Issue with one user only, exceeding connections
I keep having this issue with one user, and I have to restart dovecot several times a day to clear it. What I have is a postfix / dovecot mail server (Centos 7) and about a dozen users. All mailboxes are imap ssl. I monitor about 4 mailboxes on my computer and tablet. I use Thunderbird on the computer (cache connections at 2) and K9 on the tablet, but one user of the four I keep getting "Maximum number of connections from user+IP exceeded" and I have the maximum at 50 "(mail_max_userip_connections=50)" so its hard for me to believe I am actually exceeding it unless dovecot/client is not dropping connections and keeps starting new ones until it reaches the maximum, but again, only for one user, even though I am monitoring 4 on the same devices. Any idea how to troubleshoot this? I don't know if I should be looking at dovecot or the clients, or what I need to look for. It's been going on since I put this server in use over a year ago. I also have issues with Outlook clients disconnecting, just outlook, is there any recommended settings to make Outlook work smoother?
Thanks! - Jeremy
Config -
# 2.2.36 (1f10bfa63): /etc/dovecot/dovecot.conf # OS: Linux 3.10.0-1160.11.1.el7.x86_64 x86_64 CentOS Linux release 7.9.2009 (Core) # Hostname: *** auth_mechanisms = plain login debug_log_path = /var/log/dovecot_debug.log first_valid_gid = 500 last_valid_gid = 600 last_valid_uid = 600 listen = * mail_location = maildir:~/Maildir mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = INBOX. separator = . } passdb { driver = pam } pop3_uidl_format = %f protocols = imap lmtp service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 1 service_count = 0 } service imap { process_limit = 1024 } service lmtp { unix_listener lmtp { mode = 0666 } } ssl = required ssl_cert = <*** ssl_cipher_list = ECDHE-RSA-CHACHA20-POLY1305:ALL:!LOW:!SSLv2:!EXP:!aNULL ssl_key = # hidden, use -P to show it ssl_prefer_server_ciphers = yes userdb { driver = passwd } protocol imap { mail_max_userip_connections = 50 }
I think if IMAP IDLE is used you need one connection per folder. If I remember correctly at least either Thunderbird or K9 Mail (I'm using both too) use one connection per selected directory. Simply increasing the number of connections was the easiest solution as I only have very few users too.
Regards Frank
Am 8. Juni 2022 21:14:23 MESZ schrieb Jeremy Schaeffer kb9mfd@phonesplus.biz:
I keep having this issue with one user, and I have to restart dovecot several times a day to clear it. What I have is a postfix / dovecot mail server (Centos 7) and about a dozen users. All mailboxes are imap ssl. I monitor about 4 mailboxes on my computer and tablet. I use Thunderbird on the computer (cache connections at 2) and K9 on the tablet, but one user of the four I keep getting "Maximum number of connections from user+IP exceeded" and I have the maximum at 50 "(mail_max_userip_connections=50)" so its hard for me to believe I am actually exceeding it unless dovecot/client is not dropping connections and keeps starting new ones until it reaches the maximum, but again, only for one user, even though I am monitoring 4 on the same devices. Any idea how to troubleshoot this? I don't know if I should be looking at dovecot or the clients, or what I need to look for. It's been going on since I put this server in use over a year ago. I also have issues with Outlook clients disconnecting, just outlook, is there any recommended settings to make Outlook work smoother?
Thanks! - Jeremy
Config -
# 2.2.36 (1f10bfa63): /etc/dovecot/dovecot.conf # OS: Linux 3.10.0-1160.11.1.el7.x86_64 x86_64 CentOS Linux release 7.9.2009 (Core) # Hostname: *** auth_mechanisms = plain login debug_log_path = /var/log/dovecot_debug.log first_valid_gid = 500 last_valid_gid = 600 last_valid_uid = 600 listen = * mail_location = maildir:~/Maildir mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = INBOX. separator = . } passdb { driver = pam } pop3_uidl_format = %f protocols = imap lmtp service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 1 service_count = 0 } service imap { process_limit = 1024 } service lmtp { unix_listener lmtp { mode = 0666 } } ssl = required ssl_cert = <*** ssl_cipher_list = ECDHE-RSA-CHACHA20-POLY1305:ALL:!LOW:!SSLv2:!EXP:!aNULL ssl_key = # hidden, use -P to show it ssl_prefer_server_ciphers = yes userdb { driver = passwd } protocol imap { mail_max_userip_connections = 50 }
-- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
Ahhh, Ok, I did not know that and now that makes sense. I did not realize it held a open connection for each folder. I increased that and I will see what happens. I wonder if that will also effect the outlook issues. Thanks! - Jeremy
On 6/8/2022 14:28, Frank-Ulrich Sommer wrote:
I think if IMAP IDLE is used you need one connection per folder. If I remember correctly at least either Thunderbird or K9 Mail (I'm using both too) use one connection per selected directory. Simply increasing the number of connections was the easiest solution as I only have very few users too.
