On Aug 14, 2008, at 2:38 PM, Giorgenes Gelatti wrote:
I've been studying dovecot for replacing my company's current system and I got a little worried about an aspect of the dovecot's design. I was surprised that dovecot doesn't use prefork for its mail processes, forking a new processes for each new client connection.
Login processes are preforked and they can also be configured to keep
reusing existing processes. But yes, post-login imap/pop3 processes
aren't preforked because it would require a larger redesign of the
master process. Which is actually what I have been planning on doing
for v2.0 for a long time now.
But there are even some theoretical problems with preforking. For
example the most secure way to set up your users is to use a different
UNIX UID for each user. So for preforking that means your preforked
processes must run as root until they receive the information about
which UID they need to run as. And the code running as root should be
minimized..