Occasional service disruptions
Paul Kudla (SCOM.CA Internet Services Inc.)
paul at scom.ca
Wed Jun 8 09:18:42 UTC 2022
ok i do NOT use roundcube however trying to help
regarding :
> Jun 06 12:01:22 imap(user1)<29639><Vr0atcPg5M3BXBCl>: Warning: Inotify
> instance limit for user 500 (UID vmail) exceeded, disabling. Increase
> /proc/sys/fs/inotify/max_user_instances
this to me indicates that all users are logging in under one user name /
process at least according to dovecot?
usually when an imap connection is started it starts its own pid per
mailbox opened process (at least for me it does)
both dovecot & cyrus work this way
number of simitanulus connections is usually handled by the client
(thunderbird, outlook whatever)
roundcube would be considered a client thus the overflow in connections
if it is opening everthing under one connection / user
it gets complicated but i would start by checking if different users are
actually being logged in
if so then try closing the connection via roundqube and see if the
connection drops off on the dovecot server.
# dovecot.who
username # proto (pids) (ips)
epower at scom.ca 4 imap (20263 74767 74743 75194) (174.114.171.16)
installers at tomkudla.ca 7 imap (28281 28280 69830 69832 69834 69836
69838) (167.94.196.10)
ditchburn at scom.ca 1 imap (41136) (65.39.148.2)
reception at clancyca.com 1 imap (41133) (65.39.148.2)
ed at scom.ca 4 imap (36344 25879 89306 89308) (204.237.48.37)
rcooke at tnky.ca 6 imap (91131 23791 8700 16087 91176 91179)
(172.97.128.227)
carol at scom.ca 1 imap (88120) (216.58.34.142)
paul at scom.ca 1 imap (36202) (69.60.225.80)
ditchburn at clancyca.com 1 imap (40942) (65.39.148.2)
the max_user_instances is meant to control how many connections per user
thus 500 is way more for multiple clients per user to log in with
i have several customers (like myself) that open connections from
multiple locations without issues.
is it possible that roundcube is opening the same user multiple times
and not closing the connection after a while?
I get the above logged in list above from
doveadm mailbox status -t all -u $1 '*'
something to consider.
Happy Wednesday !!!
Thanks - paul
Paul Kudla
Scom.ca Internet Services <http://www.scom.ca>
004-1009 Byron Street South
Whitby, Ontario - Canada
L1N 4S3
Toronto 416.642.7266
Main 1.866.411.7266
Fax 1.888.892.7266
Email paul at scom.ca
On 6/6/2022 11:38 AM, Nikolaos Milas wrote:
>
> Hello,
>
> On a server with (Postfix and) Dovecot 2.3.18 (on a VM running CentOS 7
> - 1 CPU, 5 GB RAM) with the config you will see below, we are facing
> occasional (infrequent) service disruptions: IMAP service seems
> unavailable to some users.
>
> Jun 6 12:01:25 vweb2 roundcube: <1eecb0d4> IMAP Error: Login failed for
> imaptester against vmail2.noa.gr from 195.251.202.xxx. Could not connect
> to ssl://vmail2.noa.gr:993: Connection rejected in
> /var/webs/webmail/rcube/program/lib/Roundcube/rcube_imap.php on line 211
> (POST /?_task=login&_action=login)
>
> At that time there was no associated logged event in dovecot log. (Other
> users are logging in and out.)
>
> However, I see some warnings (I list the two of them closest to the
> above event):
>
> Jun 06 12:01:22 imap(user1)<29639><Vr0atcPg5M3BXBCl>: Warning: Inotify
> instance limit for user 500 (UID vmail) exceeded, disabling. Increase
> /proc/sys/fs/inotify/max_user_instances
> ...
> Jun 06 12:01:26 imap(user2)<29793><rZuSt8PgztoKyVSG>: Warning: Inotify
> instance limit for user 500 (UID vmail) exceeded, disabling. Increase
> /proc/sys/fs/inotify/max_user_instances
>
> (In above log excerpts I've only modified real usernames.)
>
> Restarting Dovecot returns things back to normal.
>
> I have tried to use "service_count = 100" in all configured services, to
> see how it goes.
>
> Most of the config is inherited from the past (older versions) and is
> not optimized. For example one can observe different "process_limit"
> values for different services, for no apparent reason I am aware of.
>
> Could anyone suggest changes and/or additions to the OS and/or Dovecot
> to resolve this issue?
>
> Any additional suggestions will also be welcome.
>
> Thanks in advance for your kind assistance.
