 4190
   inet_listener sieve_deprecated {
     port = 2000
shutdown_clients = no
ssl_cert = </etc/ssl/certs/mailproxy+chain.pem
ssl_key = </etc/ssl/private/mailproxy.key
syslog_facility = local6
verbose_proctitle = yes
protocol imap {

The passwd file has all entries looking like this:
login:::::::proxy=y host=backend1 nopassword=yes

Christoph Bußenius
Rechnerbetriebsgruppe der Fakultäten Informatik und Mathematik
Technische Universität München
+49 89-289-18519 <> Raum 00.05.055 <> Boltzmannstr. 3 <> Garching

More information about the dovecot mailing list