<html>
<head>
<style type="text/css">
body,p,td,div,span{
font-size:14px;font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol";
};
body p{
margin:0px;
}
</style>
</head>
<body>Here's a few tips:<div><br></div><div>1. I assume that's a 2U format -24 bays. You only have 1 raid card for all 24 disks ? Granted you only have 16, but usually you should assign 1 card per 8 drives. In our standard 2U chassis we have 3 hba's per 8 drives. Your backplane should support that.</div><div>2. Add more drives</div><div>3. Get a pci nvme ssd card and move the indexes/control/sieve files there. <br><br><br>On Monday, 07/09/2020 at 08:16 Miloslav Hůla wrote:<br><blockquote style="border:0;border-left: 2px solid #22437f; padding:0px; margin:0px; padding-left:5px; margin-left: 5px; ">Dne 07.09.2020 v 12:43 Sami Ketola napsal(a):<br>
>> On 7. Sep 2020, at 12.38, Miloslav Hůla <<a href="mailto:miloslav.hula@gmail.com" class="normal-link normal-link-email" target="_blank" rel="noopener noreferrer">miloslav.hula@gmail.com</a>> wrote:<br>
>><br>
>> Hello,<br>
>><br>
>> I sent this into the Linux Kernel Btrfs mailing list and I got reply: "RAID-1 would be preferable" (<a href="https://lore.kernel.org/linux-btrfs/7b364356-7041-7d18-bd77-f60e0e2e2112@lechevalier.se/T" target="_blank" class="normal-link">https://lore.kernel.org/linux-btrfs/7b364356-7041-7d18-bd77-f60e0e2e2112@lechevalier.se/T</a>/). May I ask you for the comments as from people around the Dovecot?<br>
>><br>
>><br>
>> We are using btrfs RAID-10 (/data, 4.7TB) on a physical Supermicro server with Intel(R) Xeon(R) CPU E5-2620 v4 @ 2.10GHz and 125GB of RAM. We run 'btrfs scrub start -B -d /data' every Sunday as a cron task. It takes about 50 minutes to finish.<br>
>><br>
>> # uname -a<br>
>> Linux imap 4.9.0-12-amd64 #1 SMP Debian 4.9.210-1 (2020-01-20) x86_64 GNU/Linux<br>
>><br>
>> RAID is a composition of 16 harddrives. Harddrives are connected via AVAGO MegaRAID SAS 9361-8i as a RAID-0 devices. All harddrives are SAS 2.5" 15k drives.<br>
>><br>
>> Server serves as a IMAP with Dovecot 2.2.27-3+deb9u6, 4104 accounts, Mailbox format, LMTP delivery.<br>
> <br>
> does "Mailbox format" mean mbox?<br>
> <br>
> If so, then there is your bottleneck. mbox is the slowest possible mailbox format there is.<br>
> <br>
> Sami<br>
<br>
Sorry, no, it is a typo. We are using "Maildir".<br>
<br>
"doveconf -a" attached<br>
<br>
Milo<br>
<br>
<br>
# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf<br>
# Pigeonhole version 0.4.16 (fed8554)<br>
# OS: Linux 4.9.0-12-amd64 x86_64 Debian 9.13<br>
# NOTE: Send doveconf -n output instead when asking for help.<br>
auth_anonymous_username = anonymous<br>
auth_cache_negative_ttl = 30 secs<br>
auth_cache_size = 100 M<br>
auth_cache_ttl = 30 secs<br>
auth_debug = no<br>
auth_debug_passwords = no<br>
auth_default_realm =<br>
auth_failure_delay = 2 secs<br>
auth_gssapi_hostname =<br>
auth_krb5_keytab =<br>
auth_master_user_separator =<br>
auth_mechanisms = plain<br>
auth_policy_hash_mech = sha256<br>
auth_policy_hash_nonce =<br>
auth_policy_hash_truncate = 12<br>
auth_policy_reject_on_fail = no<br>
auth_policy_request_attributes = login=%{orig_username} <br>
pwhash=%{hashed_password} remote=%{real_rip}<br>
auth_policy_server_api_header =<br>
auth_policy_server_timeout_msecs = 2000<br>
auth_policy_server_url =<br>
auth_proxy_self =<br>
auth_realms =<br>
auth_socket_path = auth-userdb<br>
auth_ssl_require_client_cert = no<br>
auth_ssl_username_from_cert = no<br>
auth_stats = no<br>
auth_use_winbind = no<br>
auth_username_chars = <br>