>
> Here is the config (I've only changed postmaster address):
>
> =======================================================================
>
> protocols = imap pop3 sieve lmtp
>
> login_greeting = Dovecot NOA ICXC-NIKA
>
> log_path = /var/log/dove.log
>
> mail_location = maildir:~/Maildir/
>
> mail_gid = 500
> mail_uid = 500
>
> auth_mechanisms = plain login
> auth_username_format = %Ln
>
> auth_verbose = no
> auth_debug = no
> mail_debug = no
>
> disable_plaintext_auth = no
>
> mail_plugins = quota mail_log notify
>
> protocol imap {
> imap_client_workarounds = "delay-newmail"
> mail_plugins = quota imap_quota mail_log notify
> mail_max_userip_connections = 400
>
> namespace inbox {
> mailbox Trash {
> autoexpunge = 15d
> }
> }
> }
>
> protocol pop3 {
> mail_max_userip_connections = 3
> mail_plugins = quota notify
> pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
> pop3_uidl_format = %08Xu%08Xv
>
> namespace inbox {
> mailbox Trash {
> autoexpunge = 15d
> }
> }
> }
>
> protocol lda {
> auth_socket_path = /var/run/dovecot/auth-master
> mail_plugins = quota notify sieve
> postmaster_address = xxxxxxxxx at noa.gr
> sendmail_path = /usr/lib/sendmail
> }
>
> protocol lmtp {
> auth_socket_path = /var/run/dovecot/auth-master
> postmaster_address = xxxxxxxxx at noa.gr
> mail_plugins = quota notify sieve
> sendmail_path = /usr/lib/sendmail
> }
>
> protocol sieve {
> managesieve_max_line_length = 65536
> mail_max_userip_connections = 10
> managesieve_logout_format = bytes=%i/%o
>
> managesieve_max_compile_errors = 10
> }
>
> userdb {
> args = /etc/dovecot/dovecot-usrdb-ldap.conf
> driver = ldap
> }
>
> passdb {
> args = /etc/dovecot/dovecot-passdb-ldap.conf
> driver = ldap
> }
>
> plugin {
> mail_log_events = delete undelete expunge copy mailbox_delete
> mailbox_rename flag_change save mailbox_create
> mail_log_fields = uid box msgid size flags vsize from subject
>
> quota = maildir:User quota
> quota_rule = *:storage=15G
> quota_rule2 = Trash:storage=+3%%
> quota_warning = storage=75%% quota-warning 75 %u
> quota_warning2 = storage=90%% quota-warning 90 %u
>
> sieve = file:~/sieve;active=~/.dovecot.sieve
> sieve_max_script_size = 0
> sieve_max_actions = 0
> sieve_max_redirects = 2
> }
>
> service quota-warning {
> executable = script /opt/mail1.sh
> user = vmail
> unix_listener quota-warning {
> user = vmail
> }
> }
>
> service auth {
> unix_listener /var/spool/postfix/private/auth {
> group = postfix
> mode = 0660
> user = postfix
> }
> unix_listener auth-master {
> group = vmail
> mode = 0660
> user = vmail
> }
> user = root
> }
>
> service imap-login {
> service_count = 100
> vsz_limit = 64 M
> process_limit = 500
> }
>
> service pop3-login {
> service_count = 100
> vsz_limit = 64 M
> }
>
> service managesieve-login {
> inet_listener sieve {
> port = 4190
> }
>
> service_count = 100
> process_min_avail = 0
> vsz_limit = 64M
> }
>
> service managesieve {
> process_limit = 1024
> }
>
> service imap {
> executable = imap postlogin
> process_limit = 2048
> }
>
> service pop3 {
> executable = pop3 postlogin
> }
>
> service postlogin {
> executable = script-login -d rawlog
> unix_listener postlogin {
> }
> }
>
> service lmtp {
> unix_listener /var/spool/postfix/private/dovecot-lmtp {
> group = postfix
> mode = 0600
> user = postfix
> }
> }
>
> ssl = yes
> ssl_cert = </etc/pki/tls/certs/star_noa_gr-cert-with_CA-rev-754868755.crt
> ssl_key = </etc/pki/tls/private/star_noa_gr-1243437.key
>
> namespace inbox {
>
> separator = .
> prefix =
> inbox = yes
>
> mailbox Drafts {
> special_use = \Drafts
> auto = subscribe
> }
> mailbox Junk {
> special_use = \Junk
> auto = subscribe
> }
> mailbox Trash {
> special_use = \Trash
> auto = subscribe
> }
> mailbox Sent {
> special_use = \Sent
> auto = subscribe
> }
> }
>
> =======================================================================
>
> Nick
>
>
>
More information about the dovecot
mailing list