-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Hi,

since some time I'm plagued by internal login failures. With v2.2.10 I got the some additional error, that I should raise the process_limit for the imap service, then I got the hint to raise vsz_limit for the lmtp and imap serverices. These hints are very helpful and are some sort of unique feature of Dovecot - descriptive error messages.

Now I have upgraded a Webfrontend behind imapproxy -> Dovecot and get this during a phase in the day, several of messages go to large internal mailing lists and lots of users are connecting/disconnecting via IMAP, POP,& Web:

<login success> imap: Error: Disconnected from auth server, aborting (client-pid=2296 client-id=17278) imap-login: Info: Internal login failure (pid=2296 id=17278) (internal failure, 1 successful auths) .... .

doveadm and to query the userdb [I have some processes that use Dovecot UserDB to query user data, which do not cache its information], & login into IMAP fail as well. Even connecting to the auth-userdb socket reveals no reaction - usually the VERSION prompts immediately. I now suppose that the deault auth_worker_max_count=30 is the culprit, because I query LDAP for passdb and userdb and client_count, but client_limit=0.

Would it be possible to add a warning to all limits "that max out"? Or, if such "generic error" occurs, could Dovecot be enabled to dump a list of which limit is used up to which level? Or something like that.

Also, I'm surprised to find that the "Internal login failure" is at "Info" level only.

Also note: It is very possible that the problem is caused by a client that goes havoc.

======

Just to no trigger the "post your config" reply I give now and then myself:

# 2.2.10 (5432b55a2b87): /usr/local/dovecot-2.2.10/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.8 auth_cache_size = 10 M auth_debug = yes auth_mechanisms = plain login auth_verbose = yes base_dir = /var/run/dovecot2.2/ default_vsz_limit = 512 M deliver_log_format = msgid=%m: %$ %p/%w "%f" "%s" dict { acl = pgsql:/usr/local/dovecot-2.2.10/etc/dovecot/dovecot-dict-sql.conf.ext quota = pgsql:/usr/local/dovecot-2.2.10/etc/dovecot/dovecot-dict-sql.conf.ext } instance_name = dovecot2.2 lda_mailbox_autocreate = yes lmtp_save_to_detail_mailbox = yes log_path = /var/log/dovecot/dovecot2.2.log log_timestamp = "%F %H:%M:%S " mail_debug = yes mail_gid = vmail mail_log_prefix = "%Us(%u) [%p]: " mail_max_userip_connections = 0 mail_plugins = " quota notify mail_log zlib acl" mail_shared_explicit_inbox = yes mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = users.%%u. separator = . type = shared } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/dovecot-2.2.10/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile acl_shared_dict = proxy::acl antispam_allow_append_to_spam = yes antispam_backend = spool2dir antispam_spam = SPAM+ReportAsSPAM antispam_spool2dir_notspam = /tmp/spamspool/%%020lu-%%05lu-%u-H antispam_spool2dir_spam = /tmp/spamspool/%%020lu-%%05lu-%u-S antispam_trash = trash;TRASH;Trash;spam;SPAM;Spam;junk;JUNK;Junk;Deleted Items;Deleted Messages;Gel&APY-schte Elemente;Gel&APY-schte Objekte;Junk E-mail;Junk-E-Mail;INBOX.Trash;INBOX.TRASH;INBOX.trash mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size vsize from subject quota = dict:User quota::proxy::quota quota_rule = *:storage=300MB quota_rule2 = Trash:storage=+30M recipient_delimiter = + sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_actions = 0 sieve_quota_max_storage = 3M } protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { unix_listener auth-client { mode = 0766 } unix_listener auth-userdb { mode = 0766 user = vmail } } service dict { unix_listener dict { group = vmail mode = 0660 user = vmail } } service doveadm { unix_listener doveadm-server { mode = 0666 } } service imap-login { process_min_avail = 4 service_count = 0 vsz_limit = 768 M } service imap { process_limit = 10000 vsz_limit = 768 M } service lmtp { vsz_limit = 768 M } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } } service pop3-login { process_min_avail = 5 service_count = 0 vsz_limit = 512 M } ssl_ca =

Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBUvjzZnD1/YhP6VMHAQKElQgAoBU3v5JD9kFNzan06UFG88sucvf6HZru gLF6l7IZSWiY/IwouTBoseJcrXmgVG9sCk12gxvonO3iT0KVu1PyJZeTMaKtY3hS I37J4iS88pmY3cGQNguYMSidrIvNOt6SW+Jv/9QxuYTJKYCqoEZRdP8yJ+dvrmQw zpZEzKqcV+x4ofDLcpRxLZtXwb+Bl5AA9hoe/Md/UqzUEa9CYyvANoX63/zY7WS5 1VpK+a80/L6ukJUt9tPQTWSe0ALYmL6Cd4tAdC2Bsq7rN+6SQIcjxxr/9v8Byj8Q BdtwUhpTazVm7CLOjnFiWxfXmHCL9BNrQUBBAd5docSydNDEUMmQng== =r9QR -----END PGP SIGNATURE-----