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@<br>
auth_username_format = %Lu<br>
auth_username_translation =<br>
auth_verbose = no<br>
auth_verbose_passwords = no<br>
auth_winbind_helper_path = /usr/bin/ntlm_auth<br>
auth_worker_max_count = 30<br>
base_dir = /var/run/dovecot<br>
config_cache_size = 1 M<br>
debug_log_path =<br>
default_client_limit = 1000<br>
default_idle_kill = 1 mins<br>
default_internal_user = dovecot<br>
default_login_user = dovenull<br>
default_process_limit = 100<br>
default_vsz_limit = 256 M<br>
deliver_log_format = msgid=%m: %$<br>
dict_db_config =<br>
director_consistent_hashing = no<br>
director_doveadm_port = 0<br>
director_flush_socket =<br>
director_mail_servers =<br>
director_servers =<br>
director_user_expire = 15 mins<br>
director_user_kick_delay = 2 secs<br>
director_username_hash = %u<br>
disable_plaintext_auth = yes<br>
dotlock_use_excl = yes<br>
doveadm_allowed_commands =<br>
doveadm_api_key =<br>
doveadm_password =<br>
doveadm_port = 0<br>
doveadm_socket_path = doveadm-server<br>
doveadm_username = doveadm<br>
doveadm_worker_count = 0<br>
dsync_alt_char = _<br>
dsync_features =<br>
dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -U<br>
first_valid_gid = 1<br>
first_valid_uid = 109<br>
haproxy_timeout = 3 secs<br>
haproxy_trusted_networks =<br>
hostname =<br>
imap_capability =<br>
imap_client_workarounds =<br>
imap_hibernate_timeout = 0<br>
imap_id_log = *<br>
imap_id_send = name *<br>
imap_idle_notify_interval = 2 mins<br>
imap_logout_format = in=%i out=%o<br>
imap_max_line_length = 64 k<br>
imap_metadata = no<br>
imap_urlauth_host =<br>
imap_urlauth_logout_format = in=%i out=%o<br>
imap_urlauth_port = 143<br>
imapc_cmd_timeout = 5 mins<br>
imapc_features =<br>
imapc_host =<br>
imapc_list_prefix =<br>
imapc_master_user =<br>
imapc_max_idle_time = 29 mins<br>
imapc_max_line_length = 0<br>
imapc_password =<br>
imapc_port = 143<br>
imapc_rawlog_dir =<br>
imapc_sasl_mechanisms =<br>
imapc_ssl = no<br>
imapc_ssl_verify = yes<br>
imapc_user =<br>
import_environment = TZ CORE_OUTOFMEM CORE_ERROR LISTEN_PID LISTEN_FDS<br>
info_log_path =<br>
instance_name = dovecot<br>
last_valid_gid = 0<br>
last_valid_uid = 0<br>
lda_mailbox_autocreate = no<br>
lda_mailbox_autosubscribe = no<br>
lda_original_recipient_header =<br>
libexec_dir = /usr/lib/dovecot<br>
listen = *, ::<br>
lmtp_address_translate =<br>
lmtp_hdr_delivery_address = final<br>
lmtp_proxy = no<br>
lmtp_rcpt_check_quota = no<br>
lmtp_save_to_detail_mailbox = no<br>
lmtp_user_concurrency_limit = 0<br>
lock_method = fcntl<br>
log_path = syslog<br>
log_timestamp = "%b %d %H:%M:%S "<br>
login_access_sockets =<br>
login_greeting = Dovecot ready.<br>
login_log_format = %$: %s<br>
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c <br>
session=<%{session}><br>
login_plugin_dir = /usr/lib/dovecot/modules/login<br>
login_plugins =<br>
login_proxy_max_disconnect_delay = 0<br>
login_source_ips =<br>
login_trusted_networks =<br>
mail_access_groups =<br>
mail_always_cache_fields =<br>
mail_attachment_dir =<br>
mail_attachment_fs = sis posix<br>
mail_attachment_hash = %{sha1}<br>
mail_attachment_min_size = 128 k<br>
mail_attribute_dict =<br>
mail_cache_fields = flags<br>
mail_cache_min_mail_count = 0<br>
mail_chroot =<br>
mail_debug = no<br>
mail_fsync = optimized<br>
mail_full_filesystem_access = no<br>
mail_gid = vmail<br>
mail_home = /data/vmail/user/%n<br>
mail_location = maildir:/data/vmail/user/%n/Maildir<br>
mail_log_prefix = "%s(%u): "<br>
mail_max_keyword_length = 50<br>
mail_max_lock_timeout = 0<br>
mail_max_userip_connections = 10<br>
