Am 07.04.2013 12:36, schrieb David Benfell:
On 04/07/2013 03:15 AM, Reindl Harald wrote:
Am 06.04.2013 10:09, schrieb David Benfell:
So I changed it again:
default_process_limit = 128 default_client_limit = 512
And now it seems to be fine. But I'm mystified because what you say is the case on your system, that is, that the process limit needs to be greater than the client limit, is what I would expect: wouldn't each client require at least one process?
no, 512x128 = 65536 connections each process can serve default_client_limit clients
Thanks a million! I had no idea that was how it worked. I would think that 65536 would be enough. ;-)
http://wiki2.dovecot.org/LoginProcess
High-performance mode: It works by using a number of long running login processes, each handling a number of connections. This loses much of the security benefits of the login process design, because in case of a security hole (in Dovecot or SSL library) the attacker is now able to see other users logging in and steal their passwords, read their mails, etc.
Default client_limit * process_limit = 1000*100 = 100k connections
vsz_limit should be increased to avoid out of memory errors, especially if you're using SSL/TLS.