In our low-traffic server we have always kept the default value for IMAP mail_max_userip_connections (10).
The server has been working fine! (Thank you Timo for this!)
However, recently we have been having:
Maximum number of connections from user+IP exceeded
errors both for IMAP and webmail users.
Thus, we have now changed the value to 100.
The questions:
1.Might this lead to overloading the server? 2. Could another dovecot setting prevent the above setting from being applied (e.g. due to connections exhaustion), i.e. should we also change other setting(s)? 3. What should we take into account when deciding the value for mail_max_userip_connections?
It depends on how many users you have, the number of simultaneous clients they use, and the #connections each client opens. Potentially, you could exhaust connection limits -- they usually don't max out memory or CPU or disk since most of the connections are idle. (There is a new IDLE hibernate feature that might help to minimize memory use by idle imap worker processes.)
I haven't found a value that gets rid of users running into connection limits. If I set it to n, the next day someone will choke on n+1. This is a snapshot connections (count : #connections) which shows the typical decay:
25 1
14 2
14 3
7 4
9 5
1 6
2 7
1 8
1 10
Occasionally, some user's connection demand will spike and exceed the limit because
- they started yat another client
- they started global operation like searching
- they're using a network that support roaming IP
(I've tracked some users across the city on their bus ride.)
Pragmatically, I set it high enough so that it meets the need of most clients, then deal with problems on a case by case basis (e.g. get them to lower their mail client's idle connection setting, or asking them to reduce the number of active clients by logging out). It also prevents what this setting was designed for: connection starvation by busy/buggy clients. Usually, hitting the limit doesn't produce problems as mail clients are smart enough to close idle connections or reuse them.
If you only got a dozen users, setting it to 100 is feasible. If you got 1000 users, probably not.
- How can we set a different value to this directive for webmail connections (coming from 127.0.0.1, ::1)?
I don't know if there is another method, but at the very least, you can start another dovecot instance with another config file that does specific things for 127.0.0.1.
Joseph Tam <jtam.home@gmail.com>