Regards Frank
Am 8. Juni 2022 21:14:23 MESZ schrieb Jeremy Schaeffer kb9mfd@phonesplus.biz:
I keep having this issue with one user, and I have to restart dovecot several times a day to clear it. What I have is a postfix / dovecot mail server (Centos 7) and about a dozen users. All mailboxes are imap ssl. I monitor about 4 mailboxes on my computer and tablet. I use Thunderbird on the computer (cache connections at 2) and K9 on the tablet, but one user of the four I keep getting "Maximum number of connections from user+IP exceeded" and I have the maximum at 50 "(mail_max_userip_connections=50)" so its hard for me to believe I am actually exceeding it unless dovecot/client is not dropping connections and keeps starting new ones until it reaches the maximum, but again, only for one user, even though I am monitoring 4 on the same devices. Any idea how to troubleshoot this? I don't know if I should be looking at dovecot or the clients, or what I need to look for. It's been going on since I put this server in use over a year ago. I also have issues with Outlook clients disconnecting, just outlook, is there any recommended settings to make Outlook work smoother? Thanks! - Jeremy Config - # 2.2.36 (1f10bfa63): /etc/dovecot/dovecot.conf # OS: Linux 3.10.0-1160.11.1.el7.x86_64 x86_64 CentOS Linux release 7.9.2009 (Core) # Hostname: *** auth_mechanisms = plain login debug_log_path = /var/log/dovecot_debug.log first_valid_gid = 500 last_valid_gid = 600 last_valid_uid = 600 listen = * mail_location = maildir:~/Maildir mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = INBOX. separator = . } passdb { driver = pam } pop3_uidl_format = %f protocols = imap lmtp service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 1 service_count = 0 } service imap { process_limit = 1024 } service lmtp { unix_listener lmtp { mode = 0666 } } ssl = required ssl_cert = <*** ssl_cipher_list = ECDHE-RSA-CHACHA20-POLY1305:ALL:!LOW:!SSLv2:!EXP:!aNULL ssl_key = # hidden, use -P to show it ssl_prefer_server_ciphers = yes userdb { driver = passwd } protocol imap { mail_max_userip_connections = 50 }
-- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
ok the idle connection per folder is a factor
however in thunderbird i believe it defaults to 2 simultanious connections
mine is set to 5
in thunderbird see
The solution is to reduce the maximum number of connections in Thunderbird. This can be done from Edit > Account Settings > Server Settings (under the mail account for which the setting should be modified) > Advanced > Maximum Number of server connections to cache.
I dont know of anything that would get it to 500?
as for outlook idle was not / is not supported past 2010 (if even that) you need to go into
file --> options --> advanced --> send/receive
all you can change in there is the timing which defaults to 30 minutes, i recommend 3 or 5
I am unaware of how outlook handles physical connections (maybe registery?) and google revieled nothing, outlook since 2010 just does not support imap, microsofts way of forcing everyone onto exchange / outlook 365
377,000 hits last time i googled imap issues in outlook.
