[Dovecot] Apple Mail and too many open files?

[Rob Middleton]

Alan Schmitt wrote:
> Hello,
> 
> For two days in a row, I've noticed that my dovecot server (hosted on a 
> PowerMac running OS X) has stopped working, with a bunch of error 
> messages in /var/log/mail.log like:
> May 24 07:31:10 top dovecot: pipe() failed: Too many open files
> 
> To solve this, I have to kill -9 dovecot and the (many) imap  processes 
> running.
> 
> The only client accessing the server is a machine running Apple Mail. I 
> tried to increase the limit in the number of files (I did a "launchctl 
> limit maxfiles 1024 unlimited", but the problem still happened.
> 
> Is this a known problem? Should I allow still more files?

You need to look at the parameters:
sysctl -a
kern.maxfiles = 12288
kern.maxfilesperproc = 10240
and fix them by creating a file /etc/sysctl.conf

OS X is configured by default with these numbers way too low. OS X has 
some really dumb processes like AFP that will chew through all of your 
open files and not cope cleanly with running out of allowable/available 
filehandles.

OS X has a DoS vulnerability in the way ssh processes are spawned and 
the ssh interaction with their PAM modules (it exhibits with the 
symptoms you have described). Have you really got port 22 blocked from 
the outside world?? Have you tested that? Consider running ssh on an 
alternate port if running OS X server (as Apple's GUI config tools for 
the firewall don't always allow you to block port 22).

Do consider running your mail services off a machine that is not a Mac 
OS X server. OS X server is merely OS X client/workstation with a pretty 
management utility for some 'nix services. It is not stable under high 
load -- and it is not even stable under moderate load without numerous 
performance tweaks (it doesn't cope at all well if the disk queue goes 
up a touch or loadavg is at all interesting - ie it degrades poorly 
under load).

Rob.