mail_never_cache_fields = imap.envelope<br>
mail_nfs_index = no<br>
mail_nfs_storage = no<br>
mail_plugin_dir = /usr/lib/dovecot/modules<br>
mail_plugins =<br>
mail_prefetch_count = 0<br>
mail_privileged_group =<br>
mail_save_crlf = yes<br>
mail_server_admin =<br>
mail_server_comment =<br>
mail_shared_explicit_inbox = no<br>
mail_temp_dir = /tmp<br>
mail_temp_scan_interval = 1 weeks<br>
mail_uid = vmail<br>
mailbox_idle_check_interval = 30 secs<br>
mailbox_list_index = no<br>
mailbox_list_index_very_dirty_syncs = no<br>
maildir_broken_filename_sizes = no<br>
maildir_copy_with_hardlinks = yes<br>
maildir_empty_new = no<br>
maildir_stat_dirs = no<br>
maildir_very_dirty_syncs = no<br>
managesieve_client_workarounds =<br>
managesieve_implementation_string = Dovecot Pigeonhole<br>
managesieve_logout_format = bytes=%i/%o<br>
managesieve_max_compile_errors = 5<br>
managesieve_max_line_length = 65536<br>
managesieve_notify_capability = mailto<br>
managesieve_sieve_capability = fileinto reject envelope <br>
encoded-character vacation subaddress comparator-i;ascii-numeric <br>
relational regex copy include variables body enotify environment mailbox <br>
date index ihave duplicate mime foreverypart extracttext <br>
vacation-seconds imapflags notify<br>
master_user_separator =<br>
mbox_dirty_syncs = yes<br>
mbox_dotlock_change_timeout = 2 mins<br>
mbox_lazy_writes = yes<br>
mbox_lock_timeout = 5 mins<br>
mbox_md5 = apop3d<br>
mbox_min_index_size = 0<br>
mbox_read_locks = fcntl<br>
mbox_very_dirty_syncs = no<br>
mbox_write_locks = fcntl dotlock<br>
mdbox_preallocate_space = no<br>
mdbox_purge_preserve_alt = no<br>
mdbox_rotate_interval = 0<br>
mdbox_rotate_size = 2 M<br>
mmap_disable = no<br>
namespace {<br>
disabled = no<br>
hidden = no<br>
ignore_on_failure = no<br>
inbox = no<br>
list = children<br>
location = <br>
maildir:/data/vmail/user/%%n/Maildir:INDEXPVT=/data/vmail/user/%n/Maildir/Shared/%%n:SUBSCRIPTIONS=../../%n/Maildir/Shared/subscriptions-%%n<br>
order = 0<br>
prefix = user.%%n.<br>
separator = .<br>
subscriptions = yes<br>
type = shared<br>
}<br>
namespace inbox {<br>
disabled = no<br>
hidden = no<br>
ignore_on_failure = no<br>
inbox = yes<br>
list = yes<br>
location =<br>
mailbox Archives {<br>
auto = no<br>
autoexpunge = 0<br>
autoexpunge_max_mails = 0<br>
comment =<br>
driver =<br>
special_use = \Archive<br>
}<br>
mailbox Drafts {<br>
auto = subscribe<br>
autoexpunge = 0<br>
autoexpunge_max_mails = 0<br>
comment =<br>
driver =<br>
special_use = \Drafts<br>
}<br>
mailbox Junk {<br>
auto = no<br>
autoexpunge = 0<br>
autoexpunge_max_mails = 0<br>
comment =<br>
driver =<br>
special_use = \Junk<br>
}<br>
mailbox Sent {<br>
auto = subscribe<br>
autoexpunge = 0<br>
autoexpunge_max_mails = 0<br>
comment =<br>
driver =<br>
special_use = \Sent<br>
}<br>
mailbox "Sent Messages" {<br>
auto = no<br>
autoexpunge = 0<br>
autoexpunge_max_mails = 0<br>
comment =<br>
driver =<br>
special_use = \Sent<br>
}<br>
mailbox Trash {<br>
auto = subscribe<br>
autoexpunge = 0<br>
autoexpunge_max_mails = 0<br>
comment =<br>
driver =<br>
special_use = \Trash<br>
}<br>
mailbox spam {<br>
auto = subscribe<br>
autoexpunge = 0<br>
autoexpunge_max_mails = 0<br>
comment =<br>
driver =<br>
special_use = \Junk<br>
}<br>
order = 0<br>
prefix = INBOX.<br>
separator = .<br>
subscriptions = yes<br>
type = private<br>
}<br>
passdb {<br>
args = /etc/dovecot/deny-users<br>
auth_verbose = default<br>
default_fields =<br>
deny = yes<br>
driver = passwd-file<br>
master = no<br>
name =<br>
override_fields =<br>
pass = no<br>
result_failure = continue<br>
