max number of connections per ip
I have been haunted by the following error message or months, that we see using Thunderbird.
Unable to connect to your IMAP server.
You may have exceeded the maximum number of connections to this server. If so, use the Advanced IMAP Server Settings dialogue to reduce the number of cached connections.
If I change my location, via a VPN, the error message goes away and I can connect.
I have edited my /etc/dovcot/conf.d/20-imap.conf file by adding the following:
protocol imap { # Space separated list of plugins to load (default is global mail_plugins). mail_plugins = $mail_plugins imap_quota
# Maximum number of IMAP connections allowed for a user from each IP address. # NOTE: The username is compared case-sensitively. mail_max_userip_connections = 500 }
And, I still get the error message. I know myself, I have about 8-9 accounts, some with as many as 10 folders (I know each one count's as it's own mailbox), as does my partner--who would access the internet from my IP.
Does that number really have to be like 10,000, or something? If so, why does it start out so small in the first place. If not, what else could I do to avoid this message going forward??
I have tried a lot of different things, still no success. =(
here is my dove -n if anyone could help that would be great:
# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.16 (fed8554) # OS: Linux 4.9.0-12-amd64 x86_64 Debian 9.12 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_verbose = yes auth_verbose_passwords = yes mail_home = /var/mail/vmail/%d/%n mail_location = maildir:~/Mail mail_max_userip_connections = 500 mail_plugins = " quota" mail_privileged_group = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Archive { auto = subscribe special_use = \Archive } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir:User quota quota_grace = 10%% quota_rule = *:storage=10G quota_rule2 = Trash:storage=+1G quota_status_overquota = 552 5.2.2 Mailbox is full quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_after = /etc/dovecot/sieve/spamfilter.sieve sieve_dir = ~/sieve } protocols = " imap lmtp sieve" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service imap-login { inet_listener imaps { port = 993 ssl = yes } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_cert =
On 27.02.20 18:54, Esteban L wrote:
I have been haunted by the following error message or months, that we see using Thunderbird.
Unable to connect to your IMAP server.
You may have exceeded the maximum number of connections to this server. If so, use the Advanced IMAP Server Settings dialogue to reduce the number of cached connections.
If I change my location, via a VPN, the error message goes away and I can connect.
I have edited my /etc/dovcot/conf.d/20-imap.conf file by adding the following:
protocol imap { # Space separated list of plugins to load (default is global mail_plugins). mail_plugins = $mail_plugins imap_quota
# Maximum number of IMAP connections allowed for a user from each IP address. # NOTE: The username is compared case-sensitively. mail_max_userip_connections = 500 }
And, I still get the error message. I know myself, I have about 8-9 accounts, some with as many as 10 folders (I know each one count's as it's own mailbox), as does my partner--who would access the internet from my IP.
Does that number really have to be like 10,000, or something? If so, why does it start out so small in the first place. If not, what else could I do to avoid this message going forward??
It's not behind a proxy (unless the router is acting as a proxy?). Could it be that my router is doing some Hairpin NAT tomfoolery? The router is generic, so I run into that from time to time with my webserver.
I tried doveadm who, but didn't see anything too peculiar. There is the expect half dozen or so users on common IPs.
On 27.02.20 21:49, Aki Tuomi wrote:
Is your server behind proxy maybe? Can you see in logs that you get different IPs?