Best suggestion is to run
# ps -axww | grep imap 25500 - S 0:00.57 imap: [paul@hiscomputer.ca 172.97.150.95 IDLE] (imap) 25530 - S 0:00.36 imap: [paul@hiscomputer.ca 172.97.150.95 IDLE] (imap) 26014 - I 0:00.39 imap: [rcooke@tnky.ca 172.97.128.227 IDLE] (imap) 26018 - I 0:00.38 imap: [rcooke@tnky.ca 172.97.128.227 IDLE] (imap) 26210 - I 0:00.07 imap: [spanos@scom.ca 99.238.154.160 IDLE] (imap) 38911 - S 0:00.17 imap: [marilynlally@scom.ca 142.188.149.199 IDLE] (imap) 38912 - S 0:00.13 imap: [marilynlally@scom.ca 142.188.149.199 IDLE] (imap) 41306 - S 0:00.73 imap: [ed.hanna@dssmgmt.com 204.237.48.37 IDLE] (imap) 41312 - S 0:00.63 imap: [ed.hanna@ekst.ca 204.237.48.37 IDLE] (imap) 45232 - I 0:00.23 imap: [rcooke@tnky.ca 172.97.128.227 IDLE] (imap) 55504 - I 0:00.16 imap: [rcooke@tnky.ca 172.97.128.227 IDLE] (imap)
which shows all imap connections and from where
if you are overflowing 500+ connections then it has to show up here.
Happy Thursday !!! Thanks - paul
Paul Kudla
Scom.ca Internet Services http://www.scom.ca 004-1009 Byron Street South Whitby, Ontario - Canada L1N 4S3
Toronto 416.642.7266 Main 1.866.411.7266 Fax 1.888.892.7266 Email paul@scom.ca
On 6/8/2022 6:41 PM, Jeremy Schaeffer wrote:
Ahhh, Ok, I did not know that and now that makes sense. I did not realize it held a open connection for each folder. I increased that and I will see what happens. I wonder if that will also effect the outlook issues. Thanks! - Jeremy
On 6/8/2022 14:28, Frank-Ulrich Sommer wrote:
I think if IMAP IDLE is used you need one connection per folder. If I remember correctly at least either Thunderbird or K9 Mail (I'm using both too) use one connection per selected directory. Simply increasing the number of connections was the easiest solution as I only have very few users too.
Regards Frank
Am 8. Juni 2022 21:14:23 MESZ schrieb Jeremy Schaeffer kb9mfd@phonesplus.biz:
I keep having this issue with one user, and I have to restart dovecot several times a day to clear it. What I have is a postfix / dovecot mail server (Centos 7) and about a dozen users. All mailboxes are imap ssl. I monitor about 4 mailboxes on my computer and tablet. I use Thunderbird on the computer (cache connections at 2) and K9 on the tablet, but one user of the four I keep getting "Maximum number of connections from user+IP exceeded" and I have the maximum at 50 "(mail_max_userip_connections=50)" so its hard for me to believe I am actually exceeding it unless dovecot/client is not dropping connections and keeps starting new ones until it reaches the maximum, but again, only for one user, even though I am monitoring 4 on the same devices. Any idea how to troubleshoot this? I don't know if I should be looking at dovecot or the clients, or what I need to look for. It's been going on since I put this server in use over a year ago. I also have issues with Outlook clients disconnecting, just outlook, is there any recommended settings to make Outlook work smoother? Thanks! - Jeremy Config - # 2.2.36 (1f10bfa63): /etc/dovecot/dovecot.conf # OS: Linux 3.10.0-1160.11.1.el7.x86_64 x86_64 CentOS Linux release 7.9.2009 (Core) # Hostname: *** auth_mechanisms = plain login debug_log_path = /var/log/dovecot_debug.log first_valid_gid = 500 last_valid_gid = 600 last_valid_uid = 600 listen = * mail_location = maildir:~/Maildir mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = INBOX. separator = . } passdb { driver = pam } pop3_uidl_format = %f protocols = imap lmtp service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 1 service_count = 0 } service imap { process_limit = 1024 } service lmtp { unix_listener lmtp { mode = 0666 } } ssl = required ssl_cert = <*** ssl_cipher_list = ECDHE-RSA-CHACHA20-POLY1305:ALL:!LOW:!SSLv2:!EXP:!aNULL ssl_key = # hidden, use -P to show it ssl_prefer_server_ciphers = yes userdb { driver = passwd } protocol imap { mail_max_userip_connections = 50 }
-- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
-- This message has been scanned for viruses and dangerous content by *MailScanner* http://www.mailscanner.info/, and is believed to be clean.