result_internalfail = continue<br>
result_success = return-ok<br>
skip = never<br>
}<br>
passdb {<br>
args = /etc/dovecot/dovecot-ldap.conf.ext<br>
auth_verbose = default<br>
default_fields =<br>
deny = no<br>
driver = ldap<br>
master = no<br>
name =<br>
override_fields =<br>
pass = no<br>
result_failure = continue<br>
result_internalfail = continue<br>
result_success = return-ok<br>
skip = never<br>
}<br>
plugin {<br>
acl = vfile<br>
acl_shared_dict = file:/data/vmail/global/shared-mailboxes<br>
sieve = <br>
file:/data/vmail/user/%n/sieve;active=/data/vmail/user/%n/enabled.sieve<br>
sieve_extensions = +notify +imapflags -imap4flags +vacation-seconds<br>
sieve_vacation_min_period = 0<br>
}<br>
pop3_client_workarounds =<br>
pop3_delete_type = default<br>
pop3_deleted_flag =<br>
pop3_enable_last = no<br>
pop3_fast_size_lookups = no<br>
pop3_lock_session = no<br>
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s<br>
pop3_no_flag_updates = no<br>
pop3_reuse_xuidl = no<br>
pop3_save_uidl = no<br>
pop3_uidl_duplicates = allow<br>
pop3_uidl_format = %v.%u<br>
pop3c_host =<br>
pop3c_master_user =<br>
pop3c_password =<br>
pop3c_port = 110<br>
pop3c_quick_received_date = no<br>
pop3c_rawlog_dir =<br>
pop3c_ssl = no<br>
pop3c_ssl_verify = yes<br>
pop3c_user = %u<br>
postmaster_address = postmaster@%d<br>
protocols = " imap lmtp sieve pop3"<br>
quota_full_tempfail = no<br>
rawlog_dir =<br>
recipient_delimiter = +<br>
rejection_reason = Your message to <%t> was automatically rejected:%n%r<br>
rejection_subject = Rejected: %s<br>
replication_dsync_parameters = -d -N -l 30 -U<br>
replication_full_sync_interval = 1 days<br>
replication_max_conns = 10<br>
replicator_host = replicator<br>
replicator_port = 0<br>
sendmail_path = /usr/sbin/sendmail<br>
service aggregator {<br>
chroot = .<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = aggregator<br>
extra_groups =<br>
fifo_listener replication-notify-fifo {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 0<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 0<br>
type =<br>
unix_listener replication-notify {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
user = $default_internal_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service anvil {<br>
chroot = empty<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = anvil<br>
extra_groups =<br>
group =<br>
idle_kill = 4294967295 secs<br>
privileged_group =<br>
process_limit = 1<br>
process_min_avail = 1<br>
protocol =<br>
service_count = 0<br>
type = anvil<br>
unix_listener anvil-auth-penalty {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
unix_listener anvil {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
user = $default_internal_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service auth-worker {<br>
chroot =<br>
client_limit = 1<br>
drop_priv_before_exec = no<br>
executable = auth -w<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 0<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 1<br>
type =<br>
unix_listener auth-worker {<br>
group =<br>
mode = 0600<br>
user = $default_internal_user<br>
}<br>
user =<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service auth {<br>
chroot =<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = auth<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 1<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 0<br>
type =<br>
unix_listener auth-client {<br>
group =<br>
mode = 0600<br>
user = $default_internal_user<br>
}<br>
unix_listener auth-login {<br>
group =<br>
mode = 0600<br>
user = $default_internal_user<br>
}<br>