Maybe check with
doveadm whohow many connections you have?Aki
On 27/02/2020 22:44 Esteban L < esteban@little-beak.com mailto:esteban@little-beak.com> wrote:
I have tried a lot of different things, still no success. =(
here is my dove -n if anyone could help that would be great:
# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.16 (fed8554) # OS: Linux 4.9.0-12-amd64 x86_64 Debian 9.12 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_verbose = yes auth_verbose_passwords = yes mail_home = /var/mail/vmail/%d/%n mail_location = maildir:~/Mail mail_max_userip_connections = 500 mail_plugins = " quota" mail_privileged_group = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Archive { auto = subscribe special_use = \Archive } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir:User quota quota_grace = 10%% quota_rule = *:storage=10G quota_rule2 = Trash:storage=+1G quota_status_overquota = 552 5.2.2 Mailbox is full quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_after = /etc/dovecot/sieve/spamfilter.sieve sieve_dir = ~/sieve } protocols = " imap lmtp sieve" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service imap-login { inet_listener imaps { port = 993 ssl = yes } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_cert = mailto:*****@little-beak.com } protocol lda { mail_plugins = " quota sieve" } protocol imap { mail_max_userip_connections = 500 mail_plugins = " quota imap_quota" } protocol sieve { mail_max_userip_connections = 500 }
On 27.02.20 18:54, Esteban L wrote:
I have been haunted by the following error message or months, that we see using Thunderbird. Unable to connect to your IMAP server. You may have exceeded the maximum number of connections to this server. If so, use the Advanced IMAP Server Settings dialogue to reduce the number of cached connections. If I change my location, via a VPN, the error message goes away and I can connect. I have edited my /etc/dovcot/conf.d/20-imap.conf file by adding the following:
protocol imap { # Space separated list of plugins to load (default is global mail_plugins). mail_plugins = $mail_plugins imap_quota # Maximum number of IMAP connections allowed for a user from each IP address. # NOTE: The username is compared case-sensitively. mail_max_userip_connections = 500 }
And, I still get the error message. I know myself, I have about 8-9 accounts, some with as many as 10 folders (I know each one count's as it's own mailbox), as does my partner--who would access the internet from my IP. Does that number really have to be like 10,000, or something? If so, why does it start out so small in the first place. If not, what else could I do to avoid this message going forward??
Aki Tuomi
You can usually see from doveadm who or logs if your router/whatever is doing NAT.
Which would be the reason why 500 connections wouldn't be enough.
Aki
On 27/02/2020 23:21 Esteban L esteban@little-beak.com wrote:
It's not behind a proxy (unless the router is acting as a proxy?). Could it be that my router is doing some Hairpin NAT tomfoolery? The router is generic, so I run into that from time to time with my webserver.
I tried doveadm who, but didn't see anything too peculiar. There is the expect half dozen or so users on common IPs.
On 27.02.20 21:49, Aki Tuomi wrote:
Is your server behind proxy maybe? Can you see in logs that you get different IPs?
Maybe check with
doveadm whohow many connections you have?Aki
On 27/02/2020 22:44 Esteban L < esteban@little-beak.com> wrote:
I have tried a lot of different things, still no success. =(
here is my dove -n if anyone could help that would be great:
# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.16 (fed8554)
# OS: Linux 4.9.0-12-amd64 x86_64 Debian 9.12
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = yes
mail_home = /var/mail/vmail/%d/%n
mail_location = maildir:~/Mail
mail_max_userip_connections = 500
mail_plugins = " quota"
mail_privileged_group = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
inbox = yes
location =
mailbox Archive {
auto = subscribe
special_use = \Archive
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
quota = maildir:User quota
quota_grace = 10%%
quota_rule = *:storage=10G
quota_rule2 = Trash:storage=+1G
quota_status_overquota = 552 5.2.2 Mailbox is full
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
sieve = ~/.dovecot.sieve
sieve_after = /etc/dovecot/sieve/spamfilter.sieve
sieve_dir = ~/sieve
}
protocols = " imap lmtp sieve"
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
}
service imap-login {
inet_listener imaps {
port = 993
ssl = yes
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl = required
ssl_cert =
ssl_key = # hidden, use -P to show it
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocol lmtp {
mail_plugins = " quota sieve"
postmaster_address = *****@little-beak.com
}
protocol lda {
mail_plugins = " quota sieve"
}
protocol imap {
mail_max_userip_connections = 500
mail_plugins = " quota imap_quota"
}
protocol sieve {
mail_max_userip_connections = 500
}
On 27.02.20 18:54, Esteban L wrote:
I have been haunted by the following error message or months, that we
see using Thunderbird.
Unable to connect to your IMAP server.
You may have exceeded the maximum number of connections to this server.
If so, use the Advanced IMAP Server Settings dialogue to reduce the
number of cached connections.
If I change my location, via a VPN, the error message goes away and I
can connect.
I have edited my /etc/dovcot/conf.d/20-imap.conf file by adding the
following:
protocol imap {
# Space separated list of plugins to load (default is global
mail_plugins).
mail_plugins = $mail_plugins imap_quota
# Maximum number of IMAP connections allowed for a user from each IP
address.
