On Sat, 2013-04-06 at 01:09 -0700, David Benfell wrote:
Are your certificate chains valid? Simply saying "isn't working" is almost a requirement for a *sigh* log output please, or a better description than "isn't working" ;)
Yes, the certificate chains were screwed up. And you hit the nail on the head when you pointed to chains. It's a StartSSL cert and I've had trouble getting this straight from the beginning.
no problems, it's the main culprit for most SSL issues
Thanks!
Now if we can sort out how to set the client and process limits. I changed the settings like thus:
default_process_limit = 1024 default_client_limit = 4096
I see Harald has explained this already (I dont use high performance mode, I prefer security, but you wont notice any performance hit anyway, we never have)
But if you can't see yourself with that many concurrent users, remove them and stick with defaults, unless you do need to increase them, wich you'll soon learn from your users, worry about it then.
The truth is, I can't imagine having 4096 clients. I mean, it's true, I like my toys, but.....
When you see this, just set a ulimit in dovecots startup script
#!/bin/sh # rc.dovecot # Start/stop/restart dovecot. ulimit -n 8192
...dovecot stuff...
Cheers