That was the first thing I tried, I lowered the cache connections in Thunderbird. Actually the max connections was 50, not 500, but I could see why as I do have a lot of folders, but what is odd is I have other mailboxes that have even more folders, but it's only one mailbox that is trowing the error.
"# ps -axww | grep imap" does not give me the same results -
.....
19897 ? S 0:00 dovecot/imap 19900 ? S 0:02 dovecot/imap 19901 ? S 0:00 dovecot/imap 19902 ? S 0:00 dovecot/imap .....
I wish it did give me the mailbox, is there a option to get it to give me that information?
Thanks! - Jeremy
On 6/9/2022 6:37, Paul Kudla (SCOM.CA Internet Services Inc.) wrote:
ok the idle connection per folder is a factor
however in thunderbird i believe it defaults to 2 simultanious connections
mine is set to 5
in thunderbird see
The solution is to reduce the maximum number of connections in Thunderbird. This can be done from Edit > Account Settings > Server Settings (under the mail account for which the setting should be modified) > Advanced > Maximum Number of server connections to cache.
I dont know of anything that would get it to 500?
as for outlook idle was not / is not supported past 2010 (if even that) you need to go into
file --> options --> advanced --> send/receive
all you can change in there is the timing which defaults to 30 minutes, i recommend 3 or 5
I am unaware of how outlook handles physical connections (maybe registery?) and google revieled nothing, outlook since 2010 just does not support imap, microsofts way of forcing everyone onto exchange / outlook 365
377,000 hits last time i googled imap issues in outlook.
Best suggestion is to run
# ps -axww | grep imap 25500 - S 0:00.57 imap: [paul@hiscomputer.ca 172.97.150.95 IDLE] (imap) 25530 - S 0:00.36 imap: [paul@hiscomputer.ca 172.97.150.95 IDLE] (imap) 26014 - I 0:00.39 imap: [rcooke@tnky.ca 172.97.128.227 IDLE] (imap) 26018 - I 0:00.38 imap: [rcooke@tnky.ca 172.97.128.227 IDLE] (imap) 26210 - I 0:00.07 imap: [spanos@scom.ca 99.238.154.160 IDLE] (imap) 38911 - S 0:00.17 imap: [marilynlally@scom.ca 142.188.149.199 IDLE] (imap) 38912 - S 0:00.13 imap: [marilynlally@scom.ca 142.188.149.199 IDLE] (imap) 41306 - S 0:00.73 imap: [ed.hanna@dssmgmt.com 204.237.48.37 IDLE] (imap) 41312 - S 0:00.63 imap: [ed.hanna@ekst.ca 204.237.48.37 IDLE] (imap) 45232 - I 0:00.23 imap: [rcooke@tnky.ca 172.97.128.227 IDLE] (imap) 55504 - I 0:00.16 imap: [rcooke@tnky.ca 172.97.128.227 IDLE] (imap)
which shows all imap connections and from where
if you are overflowing 500+ connections then it has to show up here.
Happy Thursday !!! Thanks - paul
Paul Kudla
Scom.ca Internet Services http://www.scom.ca 004-1009 Byron Street South Whitby, Ontario - Canada L1N 4S3
Toronto 416.642.7266 Main 1.866.411.7266 Fax 1.888.892.7266 Email paul@scom.ca
On 6/8/2022 6:41 PM, Jeremy Schaeffer wrote:
Ahhh, Ok, I did not know that and now that makes sense. I did not realize it held a open connection for each folder. I increased that and I will see what happens. I wonder if that will also effect the outlook issues. Thanks! - Jeremy
On 6/8/2022 14:28, Frank-Ulrich Sommer wrote:
I think if IMAP IDLE is used you need one connection per folder. If I remember correctly at least either Thunderbird or K9 Mail (I'm using both too) use one connection per selected directory. Simply increasing the number of connections was the easiest solution as I only have very few users too.
