remote | local blocks in protocol settings

Timo Sirainen tss at iki.fi
Tue Jan 19 18:54:15 UTC 2016


> On 19 Jan 2016, at 20:23, Nikolaos Milas <nmilas at noa.gr> wrote:
> 
> On 19/1/2016 6:34 μμ, Timo Sirainen wrote:
> 
>> The nesting must be in this order or it'll give an error:
>> 
>> local 127.0.0.1 {
>>   local_name foo {
>>     remote 127.0.0.1 {
>>       protocol imap {
>>       }
>>     }
>>   }
>> }
> 
> Please allow me to ask for clarifications:
> 
> local <ip>         -->  Local Dovecot Server IP address

Yes.

> local_name <name>  -->  Connecting client username

No, this is used only when TLS SNI extension is used. It expands to the TLS SNI hostname. Typically this is only used to configure per-host TLS certificates.

> remote <ip>        -->  Connecting client ip address

Yes.

> Please correct accordingly, if necessary. Thanks!
> 
>> 1) Is there anything in Dovecot's error logs? For example any warnings about reaching a process limit?
>> 
>> 2) If you can't find anything, try to find the matching webmail connection's disconnection message from Dovecot logs and see what it says the reason for disconnection was.
> 
> I just found in Dovecot logs:
> 
> dovecot: master: Warning: service(imap-login): process_limit (100) reached, client connections are being dropped
> 
> This must be it!  So, I guess I could add to my config, for example:
> 
>   service imap-login {
>       service_count = 1
>       vsz_limit = 64 M
>   +   process_limit = 500
>   +   process_min_avail = 2
>   }
> 
> Sounds right? (Ref.: http://wiki.dovecot.org/LoginProcess)

Yes.

> By the way is there a way to show/monitor (e.g. using doveadm) the current number of login processes used?

Not beyond the standard tools: ps aux | grep imap-login | wc -l



More information about the dovecot mailing list