Hi,
I am using dovecot 2.0.9 (official CentOS rpm), I am experiencing very high load issue.
I think it is something related to my storage (/var/spool is about 3 TB and it is almost full).
I noticed those kind of messages in /var/log/maillog:
Warning: Maildir: Scanning /var/spool/pop/domains/domain.it/username/Maildir/cur took 100 seconds (14281 readdir()s, 0 rename()s to cur/)
Warning: Maildir /var/spool/pop/domains/domain.it/username/Maildir: Synchronization took 103 seconds (0 new msgs, 0 flag change attempts, 0 expunge attempts)
I wondering if there is something to try, at configuration level, to "mitigate" this..
I use Maildir format, MTA is postfix, I have many users (> 10000) with pop3/imap/webmail access. Physical server with 8 GB RAM and two CPU (Intel(R) Pentium(R) D CPU 3.00GHz)
This is my dovecot's conf:
auth_anonymous_username = anonymous auth_cache_negative_ttl = 1 hours auth_cache_size = 0 auth_cache_ttl = 1 hours auth_debug = no auth_debug_passwords = no auth_default_realm = auth_failure_delay = 2 secs auth_first_valid_uid = 500 auth_gssapi_hostname = auth_krb5_keytab = auth_last_valid_uid = 0 auth_master_user_separator = auth_mechanisms = plain login digest-md5 cram-md5 auth_realms = auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = auth_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = /var/log/dovecot.log default_client_limit = 1000 default_idle_kill = 60 default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins disable_plaintext_auth = no dotlock_use_excl = no doveadm_socket_path = doveadm-server doveadm_worker_count = 0 first_valid_gid = 89 first_valid_uid = 89 hostname = imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = imap_idle_notify_interval = 2 mins imap_logout_format = bytes=%i/%o imap_max_line_length = 64 k info_log_path = last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = no lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/libexec/dovecot listen = *, :: lmtp_proxy = no lmtp_save_to_detail_mailbox = no lock_method = fcntl log_path = syslog log_timestamp = "%b %d %H:%M:%S " login_access_sockets = login_greeting = Dovecot ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c login_trusted_networks = mail_access_groups = mail_attachment_dir = mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = no mail_fsync = optimized mail_full_filesystem_access = no mail_gid = 89 mail_home = mail_location = maildir:/coraid-s2l2/domains mail_log_prefix = "%s(%u): " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = no mail_nfs_storage = no mail_plugin_dir = /usr/lib64/dovecot mail_plugins = mail_privileged_group = mail_save_crlf = no mail_temp_dir = /tmp mail_uid = 89 mailbox_idle_check_interval = 30 secs mailbox_list_index_disable = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = no managesieve_client_workarounds = managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o managesieve_max_compile_errors = 5 managesieve_max_line_length = 65536 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date imapflags notify master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = fcntl mdbox_preallocate_space = no mdbox_rotate_interval = 0 mdbox_rotate_size = 2 M mmap_disable = no namespace { hidden = no inbox = yes list = yes location = prefix = INBOX. separator = . subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext deny = no driver = sql master = no pass = no } passdb { args = /etc/dovecot/dovecot-sql-crypt.conf.ext deny = no driver = sql master = no pass = no } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +notify +imapflags sieve_max_script_size = 1M } pop3_client_workarounds = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_format = %08Xu%08Xv postmaster_address = protocols = imap pop3 lmtp sieve quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s sendmail_path = /usr/sbin/sendmail service anvil { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 4096 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener auth-client { group = mode = 0600 user = } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = mode = 0600 user = } unix_listener login/login { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 00 user = } group = idle_kill = 4294967295 secs inet_listener { address = port = 0 ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 00 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = imap-login extra_groups = group = idle_kill = 0 inet_listener imap { address = port = 143 ssl = no } inet_listener imaps { address = port = 993 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = imap service_count = 1 type = login user = $default_login_user vsz_limit = 64 M } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 0 drop_priv_before_exec = no executable = lmtp extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 0 } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log user = vsz_limit = 18446744073709551615 B } service managesieve-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = managesieve-login extra_groups = group = idle_kill = 0 inet_listener sieve { address = port = 4190 ssl = no } privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = login user = $default_login_user vsz_limit = 64 M } service managesieve { chroot = client_limit = 1 drop_priv_before_exec = no executable = managesieve extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = unix_listener login/sieve { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = pop3-login extra_groups = group = idle_kill = 0 inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 64 M } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = startup unix_listener login/ssl-params { group = mode = 0666 user = } unix_listener ssl-params { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service tcpwrap { chroot = client_limit = 1 drop_priv_before_exec = no executable = tcpwrap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = user = $default_internal_user vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = yes ssl_ca = ssl_cert = </etc/nginx/ssl/wildcard.domain.net_bundle.crt ssl_cert_username_field = commonName ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL ssl_dh_parameters_length = 1024 ssl_key = </etc/nginx/ssl/wildcard.domain.net.key ssl_key_password = ssl_parameters_file = ssl-parameters.dat ssl_parameters_regenerate = 0 ssl_protocols = !SSLv2 !SSLv3 ssl_verify_client_cert = no syslog_facility = mail userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } valid_chroot_dirs = verbose_auth = no verbose_proctitle = no verbose_ssl = no version_ignore = no protocol lmtp { mail_plugins = } protocol lda { mail_plugins = } protocol imap { imap_id_log = * }
Thank you!