# NOTE: The username is compared case-sensitively.
mail_max_userip_connections = 500
}
And, I still get the error message. I know myself, I have about 8-9
accounts, some with as many as 10 folders (I know each one count's as
it's own mailbox), as does my partner--who would access the internet
from my IP.
Does that number really have to be like 10,000, or something? If so, why
does it start out so small in the first place. If not, what else could I
do to avoid this message going forward??
Aki Tuomi
Ok. That is a nice command.
I am able to see connections. It doesn't seem remotely close to 500, though.
If I understand things correctly, dovecot makes connections PER folder, and keeps making more connections via IDLE (I am not entirely sure how idle works, other than it keeps sockets open)?
For example, in my case, I have about a dozen users, which combined equals around 80 folders.
If I am on an IP it is fine.
My partner, also has about a dozen different users, which combined, also has about 70-80 folders.
If we are on the same IP, we can no longer connect.
Is this general understanding ok?
Am I supposed to set the limit like at 10,000? I mean, I am not running anything other than a little private email server for some family and friends. As soon as my partner and I are on the same IP, it just ceases.
I see how if I check the doveadm who, periodically, I will have 2 propagations, and can imagine if my partner is there--yeah it's probably breaking 500.
On 28.02.20 08:05, Aki Tuomi wrote:
You can usually see from doveadm who or logs if your router/whatever is doing NAT.
Which would be the reason why 500 connections wouldn't be enough.
Aki
On 27/02/2020 23:21 Esteban L esteban@little-beak.com wrote:
It's not behind a proxy (unless the router is acting as a proxy?). Could it be that my router is doing some Hairpin NAT tomfoolery? The router is generic, so I run into that from time to time with my webserver.
I tried doveadm who, but didn't see anything too peculiar. There is the expect half dozen or so users on common IPs.
On 27.02.20 21:49, Aki Tuomi wrote:
Is your server behind proxy maybe? Can you see in logs that you get different IPs?
Maybe check with
doveadm whohow many connections you have?Aki
On 27/02/2020 22:44 Esteban L < esteban@little-beak.com> wrote:
I have tried a lot of different things, still no success. =(
here is my dove -n if anyone could help that would be great:
# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.16 (fed8554)
# OS: Linux 4.9.0-12-amd64 x86_64 Debian 9.12
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = yes
mail_home = /var/mail/vmail/%d/%n
mail_location = maildir:~/Mail
mail_max_userip_connections = 500
mail_plugins = " quota"
mail_privileged_group = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
inbox = yes
location =
mailbox Archive {
auto = subscribe
special_use = \Archive
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
quota = maildir:User quota
quota_grace = 10%%
quota_rule = *:storage=10G
quota_rule2 = Trash:storage=+1G
quota_status_overquota = 552 5.2.2 Mailbox is full
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
sieve = ~/.dovecot.sieve
sieve_after = /etc/dovecot/sieve/spamfilter.sieve
sieve_dir = ~/sieve
}
protocols = " imap lmtp sieve"
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
}
service imap-login {
inet_listener imaps {
port = 993
ssl = yes
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl = required
ssl_cert =
ssl_key = # hidden, use -P to show it
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocol lmtp {
mail_plugins = " quota sieve"
postmaster_address = *****@little-beak.com
}
protocol lda {
mail_plugins = " quota sieve"
}
protocol imap {
mail_max_userip_connections = 500
mail_plugins = " quota imap_quota"
}
protocol sieve {
mail_max_userip_connections = 500
}
On 27.02.20 18:54, Esteban L wrote:
I have been haunted by the following error message or months, that we
see using Thunderbird.
Unable to connect to your IMAP server.
You may have exceeded the maximum number of connections to this server.
If so, use the Advanced IMAP Server Settings dialogue to reduce the
number of cached connections.
If I change my location, via a VPN, the error message goes away and I
can connect.
I have edited my /etc/dovcot/conf.d/20-imap.conf file by adding the
following:
protocol imap {
# Space separated list of plugins to load (default is global
mail_plugins).
mail_plugins = $mail_plugins imap_quota
# Maximum number of IMAP connections allowed for a user from each IP
address.
