[Dovecot] MOSTLY SOLVED: Re: client limit and STARTTLS
Noel Butler
noel.butler at ausics.net
Mon Apr 8 11:27:44 EEST 2013
On Sat, 2013-04-06 at 01:09 -0700, David Benfell wrote:
> > Are your certificate chains valid? Simply saying "isn't working" is
> > almost a requirement for a *sigh*
> > log output please, or a better description than "isn't working" ;)
> Yes, the certificate chains were screwed up. And you hit the nail on the
> head when you pointed to chains. It's a StartSSL cert and I've had
> trouble getting this straight from the beginning.
>
no problems, it's the main culprit for most SSL issues
> Thanks!
>
> Now if we can sort out how to set the client and process limits. I
> changed the settings like thus:
>
> default_process_limit = 1024
> default_client_limit = 4096
>
I see Harald has explained this already (I dont use high performance
mode, I prefer security, but you wont notice any performance hit anyway,
we never have)
But if you can't see yourself with that many concurrent users, remove
them and stick with defaults, unless you do need to increase them, wich
you'll soon learn from your users, worry about it then.
> The truth is, I can't imagine having 4096 clients. I mean, it's true, I
> like my toys, but.....
>
When you see this, just set a ulimit in dovecots startup script
#!/bin/sh
# rc.dovecot
# Start/stop/restart dovecot.
ulimit -n 8192
...dovecot stuff...
Cheers
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <http://dovecot.org/pipermail/dovecot/attachments/20130408/670574db/attachment.bin>
More information about the dovecot
mailing list