[Dovecot] service_count=0 for imap and pop3

Mark Moseley moseleymark at gmail.com
Wed Nov 10 01:49:01 EET 2010

On Tue, Nov 9, 2010 at 3:05 PM, Timo Sirainen <tss at iki.fi> wrote:
> On 9.11.2010, at 22.14, Mark Moseley wrote:
>> service imap {
>> service_count = 0
>> }
>> Is that safe to do in imap and/or pop3? Or at least no more insecure
>> than using service_count=0 for imap-login and pop3-login?
> Yep.

Would the risks involved be identical to your warnings about using
"service_count=0" with pop3-login/imap-login, namely that if the
daemon gets hacked, it'd be able to access other mailboxes (presumably
that the imap/pop3 already had open)?

Nice, it does indeed seem to burn a lot less CPU. I've also set
"process_min_avail=#" for 'service pop3' which appears to spread out
incoming POP3 connections over all # pop3 procs. Any gotchas there?
I've always got at least several hundred POP3 connections on a box, so
having them not all hitting one proc is desirable. And having, say,
100 pop3 procs hanging around, possibly idle, is fine. This is pretty
exciting stuff.

Anybody running this way in production on a large scale, i.e. using
"service_count=0" in a "service imap" or "service pop3" ?

More information about the dovecot mailing list