# NOTE: The username is compared case-sensitively.
mail_max_userip_connections = 500
}
And, I still get the error message. I know myself, I have about 8-9
accounts, some with as many as 10 folders (I know each one count's as
it's own mailbox), as does my partner--who would access the internet
from my IP.
Does that number really have to be like 10,000, or something? If so, why
does it start out so small in the first place. If not, what else could I
do to avoid this message going forward??
Aki Tuomi
-- https://www.little-beak.com "Doing what we can."
Here is mine and I have no issue if they client is netted.
Remo
protocol imap { imap_client_workarounds = "delay-newmail" mail_plugins = $mail_plugins imap_quota mail_max_userip_connections = 50 }
On Feb 28, 2020, at 8:21 AM, Esteban L esteban@little-beak.com wrote:
Ok. That is a nice command.
I am able to see connections. It doesn't seem remotely close to 500, though.
If I understand things correctly, dovecot makes connections PER folder, and keeps making more connections via IDLE (I am not entirely sure how idle works, other than it keeps sockets open)?
For example, in my case, I have about a dozen users, which combined equals around 80 folders.
If I am on an IP it is fine.
My partner, also has about a dozen different users, which combined, also has about 70-80 folders.
If we are on the same IP, we can no longer connect.
Is this general understanding ok?
Am I supposed to set the limit like at 10,000? I mean, I am not running anything other than a little private email server for some family and friends. As soon as my partner and I are on the same IP, it just ceases.
I see how if I check the doveadm who, periodically, I will have 2 propagations, and can imagine if my partner is there--yeah it's probably breaking 500.
On 28.02.20 08:05, Aki Tuomi wrote:
You can usually see from doveadm who or logs if your router/whatever is doing NAT.
Which would be the reason why 500 connections wouldn't be enough.
Aki
On 27/02/2020 23:21 Esteban L esteban@little-beak.com wrote:
It's not behind a proxy (unless the router is acting as a proxy?). Could it be that my router is doing some Hairpin NAT tomfoolery? The router is generic, so I run into that from time to time with my webserver.
I tried doveadm who, but didn't see anything too peculiar. There is the expect half dozen or so users on common IPs.
On 27.02.20 21:49, Aki Tuomi wrote:
Is your server behind proxy maybe? Can you see in logs that you get different IPs?
Maybe check with
doveadm whohow many connections you have?Aki
On 27/02/2020 22:44 Esteban L < esteban@little-beak.com> wrote:
I have tried a lot of different things, still no success. =(
here is my dove -n if anyone could help that would be great:
# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.16 (fed8554)
# OS: Linux 4.9.0-12-amd64 x86_64 Debian 9.12
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = yes
mail_home = /var/mail/vmail/%d/%n
mail_location = maildir:~/Mail
mail_max_userip_connections = 500
mail_plugins = " quota"
mail_privileged_group = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
inbox = yes
location =
mailbox Archive {
auto = subscribe
special_use = \Archive
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
quota = maildir:User quota
quota_grace = 10%%
quota_rule = *:storage=10G
quota_rule2 = Trash:storage=+1G
quota_status_overquota = 552 5.2.2 Mailbox is full
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
sieve = ~/.dovecot.sieve
sieve_after = /etc/dovecot/sieve/spamfilter.sieve
sieve_dir = ~/sieve
}
protocols = " imap lmtp sieve"
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
}
service imap-login {
inet_listener imaps {
port = 993
ssl = yes
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl = required
ssl_cert =
ssl_key = # hidden, use -P to show it
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocol lmtp {
mail_plugins = " quota sieve"
postmaster_address = *****@little-beak.com
}
protocol lda {
mail_plugins = " quota sieve"
}
protocol imap {
mail_max_userip_connections = 500
mail_plugins = " quota imap_quota"
}
protocol sieve {
mail_max_userip_connections = 500
}
On 27.02.20 18:54, Esteban L wrote:
I have been haunted by the following error message or months, that we
see using Thunderbird.
Unable to connect to your IMAP server.
You may have exceeded the maximum number of connections to this server.
If so, use the Advanced IMAP Server Settings dialogue to reduce the
number of cached connections.
If I change my location, via a VPN, the error message goes away and I
can connect.