Regards Frank
Am 8. Juni 2022 21:14:23 MESZ schrieb Jeremy Schaeffer kb9mfd@phonesplus.biz:
I keep having this issue with one user, and I have to restart dovecot several times a day to clear it. What I have is a postfix / dovecot mail server (Centos 7) and about a dozen users. All mailboxes are imap ssl. I monitor about 4 mailboxes on my computer and tablet. I use Thunderbird on the computer (cache connections at 2) and K9 on the tablet, but one user of the four I keep getting "Maximum number of connections from user+IP exceeded" and I have the maximum at 50 "(mail_max_userip_connections=50)" so its hard for me to believe I am actually exceeding it unless dovecot/client is not dropping connections and keeps starting new ones until it reaches the maximum, but again, only for one user, even though I am monitoring 4 on the same devices. Any idea how to troubleshoot this? I don't know if I should be looking at dovecot or the clients, or what I need to look for. It's been going on since I put this server in use over a year ago. I also have issues with Outlook clients disconnecting, just outlook, is there any recommended settings to make Outlook work smoother?
Thanks! - Jeremy
Config -
# 2.2.36 (1f10bfa63): /etc/dovecot/dovecot.conf # OS: Linux 3.10.0-1160.11.1.el7.x86_64 x86_64 CentOS Linux release 7.9.2009 (Core) # Hostname: *** auth_mechanisms = plain login debug_log_path = /var/log/dovecot_debug.log first_valid_gid = 500 last_valid_gid = 600 last_valid_uid = 600 listen = * mail_location = maildir:~/Maildir mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = INBOX. separator = . } passdb { driver = pam } pop3_uidl_format = %f protocols = imap lmtp service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 1 service_count = 0 } service imap { process_limit = 1024 } service lmtp { unix_listener lmtp { mode = 0666 } } ssl = required ssl_cert = <*** ssl_cipher_list = ECDHE-RSA-CHACHA20-POLY1305:ALL:!LOW:!SSLv2:!EXP:!aNULL ssl_key = # hidden, use -P to show it ssl_prefer_server_ciphers = yes userdb { driver = passwd } protocol imap { mail_max_userip_connections = 50 }
-- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
-- This message has been scanned for viruses and dangerous content by *MailScanner* http://www.mailscanner.info/, and is believed to be clean.
Date: Thursday, June 09, 2022 10:46:25 -0500 From: Jeremy Schaeffer kb9mfd@phonesplus.biz
That was the first thing I tried, I lowered the cache connections in Thunderbird. Actually the max connections was 50, not 500, but I could see why as I do have a lot of folders, but what is odd is I have other mailboxes that have even more folders, but it's only one mailbox that is trowing the error.
"# ps -axww | grep imap" does not give me the same results -
.....
19897 ? S 0:00 dovecot/imap 19900 ? S 0:02 dovecot/imap 19901 ? S 0:00 dovecot/imap 19902 ? S 0:00 dovecot/imap .....
I wish it did give me the mailbox, is there a option to get it to give me that information?
Try "auxw" on your "ps". I.e., add in the "u" which will get you the user detail in the first column, otherwise you just get the process id.
Thank you! That worked, I piped the output to a file, grep the username and sure enough there are 60 lines. So I guess going over 50 was a possibility.
Learn something new every day. I set the maximum to 100 so I should not have any errors on that anymore.
Thanks! - Jeremy
On 6/9/2022 10:59, Richard wrote:
Date: Thursday, June 09, 2022 10:46:25 -0500 From: Jeremy Schaeffer kb9mfd@phonesplus.biz
That was the first thing I tried, I lowered the cache connections in Thunderbird. Actually the max connections was 50, not 500, but I could see why as I do have a lot of folders, but what is odd is I have other mailboxes that have even more folders, but it's only one mailbox that is trowing the error.
"# ps -axww | grep imap" does not give me the same results -
.....
19897 ? S 0:00 dovecot/imap 19900 ? S 0:02 dovecot/imap 19901 ? S 0:00 dovecot/imap 19902 ? S 0:00 dovecot/imap .....
I wish it did give me the mailbox, is there a option to get it to give me that information? Try "auxw" on your "ps". I.e., add in the "u" which will get you the user detail in the first column, otherwise you just get the process id.
participants (4)
-
Frank-Ulrich Sommer
-
Jeremy Schaeffer
-
Paul Kudla (SCOM.CA Internet Services Inc.)
-
Richard