<div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr">ok, i've found out that the directors are in the doveadm penalty list.</div><div dir="ltr"><br></div><div>i believe adding the following solves the issue (still testing but looking promising.</div><div dir="ltr">login_trusted_networks = <a href="http://10.0.10.0/24">10.0.10.0/24</a><br></div></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Mar 19, 2019 at 2:19 PM Erik de Waard <<a href="mailto:erikdewaard@gmail.com">erikdewaard@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr">Hi,<div><br></div><div>I've been running dovecot for many years, but now i've hit a strange problem.</div><div>when retrieving imap there is sometimes in 1 of 4 imap requests a 4sec latency.</div><div><br></div><div>* notes:</div><div>- connected directly to the backends this latency disappears</div><div>- removing a director from the loadbalancer(lvs) so i'm the only connected to the director</div><div>this latency disappears too</div><div><br></div><div>I would appreciate some feedback of where to look because i tried various</div><div>options. (client_limit,process_limit) perhaps its just as simple as to add more directors</div><div>but any feedback would be welcome.</div><div><br></div><div>Thank you.</div><div><br></div><div>This is the setup: <br><br></div><div>-- Internet -> LVS -> 3 Directors -> 9 Backends.</div><div><br></div><div>doveadm director status</div><div><div>mail server ip tag vhosts state state changed users </div><div>10.0.10.110 100 up - 3309 </div><div>10.0.10.111 100 up - 3412 </div><div>10.0.10.112 100 up - 3458 </div><div>10.0.10.113 100 up - 3437 </div><div>10.0.10.115 100 up - 3368 </div><div>10.0.10.116 100 up - 3320 </div><div>10.0.10.117 100 up - 3305 </div><div>10.0.10.118 100 up - 3291 </div><div>10.0.10.223 100 up - 3280 </div></div><div><br></div><div>#Director doveconf -n</div><div><div># Pigeonhole version 0.4.22 (22940fb7)</div><div># OS: Linux 4.9.0-6-amd64 x86_64 Debian 9.4 </div><div># Hostname: <a href="http://server312.company.com" target="_blank">server312.company.com</a> </div><div>auth_cache_negative_ttl = 0</div><div>auth_cache_size = 10 M</div><div>auth_cache_ttl = 1 days</div><div>auth_username_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@#"</div><div>default_client_limit = 3000</div><div>director_mail_servers = 10.0.10.223 10.0.10.110 10.0.10.111 10.0.10.112 10.0.10.113 10.0.10.115 10.0.10.116 10.0.10.117 10.0.10.118</div><div>director_servers = 10.0.10.114 10.0.10.181 10.0.10.182</div><div>director_user_expire = 1 days</div><div>disable_plaintext_auth = no</div><div>info_log_path = /dev/null</div><div>lmtp_proxy = yes</div><div>login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e encryption=%k secured=%c</div><div>mail_max_userip_connections = 100</div><div>passdb {</div><div> args = proxy=y nopassword=y</div><div> driver = static</div><div>}</div><div>protocols = imap lmtp</div><div>service director {</div><div> fifo_listener login/proxy-notify {</div><div> mode = 0600</div><div> user = $default_login_user</div><div> }</div><div> inet_listener {</div><div> port = 9090</div><div> }</div><div> unix_listener director-userdb {</div><div> mode = 0600</div><div> }</div><div> unix_listener login/director {</div><div> mode = 0666</div><div> }</div><div>}</div><div>service imap-login {</div><div> client_limit = 6000</div><div> executable = imap-login director</div><div> process_limit = 4</div><div> process_min_avail = 4</div><div> service_count = 0</div><div> vsz_limit = 600 M</div><div>}</div><div>service ipc {</div><div> unix_listener ipc {</div><div> user = dovecot</div><div> }</div><div>}</div><div>service lmtp {</div><div> inet_listener lmtp {</div><div> port = 24</div><div> }</div><div>}</div><div>ssl_cert = </etc/ssl-certificates/MDC_company_com.crt</div><div>ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!RC4:!SEED@STRENGTH</div><div>ssl_key = # hidden, use -P to show it</div><div>ssl_prefer_server_ciphers = yes</div><div>protocol lmtp {</div><div> auth_socket_path = director-userdb</div><div>}</div></div><div><br></div><div><br></div><div>#backend doveconf -n </div><div><div># 2.2.34 (874deae): /etc/dovecot/dovecot.conf</div><div># Pigeonhole version 0.4.22 (22940fb7)</div><div># OS: Linux 4.9.0-6-amd64 x86_64 Debian 9.4 </div><div># Hostname: <a href="http://server250.company.com" target="_blank">server250.company.com</a></div><div>auth_cache_negative_ttl = 0</div><div>auth_cache_size = 10 M</div><div>auth_cache_ttl = 1 days</div><div>auth_username_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@#"</div><div>default_client_limit = 1500</div><div>default_vsz_limit = 600 M</div><div>disable_plaintext_auth = no</div><div>info_log_path = /dev/null</div><div>listen = *</div><div>log_timestamp = "%Y-%m-%d %H:%M:%S "</div><div>mail_max_userip_connections = 100</div><div>mail_privileged_group = mail</div><div>mmap_disable = yes</div><div>namespace inbox {</div><div> inbox = yes</div><div> location = </div><div> mailbox Drafts {</div><div> special_use = \Drafts</div><div> }</div><div> mailbox Junk {</div><div> special_use = \Junk</div><div> }</div><div> mailbox Sent {</div><div> special_use = \Sent</div><div> }</div><div> mailbox "Sent Messages" {</div><div> special_use = \Sent</div><div> }</div><div> mailbox Trash {</div><div> special_use = \Trash</div><div> }</div><div> prefix = INBOX.</div><div> separator = .</div><div> type = private</div><div>}</div><div>passdb {</div><div> args = /etc/dovecot/dovecot-sql.conf</div><div> driver = sql</div><div>}</div><div>plugin {</div><div> sieve_execute_bin_dir = /etc/dovecot/sieve-executables</div><div> sieve_global_extensions = +vnd.dovecot.execute</div><div> sieve_plugins = sieve_extprograms</div><div>}</div><div>protocols = imap lmtp</div><div>service anvil {</div><div> unix_listener anvil-auth-penalty {</div><div> mode = 0600</div><div> }</div><div>}</div><div>service auth {</div><div> user = root</div><div>}</div><div>service imap-login {</div><div> client_limit = 6000</div><div> process_limit = 4</div><div> process_min_avail = 4</div><div> service_count = 0</div><div> vsz_limit = 600 M</div><div>}</div><div>service imap {</div><div> client_limit = 1</div><div> process_limit = 1024</div><div> service_count = 50</div><div>}</div><div>service lmtp {</div><div> inet_listener lmtp {</div><div> port = 24</div><div> }</div><div>}</div><div>ssl = no</div><div>ssl_cert = </etc/dovecot/dovecot.crt</div><div>ssl_key = # hidden, use -P to show it</div><div>userdb {</div><div> driver = prefetch</div><div>}</div><div>userdb {</div><div> args = /etc/dovecot/dovecot-sql.conf</div><div> driver = sql</div><div>}</div><div>verbose_proctitle = yes</div><div>protocol lmtp {</div><div> mail_plugins = " sieve"</div><div> plugin {</div><div> sieve = ~/filters.sieve</div><div> sieve_after = /etc/dovecot/sieve/after.sieve</div><div> sieve_before = /etc/dovecot/sieve/before.sieve</div><div> }</div><div> userdb {</div><div> args = /etc/dovecot/dovecot-sql-lmtp.conf</div><div> driver = sql</div><div> name = </div><div> }</div><div>}</div></div><div><br></div></div></div></div></div>
</blockquote></div>