I have edited my /etc/dovcot/conf.d/20-imap.conf file by adding the
following:
protocol imap {
# Space separated list of plugins to load (default is global
mail_plugins).
mail_plugins = $mail_plugins imap_quota
# Maximum number of IMAP connections allowed for a user from each IP
address.
# NOTE: The username is compared case-sensitively.
mail_max_userip_connections = 500
}
And, I still get the error message. I know myself, I have about 8-9
accounts, some with as many as 10 folders (I know each one count's as
it's own mailbox), as does my partner--who would access the internet
from my IP.
Does that number really have to be like 10,000, or something? If so, why
does it start out so small in the first place. If not, what else could I
do to avoid this message going forward??
Aki Tuomi
-- https://www.little-beak.com "Doing what we can."
Interesting, the line:
imap_client_workarounds = "delay-newmail"
I do not have. What does it do? The problem does seem to manifest itself with initial logins.
On 28.02.20 17:28, Remo Mattei wrote:
Here is mine and I have no issue if they client is netted.
Remo
protocol imap { imap_client_workarounds = "delay-newmail" mail_plugins = $mail_plugins imap_quota mail_max_userip_connections = 50 }
On Feb 28, 2020, at 8:21 AM, Esteban L esteban@little-beak.com wrote:
Ok. That is a nice command.
I am able to see connections. It doesn't seem remotely close to 500, though.
If I understand things correctly, dovecot makes connections PER folder, and keeps making more connections via IDLE (I am not entirely sure how idle works, other than it keeps sockets open)?
For example, in my case, I have about a dozen users, which combined equals around 80 folders.
If I am on an IP it is fine.
My partner, also has about a dozen different users, which combined, also has about 70-80 folders.
If we are on the same IP, we can no longer connect.
Is this general understanding ok?
Am I supposed to set the limit like at 10,000? I mean, I am not running anything other than a little private email server for some family and friends. As soon as my partner and I are on the same IP, it just ceases.
I see how if I check the doveadm who, periodically, I will have 2 propagations, and can imagine if my partner is there--yeah it's probably breaking 500.
On 28.02.20 08:05, Aki Tuomi wrote:
You can usually see from doveadm who or logs if your router/whatever is doing NAT.
Which would be the reason why 500 connections wouldn't be enough.
Aki
On 27/02/2020 23:21 Esteban L esteban@little-beak.com wrote:
It's not behind a proxy (unless the router is acting as a proxy?). Could it be that my router is doing some Hairpin NAT tomfoolery? The router is generic, so I run into that from time to time with my webserver.
I tried doveadm who, but didn't see anything too peculiar. There is the expect half dozen or so users on common IPs.
On 27.02.20 21:49, Aki Tuomi wrote:
Is your server behind proxy maybe? Can you see in logs that you get different IPs?
Maybe check with
doveadm whohow many connections you have?Aki
On 27/02/2020 22:44 Esteban L < esteban@little-beak.com> wrote:
I have tried a lot of different things, still no success. =(
here is my dove -n if anyone could help that would be great:
# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.16 (fed8554)
# OS: Linux 4.9.0-12-amd64 x86_64 Debian 9.12
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = yes
mail_home = /var/mail/vmail/%d/%n
mail_location = maildir:~/Mail
mail_max_userip_connections = 500
mail_plugins = " quota"
mail_privileged_group = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
inbox = yes
location =
mailbox Archive {
auto = subscribe
special_use = \Archive
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
quota = maildir:User quota
quota_grace = 10%%
quota_rule = *:storage=10G
quota_rule2 = Trash:storage=+1G
quota_status_overquota = 552 5.2.2 Mailbox is full
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
sieve = ~/.dovecot.sieve
sieve_after = /etc/dovecot/sieve/spamfilter.sieve
sieve_dir = ~/sieve
}
protocols = " imap lmtp sieve"
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
}
service imap-login {
inet_listener imaps {
port = 993
ssl = yes
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl = required
ssl_cert =
ssl_key = # hidden, use -P to show it
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocol lmtp {
mail_plugins = " quota sieve"
postmaster_address = *****@little-beak.com
}
protocol lda {
mail_plugins = " quota sieve"
}
protocol imap {
mail_max_userip_connections = 500
mail_plugins = " quota imap_quota"
}
protocol sieve {
mail_max_userip_connections = 500
}
On 27.02.20 18:54, Esteban L wrote:
> I have been haunted by the following error message or months, that we > > see using Thunderbird. > Unable to connect to your IMAP server. > You may have exceeded the maximum number of connections to this server. > > If so, use the Advanced IMAP Server Settings dialogue to reduce the > > number of cached connections. > If I change my location, via a VPN, the error message goes away and I > > can connect. > I have edited my /etc/dovcot/conf.d/20-imap.conf file by adding the > > following:
> protocol imap { > > # Space separated list of plugins to load (default is global > > mail_plugins). > > mail_plugins = $mail_plugins imap_quota > # Maximum number of IMAP connections allowed for a user from each IP > > address. > > # NOTE: The username is compared case-sensitively. > > mail_max_userip_connections = 500 > > }
> And, I still get the error message. I know myself, I have about 8-9 > > accounts, some with as many as 10 folders (I know each one count's as > > it's own mailbox), as does my partner--who would access the internet > > from my IP. > Does that number really have to be like 10,000, or something? If so, why > > does it start out so small in the first place. If not, what else could I > > do to avoid this message going forward??
