Webmail accessive Dovecot logins

David Mehler dave.mehler at gmail.com
Fri Oct 30 01:28:35 UTC 2015 

Hello,

I've seen this issue before, running a imap/smtp/database server on
localhost and adding in a webmail interface, in this case Roundcube.

In my maillog I'm seeing accessive Dovecot connections and logouts
just from my own transaction of logging in, going to compose a
message, sending, and logging out.

I'm using Mysql as database backend and was wondering if there was
something I could do to cut down on the amount of connections needed?

I'm running 2.2.19 on a FreeBSD 10.2 system.

I'm not sure what other information to provide, here's the relevant
log and a doveconf -n.

Second question, in the doveconf -n there's reference to my ssl_cipher
am I  using current tls ciphers that support pfs?

Thanks.
Dave.
Oct 29 20:51:21 server dovecot: imap-login: Login: user=<xxx>,
method=PLAIN, rip=::1, lip=::1, mpid=71405, secured,
session=<6Px600cja6cAAAAAAAAAAAAAAAAAAAAB>
Oct 29 20:51:21 server dovecot: imap(xxx): Disconnected: Logged out
in=82 out=763
Oct 29 20:51:22 server dovecot: imap-login: Login: user=<xxx>,
method=PLAIN, rip=::1, lip=::1, mpid=72189, secured,
session=<c8eL00cjxXYAAAAAAAAAAAAAAAAAAAAB>
Oct 29 20:51:22 server dovecot: imap(xxx): Disconnected: Logged out
in=70 out=932
Oct 29 20:51:29 server dovecot: imap-login: Login: user=<xxx>,
method=PLAIN, rip=::1, lip=::1, mpid=74281, secured,
session=<AQz100cj378AAAAAAAAAAAAAAAAAAAAB>
Oct 29 20:51:29 server dovecot: imap-login: Login: user=<xxx>,
method=PLAIN, rip=::1, lip=::1, mpid=74927, secured,
session=<fH3100cjQ5AAAAAAAAAAAAAAAAAAAAAB>
Oct 29 20:51:29 server dovecot: imap(xxx): Disconnected: Logged out
in=439 out=1702
Oct 29 20:51:29 server dovecot: imap(xxx): Disconnected: Logged out
in=326 out=24327
Oct 29 20:51:45 server dovecot: imap-login: Login: user=<xxx>,
method=PLAIN, rip=::1, lip=::1, mpid=75557, secured,
session=<3tjm1EcjsjUAAAAAAAAAAAAAAAAAAAAB>
Oct 29 20:51:45 server dovecot: imap(xxx): Disconnected: Logged out
in=32 out=521
Oct 29 20:51:46 server dovecot: imap-login: Login: user=<xxx>,
method=PLAIN, rip=::1, lip=::1, mpid=77051, secured,
session=<N6311EcjlbQAAAAAAAAAAAAAAAAAAAAB>
Oct 29 20:51:46 server dovecot: imap(xxx): Disconnected: Logged out
in=44 out=799


doveconf -n
# 2.2.19: /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.9 (357ac0a0e68b+)
# OS: FreeBSD 10.2-RELEASE amd64  ufs
auth_default_realm = domain.com
auth_mechanisms = plain login
dict {
  sqlquota = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
}
first_valid_gid = 999
first_valid_uid = 999
hostname = xxx at domain.com
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
last_valid_gid = 999
last_valid_uid = 999
lmtp_rcpt_check_quota = yes
mail_gid = vmail
mail_home = /home/vmail/%d/%n/home
mail_location = maildir:/home/vmail/%d/%n:LAYOUT=fs
mail_plugins = acl quota zlib
mail_server_admin = mailto:postmaster at domain.com
mail_uid = vmail
mailbox_list_index = yes
maildir_broken_filename_sizes = yes
maildir_empty_new = yes
maildir_stat_dirs = yes
maildir_very_dirty_syncs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate
namespace {
  list = yes
  location = maildir:/home/vmail/public:LAYOUT=fs
  prefix = public/
  separator = /
  subscriptions = yes
  type = public
}
namespace inbox {
  hidden = no
  inbox = yes
  list = yes
  location =
  mailbox Drafts {
    auto = subscribe
    special_use = \Drafts
  }
  mailbox Sent {
    auto = subscribe
    special_use = \Sent
  }
  mailbox Spam {
    auto = subscribe
    special_use = \Junk
  }
  mailbox Trash {
    auto = subscribe
    special_use = \Trash
  }
  prefix =
  separator = /
  subscriptions = yes
  type = private
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  quota = dict:User quota::proxy::sqlquota
  quota_grace = 10%%
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full
  quota_status_success = DUNNO
  sieve_default = /home/vmail/conf.d/domain.com/sieve/default.sieve
}
postmaster_address = postmaster at domain.com
protocols = imap
service auth {
  unix_listener /var/spool/postfix/private/auth {
    mode = 0666
  }
  unix_listener auth-userdb {
    mode = 0600
    user = vmail
  }
}
service dict {
  unix_listener dict {
    mode = 0600
    user = vmail
  }
}
service imap-login {
  inet_listener imap {
    address =
  }
  inet_listener imaps {
    ssl = yes
  }
}
service lmtp {
  unix_listener dovecot-lmtp {
    group = postfix
    mode = 0660
    user = postfix
  }
}
service quota-status {
  client_limit = 1
  executable = quota-status -p postfix
  inet_listener {
    address = 127.0.0.1
    port = 12345
  }
}
ssl = required
ssl_cert = </etc/ssl/certs/server.crt
ssl_cipher_list = ALL:!LOW:!SSLv3:!SSLv2:!EXP:!aNULL
ssl_dh_parameters_length = 4096
ssl_key = </etc/ssl/private/server.key
ssl_protocols = TLSv1 !SSLv3 !SSLv2
userdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
protocol lmtp {
  mail_plugins = acl quota zlib sieve
}
protocol lda {
  mail_plugins = acl quota zlib quota sieve
}
protocol imap {
  mail_plugins = acl quota zlib imap_acl imap_quota imap_zlib
}

More information about the dovecot mailing list