Hello,
On a server with (Postfix and) Dovecot 2.3.18 (on a VM running CentOS 7
- 1 CPU, 5 GB RAM) with the config you will see below, we are facing occasional (infrequent) service disruptions: IMAP service seems unavailable to some users.
Jun 6 12:01:25 vweb2 roundcube: <1eecb0d4> IMAP Error: Login failed for imaptester against vmail2.noa.gr from 195.251.202.xxx. Could not connect to ssl://vmail2.noa.gr:993: Connection rejected in /var/webs/webmail/rcube/program/lib/Roundcube/rcube_imap.php on line 211 (POST /?_task=login&_action=login)
At that time there was no associated logged event in dovecot log. (Other users are logging in and out.)
However, I see some warnings (I list the two of them closest to the above event):
Jun 06 12:01:22 imap(user1)<29639><Vr0atcPg5M3BXBCl>: Warning: Inotify instance limit for user 500 (UID vmail) exceeded, disabling. Increase /proc/sys/fs/inotify/max_user_instances ... Jun 06 12:01:26 imap(user2)<29793><rZuSt8PgztoKyVSG>: Warning: Inotify instance limit for user 500 (UID vmail) exceeded, disabling. Increase /proc/sys/fs/inotify/max_user_instances
(In above log excerpts I've only modified real usernames.)
Restarting Dovecot returns things back to normal.
I have tried to use "service_count = 100" in all configured services, to see how it goes.
Most of the config is inherited from the past (older versions) and is not optimized. For example one can observe different "process_limit" values for different services, for no apparent reason I am aware of.
Could anyone suggest changes and/or additions to the OS and/or Dovecot to resolve this issue?
Any additional suggestions will also be welcome.
Thanks in advance for your kind assistance.
Here is the config (I've only changed postmaster address):
=======================================================================
protocols = imap pop3 sieve lmtp
login_greeting = Dovecot NOA ICXC-NIKA
log_path = /var/log/dove.log
mail_location = maildir:~/Maildir/
mail_gid = 500 mail_uid = 500
auth_mechanisms = plain login auth_username_format = %Ln
auth_verbose = no auth_debug = no mail_debug = no
disable_plaintext_auth = no
mail_plugins = quota mail_log notify
protocol imap { imap_client_workarounds = "delay-newmail" mail_plugins = quota imap_quota mail_log notify mail_max_userip_connections = 400
namespace inbox { mailbox Trash { autoexpunge = 15d } } }
protocol pop3 { mail_max_userip_connections = 3 mail_plugins = quota notify pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_uidl_format = %08Xu%08Xv
namespace inbox { mailbox Trash { autoexpunge = 15d } } }
protocol lda { auth_socket_path = /var/run/dovecot/auth-master mail_plugins = quota notify sieve postmaster_address = xxxxxxxxx@noa.gr sendmail_path = /usr/lib/sendmail }
protocol lmtp { auth_socket_path = /var/run/dovecot/auth-master postmaster_address = xxxxxxxxx@noa.gr mail_plugins = quota notify sieve sendmail_path = /usr/lib/sendmail }
protocol sieve { managesieve_max_line_length = 65536 mail_max_userip_connections = 10 managesieve_logout_format = bytes=%i/%o
managesieve_max_compile_errors = 10 }
userdb { args = /etc/dovecot/dovecot-usrdb-ldap.conf driver = ldap }
passdb { args = /etc/dovecot/dovecot-passdb-ldap.conf driver = ldap }
plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename flag_change save mailbox_create mail_log_fields = uid box msgid size flags vsize from subject
quota = maildir:User quota quota_rule = *:storage=15G quota_rule2 = Trash:storage=+3%% quota_warning = storage=75%% quota-warning 75 %u quota_warning2 = storage=90%% quota-warning 90 %u
sieve = file:~/sieve;active=~/.dovecot.sieve sieve_max_script_size = 0 sieve_max_actions = 0 sieve_max_redirects = 2 }
service quota-warning { executable = script /opt/mail1.sh user = vmail unix_listener quota-warning { user = vmail } }
service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { group = vmail mode = 0660 user = vmail } user = root }
service imap-login { service_count = 100 vsz_limit = 64 M process_limit = 500 }
service pop3-login { service_count = 100 vsz_limit = 64 M }
service managesieve-login { inet_listener sieve { port = 4190 }
service_count = 100 process_min_avail = 0 vsz_limit = 64M }
service managesieve { process_limit = 1024 }
service imap { executable = imap postlogin process_limit = 2048 }
service pop3 { executable = pop3 postlogin }
service postlogin { executable = script-login -d rawlog unix_listener postlogin { } }
service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } }
ssl = yes ssl_cert = </etc/pki/tls/certs/star_noa_gr-cert-with_CA-rev-754868755.crt ssl_key = </etc/pki/tls/private/star_noa_gr-1243437.key
namespace inbox {
separator = . prefix = inbox = yes
mailbox Drafts { special_use = \Drafts auto = subscribe } mailbox Junk { special_use = \Junk auto = subscribe } mailbox Trash { special_use = \Trash auto = subscribe } mailbox Sent { special_use = \Sent auto = subscribe } }
=======================================================================
Nick