Aki Tuomi
-- https://www.little-beak.com "Doing what we can."
Hi,
dovecot does not make "connections PER folder". it is your MUA that does it.
for example Thunderbird is known to open 1 connection per folder. It's a client setting that can be changed.
Sami
On 28 Feb 2020, at 18.21, Esteban L esteban@little-beak.com wrote:
Ok. That is a nice command.
I am able to see connections. It doesn't seem remotely close to 500, though.
If I understand things correctly, dovecot makes connections PER folder, and keeps making more connections via IDLE (I am not entirely sure how idle works, other than it keeps sockets open)?
For example, in my case, I have about a dozen users, which combined equals around 80 folders.
If I am on an IP it is fine.
My partner, also has about a dozen different users, which combined, also has about 70-80 folders.
If we are on the same IP, we can no longer connect.
Is this general understanding ok?
Am I supposed to set the limit like at 10,000? I mean, I am not running anything other than a little private email server for some family and friends. As soon as my partner and I are on the same IP, it just ceases.
I see how if I check the doveadm who, periodically, I will have 2 propagations, and can imagine if my partner is there--yeah it's probably breaking 500.
On 28.02.20 08:05, Aki Tuomi wrote:
You can usually see from doveadm who or logs if your router/whatever is doing NAT.
Which would be the reason why 500 connections wouldn't be enough.
Aki
On 27/02/2020 23:21 Esteban L esteban@little-beak.com wrote:
It's not behind a proxy (unless the router is acting as a proxy?). Could it be that my router is doing some Hairpin NAT tomfoolery? The router is generic, so I run into that from time to time with my webserver.
I tried doveadm who, but didn't see anything too peculiar. There is the expect half dozen or so users on common IPs.
On 27.02.20 21:49, Aki Tuomi wrote:
Is your server behind proxy maybe? Can you see in logs that you get different IPs?
Maybe check with
doveadm whohow many connections you have?Aki
On 27/02/2020 22:44 Esteban L < esteban@little-beak.com> wrote:
I have tried a lot of different things, still no success. =(
here is my dove -n if anyone could help that would be great:
# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.16 (fed8554)
# OS: Linux 4.9.0-12-amd64 x86_64 Debian 9.12
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = yes
mail_home = /var/mail/vmail/%d/%n
mail_location = maildir:~/Mail
mail_max_userip_connections = 500
mail_plugins = " quota"
mail_privileged_group = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
inbox = yes
location =
mailbox Archive {
auto = subscribe
special_use = \Archive
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
quota = maildir:User quota
quota_grace = 10%%
quota_rule = *:storage=10G
quota_rule2 = Trash:storage=+1G
quota_status_overquota = 552 5.2.2 Mailbox is full
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
sieve = ~/.dovecot.sieve
sieve_after = /etc/dovecot/sieve/spamfilter.sieve
sieve_dir = ~/sieve
}
protocols = " imap lmtp sieve"
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
}
service imap-login {
inet_listener imaps {
port = 993
ssl = yes
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl = required
ssl_cert =
ssl_key = # hidden, use -P to show it
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocol lmtp {
mail_plugins = " quota sieve"
postmaster_address = *****@little-beak.com
}
protocol lda {
mail_plugins = " quota sieve"
}
protocol imap {
mail_max_userip_connections = 500
mail_plugins = " quota imap_quota"
}
protocol sieve {
mail_max_userip_connections = 500
}
On 27.02.20 18:54, Esteban L wrote:
I have been haunted by the following error message or months, that we
see using Thunderbird.
