Bruce Bodger wrote:
On Jun 8, 2009, at 4:17 PM, Scott Haneda wrote:
Thanks, I have been looking at those adjustments. My concern, is that if Dovecot uses a process per imap or pop connection, 2048 is not nearly enough for any significant email system.
There are several parameters in dovecot.conf that can be adjusted to prevent the problem that you're concerned about...
# Should each login be processed in it's own process (yes), or should one # login process be allowed to process multiple connections (no)? Yes is more # secure, espcially with SSL/TLS enabled. No is faster since there's no need # to create processes all the time. login_process_per_connection = no
# Maximum number of login processes to create. The listening process count # usually stays at login_processes_count, but when multiple users start logging # in at the same time more extra processes are created. To prevent fork-bombing # we check only once in a second if new processes should be created - if all # of them are used at the time, we double their amount until the limit set by # this setting is reached. login_max_processes_count = 128
This only partly addresses the concern.
There will still be a process per IMAP or POP connection once the connection is logged in. I believe those settings only control what happens until a successful authentication.
David