[Dovecot] Tuning!

Rafael VOlpe TI rafaelvolpeti at gmail.com
Thu May 2 20:00:56 EEST 2013 

Hi Buddies,

I have 2 servers running dovecot + postfix for pop/imap users.
The users mailbox are in a Nfs storage.
The load of server is ranging at 3.0 to 15.0.
I really dont know what happened.. I read a lot about tuning of dovecot,
and the changes are applied, how you can see.
The Hardware of server is really good!
The host have 8GB of mem and 2 sockets with 2 cores anyone.
The server receives 900-1000 user connections in pop and imap.
How i can aprimmorate this processes?

Some errors are displayed on the console randomly when the load rises.
Example:

May 02 13:57:42 pop3(user at domain.com): Error: Timeout (180s) while waiting
for lock for transaction log file //var/vmail/
domain.com/user//dovecot.index.log
May 02 13:57:42 pop3(user at domain.com): Error: Couldn't init INBOX: Internal
error occurred. Refer to server log for more information. [2013-05-02
13:54:40]
May 02 13:57:42 pop3(user at domain.com): Info: Mailbox init failed top=0/0,
retr=0/0, del=0/0, size=0

I really appreciate any suggestion!

Thanks and Regards,

Rafael Volpe


Dovecot conf:

# 2.0.19: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-40-generic x86_64 Ubuntu 12.04.2 LTS
auth_mechanisms = plain login
auth_verbose = yes
debug_log_path = /var/log/dovecot-debug.log
disable_plaintext_auth = no
dotlock_use_excl = no
first_valid_gid = 125
first_valid_uid = 125
last_valid_gid = 125
last_valid_uid = 125
log_path = /var/log/dovecot.log
mail_debug = yes
mail_fsync = always
mail_location = maildir:/%Lh/:INDEX=/%Lh/
mail_nfs_index = yes
mail_nfs_storage = yes
mmap_disable = yes
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
protocols = " imap pop3"
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
}
service imap-login {
  inet_listener imap {
    port = 143
  }
  inet_listener imaps {
    port = 993
    ssl = yes
  }
  service_count = 0
}
service pop3-login {
  inet_listener pop3 {
    port = 110
  }
  inet_listener pop3s {
    port = 995
    ssl = yes
  }
}
ssl_cert = </etc/postfix/ssl/wildcard.domain.com.crt
ssl_key = </etc/postfix/ssl/wildcard.domain.com.key
userdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
verbose_proctitle = yes
protocol imap {
  imap_idle_notify_interval = 2 mins
  mail_max_userip_connections = 150
}
protocol pop3 {
  pop3_lock_session = no
  pop3_uidl_format = %08Xu%08Xv
}


Postfix conf:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 1d
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
inet_interfaces = all
mailbox_size_limit = 0
maximal_queue_lifetime = 1d
message_size_limit = 20240000
myhostname = myname.mydomain.com
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
policy-spf_time_limit = 3600s
readme_directory = no
recipient_bcc_maps = mysql:/etc/postfix/mysql_bcc.cf
recipient_delimiter = +
relay_domains = proxy:mysql:/etc/postfix/mysql_relay_domains_maps.cf
relayhost =
sender_bcc_maps = mysql:/etc/postfix/mysql_bcc.cf
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = Welcome to $myhostname
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated,
check_client_access mysql:/etc/postfix/mysql_access.cf,
reject_unknown_client, reject_unknown_client_hostname,
reject_unauth_pipelining, reject_rbl_client bl.spamcop.net,
reject_rbl_client zen.spamhaus.org, reject_rbl_client b.barracudacentral.org
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname,
reject_invalid_hostname
smtpd_recipient_restrictions = reject_unknown_sender_domain,
reject_unknown_recipient_domain, reject_non_fqdn_sender,
reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service
inet:127.0.0.1:10031, permit_mynetworks, permit_sasl_authenticated,
reject_unauth_destination, check_policy_service unix:private/policy-spf
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_unauth_pipelining, reject_unauth_destination
smtpd_timeout = 30
smtpd_tls_cert_file = /etc/postfix/ssl/wildcard.domain.com.crt
smtpd_tls_key_file = /etc/postfix/ssl/wildcard.domain.com.key
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
transport_maps = mysql:/etc/postfix/mysql_transport.cf
vacation_destination_recipient_limit = 1
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:125
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 125
virtual_transport = virtual
virtual_uid_maps = static:125

More information about the dovecot mailing list