Unable to connect to your IMAP server.
You may have exceeded the maximum number of connections to this server.
If so, use the Advanced IMAP Server Settings dialogue to reduce the
number of cached connections.
If I change my location, via a VPN, the error message goes away and I
can connect.
I have edited my /etc/dovcot/conf.d/20-imap.conf file by adding the
following:
protocol imap {
# Space separated list of plugins to load (default is global
mail_plugins).
mail_plugins = $mail_plugins imap_quota
# Maximum number of IMAP connections allowed for a user from each IP
address.
# NOTE: The username is compared case-sensitively.
mail_max_userip_connections = 500
}
And, I still get the error message. I know myself, I have about 8-9
accounts, some with as many as 10 folders (I know each one count's as
it's own mailbox), as does my partner--who would access the internet
from my IP.
Does that number really have to be like 10,000, or something? If so, why
does it start out so small in the first place. If not, what else could I
do to avoid this message going forward??
Aki Tuomi
-- https://www.little-beak.com "Doing what we can."
Naturally, everything works fine if I use a VPN/translocation.
On 27.02.20 21:49, Aki Tuomi wrote:
Is your server behind proxy maybe? Can you see in logs that you get different IPs?
Maybe check with
doveadm whohow many connections you have?Aki
On 27/02/2020 22:44 Esteban L < esteban@little-beak.com mailto:esteban@little-beak.com> wrote:
I have tried a lot of different things, still no success. =(
here is my dove -n if anyone could help that would be great:
# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.16 (fed8554) # OS: Linux 4.9.0-12-amd64 x86_64 Debian 9.12 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_verbose = yes auth_verbose_passwords = yes mail_home = /var/mail/vmail/%d/%n mail_location = maildir:~/Mail mail_max_userip_connections = 500 mail_plugins = " quota" mail_privileged_group = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Archive { auto = subscribe special_use = \Archive } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir:User quota quota_grace = 10%% quota_rule = *:storage=10G quota_rule2 = Trash:storage=+1G quota_status_overquota = 552 5.2.2 Mailbox is full quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_after = /etc/dovecot/sieve/spamfilter.sieve sieve_dir = ~/sieve } protocols = " imap lmtp sieve" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service imap-login { inet_listener imaps { port = 993 ssl = yes } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_cert = mailto:*****@little-beak.com } protocol lda { mail_plugins = " quota sieve" } protocol imap { mail_max_userip_connections = 500 mail_plugins = " quota imap_quota" } protocol sieve { mail_max_userip_connections = 500 }
On 27.02.20 18:54, Esteban L wrote:
I have been haunted by the following error message or months, that we see using Thunderbird. Unable to connect to your IMAP server. You may have exceeded the maximum number of connections to this server. If so, use the Advanced IMAP Server Settings dialogue to reduce the number of cached connections. If I change my location, via a VPN, the error message goes away and I can connect. I have edited my /etc/dovcot/conf.d/20-imap.conf file by adding the following:
protocol imap { # Space separated list of plugins to load (default is global mail_plugins). mail_plugins = $mail_plugins imap_quota # Maximum number of IMAP connections allowed for a user from each IP address. # NOTE: The username is compared case-sensitively. mail_max_userip_connections = 500 }
And, I still get the error message. I know myself, I have about 8-9 accounts, some with as many as 10 folders (I know each one count's as it's own mailbox), as does my partner--who would access the internet from my IP. Does that number really have to be like 10,000, or something? If so, why does it start out so small in the first place. If not, what else could I do to avoid this message going forward??
Aki Tuomi
participants (4)
-
Aki Tuomi
-
Esteban L
-
Remo Mattei
-
Sami Ketola