Hi,
I am using dovecot 2.0.9 (official CentOS rpm), I am experiencing very high load issue.
I think it is something related to my storage (/var/spool is about 3 TB and it is almost full).
I noticed those kind of messages in /var/log/maillog:
Warning: Maildir: Scanning /var/spool/pop/domains/domain.it/username/Maildir/cur took 100 seconds (14281 readdir()s, 0 rename()s to cur/) Maybe you have just too much load on your server. Also you seem to be
On 21.09.2017 00:56, absolutely_free@libero.it wrote: triggering maildir scans which are expensive.
Also the version you are running is from 2011, so it's ... rather dated. You should probably update your system to centos7 which at least has 2.2.10, which is still rather old, but less so.
Warning: Maildir /var/spool/pop/domains/domain.it/username/Maildir: Synchronization took 103 seconds (0 new msgs, 0 flag change attempts, 0 expunge attempts)
I wondering if there is something to try, at configuration level, to "mitigate" this..
I use Maildir format, MTA is postfix, I have many users (> 10000) with pop3/imap/webmail access. Physical server with 8 GB RAM and two CPU (Intel(R) Pentium(R) D CPU 3.00GHz)
This is my dovecot's conf:
please use doveconf -n
Aki
Hi Aki,
thank you very much for your reply.
What do you mean with "triggering maildir scans"?
Here is dovecot -n output:
# 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-642.15.1.el6.x86_64 x86_64 CentOS release 6.9 (Final) auth_mechanisms = plain login digest-md5 cram-md5 debug_log_path = /var/log/dovecot.log disable_plaintext_auth = no first_valid_gid = 89 first_valid_uid = 89 mail_gid = 89 mail_location = maildir:/var/spool/domains mail_uid = 89 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date imapflags notify mbox_write_locks = fcntl namespace { inbox = yes location = prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } passdb { args = /etc/dovecot/dovecot-sql-crypt.conf.ext driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +notify +imapflags sieve_max_script_size = 1M } protocols = imap pop3 lmtp sieve ssl_cert = </etc/nginx/ssl/wildcard.domain.net_bundle.crt ssl_key = </etc/nginx/ssl/wildcard.domain.net.key userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lmtp { mail_plugins = } protocol lda { mail_plugins = } protocol imap { imap_id_log = * }
Thank you very much
Il 21 settembre 2017 alle 11.13 Aki Tuomi <aki.tuomi@dovecot.fi> ha scritto: On 21.09.2017 00:56, absolutely_free@libero.it wrote: > >Hi, I am using dovecot 2.0.9 (official CentOS rpm), I am experiencing very high load issue. I think it is something related to my storage (/var/spool is about 3 TB and it is almost full). I noticed those kind of messages in /var/log/maillog: Warning: Maildir: Scanning /var/spool/pop/domains/domain.it/username/Maildir/cur took 100 seconds (14281 readdir()s, 0 rename()s to cur/) Maybe you have just too much load on your server. Also you seem to be triggering maildir scans which are expensive. >Also the version you are running is from 2011, so it's ... rather dated. You should probably update your system to centos7 which at least has 2.2.10, which is still rather old, but less so. > > >Warning: Maildir /var/spool/pop/domains/domain.it/username/Maildir: Synchronization took 103 seconds (0 new msgs, 0 flag change attempts, 0 expunge attempts) I wondering if there is something to try, at configuration level, to "mitigate" this.. I use Maildir format, MTA is postfix, I have many users (> 10000) with pop3/imap/webmail access. Physical server with 8 GB RAM and two CPU (Intel(R) Pentium(R) D CPU 3.00GHz) This is my dovecot's conf: please use doveconf -n >Aki
participants (2)
-
absolutely_free@libero.it
-
Aki Tuomi