Let me make myself clearer.
Dovecot opens a postgres connection, Dovecot sends a SELECT query using the connection, The response can be
a) One or more rows of data b) Zero rows of data (eg if the username doesn't exist) c) An error response (eg if the query contains a syntax error)
If a) or b) happens, then dovecot accepts or denies the user, and closes the connection. If c) happens, dovecot denies the user, but leaves the connection open (stuck). Next time someone tries to log on dovecot opens a new connection. This leads to a gradual buildup of connections until the limit is reached and stuff breaks.
In my situation, the query was sometimes failing because the data sent was the wrong type (a string, when it should have been an integer - my fault).
Hope that makes sense now. I think dovecot needs a line of code inserted to check whether the query failed, and if it did, log the error, and close the connection gracefully.
Cheers, Dan
On Wed, 09 Dec 2009 15:24:45 -0500, Timo Sirainen <tss@iki.fi> wrote:
On Sun, 2009-11-29 at 06:00 +0000, Daniel Howard wrote:
In these cases, Dovecot would still fall back to PAM authentication, and the user would log in, but the postgres connection would remain stuck. Gradually the number of connections would increase until postgres failed.
This sounds weird. You mean if password_query doesn't return any results Dovecot somehow completely hangs/leaks a PostgreSQL connection and creates a new one? Did it log any errors?