Hi,
in recent weeks I have notice a sudden increase in the load average of our Dovecot (2.2.19) IMAP/POP servers (and consequently in the NFS storage).
After an investigation I found some dovecot/imap processes in D state and running UID FETCH or UID SORT from Webmail (Roundcube) without that user was actually more connected to webmail. Some minutes after the dovecot/imap processes stop to run FETCH/SORT but in "ps aux" I can still see it.
If the user try to login in Webmail again the same process start again to run FETCH/SORT (and it consumes a lot of I/O resources) but the webmail does not load any message and return a "FETCH 1: UID INTERNALDATE BODY.PEEK ..." error.
The only way to restore the webmail access is to kill the related dovecot/imap process (or with doveadm kick username).
I noticed that these processes in D state had started many hours before.
Example, now are 17:30 (important, see the time of the dovecot/imap processes) the user alessio@skye try to login in webmail without success and close the webmail, processes are still running:
# doveadm who | grep alessio@skye username # proto (pids) (ips) alessio@skye 3 imap (10440 4624) (192.168.5.215)
# ps aux | grep SORT vmail 4624 0.0 0.0 108792 16048 ? D 13:32 0:01 dovecot/imap [alessio@skye 192.168.5.215 UID SORT] vmail 10440 0.0 0.1 108520 17832 ? D 12:32 0:02 dovecot/imap [alessio@skye 192.168.5.215 UID SORT]
# doveadm kick alessio@skye kicked connections from the following users: alessio@skye
Processes are now died, and user can login in Webmail easily.
Can be a "reusing processes" issue since I have set service_count=100 for imap and pop3 services or there may be other problems related to my configuration?
Thanks
my configuration:
# 2.2.19.1 (16dc61d3dab3): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.9 (5d26f470efe6) # OS: Linux 2.6.32-573.12.1.el6.x86_64 x86_64 CentOS release 6.7 (Final) auth_cache_negative_ttl = 5 mins auth_cache_size = 10 M auth_cache_ttl = 20 mins auth_master_user_separator = * auth_worker_max_count = 50 deliver_log_format = msgid=%m, from=%f, subject="%s": %$ dict { acl = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext expire = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext sqlquota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no first_valid_gid = 89 first_valid_uid = 89 imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags imap_idle_notify_interval = 29 mins imap_logout_format = in=%i out=%o session=<%{session}> last_valid_gid = 89 last_valid_uid = 89 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = 10.96.3.156 login_trusted_networks = 192.168.5.0/24 mail_fsync = always mail_location = maildir:~/Maildir mail_plugins = quota acl expire fts fts_solr zlib maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate vnd.dovecot.duplicate mmap_disable = yes namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%n/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = / } passdb { args = /etc/dovecot/dovecot-deny-sql.conf.ext deny = yes driver = sql } passdb { args = /etc/dovecot/extra/master-users driver = passwd-file master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { acl = vfile acl_shared_dict = proxy::acl antispam_backend = mailtrain antispam_mail_notspam = --ham antispam_mail_sendmail = /usr/bin/sa-learn antispam_mail_spam = --spam antispam_spam = Spam antispam_trash = Trash expire = Trash expire2 = Spam expire_dict = proxy::expire fts = solr fts_solr = url=http://10.0.0.5:8983/solr/ quota = maildir:UserQuota quota2 = dict:Quota Usage::noenforcing:proxy::sqlquota quota_grace = 10M quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_before = /etc/dovecot/sieve/before.sieve sieve_dir = ~/sieve sieve_extensions = +vnd.dovecot.duplicate -vacation zlib_save = gz zlib_save_level = 6 } pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s, bytes=%i/%o, session=<%{session}> protocols = imap pop3 sieve sendmail_path = /bin/sendmail service auth { client_limit = 6524 unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } } service dict { process_limit = 500 unix_listener dict { group = vmail mode = 0660 user = vmail } } service imap-login { process_min_avail = 4 service_count = 0 } service imap-postlogin { executable = script-login /etc/dovecot/imap-postlogin.sh unix_listener imap-postlogin { group = vmail mode = 0660 user = vmail } user = vmail } service imap { executable = imap imap-postlogin process_limit = 5000 service_count = 100 vsz_limit = 384 M } service managesieve-login { inet_listener sieve { port = 4190 } } service pop3-login { process_min_avail = 4 service_count = 0 } service pop3-postlogin { executable = script-login /etc/dovecot/pop3-postlogin.sh unix_listener pop3-postlogin { group = vmail mode = 0660 user = vmail } user = vmail } service pop3 { executable = pop3 pop3-postlogin process_limit = 1024 service_count = 100 } service quota-warning { executable = script /etc/dovecot/quota-warning.sh unix_listener quota-warning { user = vmail } user = vmail } service stats { fifo_listener stats-mail { group = vmail mode = 0660 user = vmail } } ssl_cert =
-- Alessio Cecchi Postmaster @ http://www.qboxmail.it https://www.linkedin.com/in/alessice