unix_listener auth-master {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
unix_listener auth-userdb {<br>
group =<br>
mode = 0666<br>
user = $default_internal_user<br>
}<br>
unix_listener login/login {<br>
group =<br>
mode = 0666<br>
user =<br>
}<br>
unix_listener token-login/tokenlogin {<br>
group =<br>
mode = 0666<br>
user =<br>
}<br>
user = $default_internal_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service config {<br>
chroot =<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = config<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 0<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 0<br>
type = config<br>
unix_listener config {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
user =<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service dict-async {<br>
chroot =<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = dict<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 0<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 0<br>
type =<br>
unix_listener dict-async {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
user = $default_internal_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service dict {<br>
chroot =<br>
client_limit = 1<br>
drop_priv_before_exec = no<br>
executable = dict<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 0<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 0<br>
type =<br>
unix_listener dict {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
user = $default_internal_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service director {<br>
chroot = .<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = director<br>
extra_groups =<br>
fifo_listener login/proxy-notify {<br>
group =<br>
mode = 00<br>
user =<br>
}<br>
group =<br>
idle_kill = 4294967295 secs<br>
inet_listener {<br>
address =<br>
haproxy = no<br>
port = 0<br>
reuse_port = no<br>
ssl = no<br>
}<br>
privileged_group =<br>
process_limit = 1<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 0<br>
type =<br>
unix_listener director-admin {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
unix_listener director-userdb {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
unix_listener login/director {<br>
group =<br>
mode = 00<br>
user =<br>
}<br>
user = $default_internal_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service dns_client {<br>
chroot =<br>
client_limit = 1<br>
drop_priv_before_exec = no<br>
executable = dns-client<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 0<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 0<br>
type =<br>
unix_listener dns-client {<br>
group =<br>
mode = 0666<br>
user =<br>
}<br>
user = $default_internal_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service doveadm {<br>
chroot =<br>
client_limit = 1<br>
drop_priv_before_exec = no<br>
executable = doveadm-server<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 0<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 1<br>
type =<br>
unix_listener doveadm-server {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
user =<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service imap-hibernate {<br>
chroot =<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = imap-hibernate<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 0<br>
process_min_avail = 0<br>
protocol = imap<br>
service_count = 0<br>
type =<br>
unix_listener imap-hibernate {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
user = $default_internal_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service imap-login {<br>
chroot = login<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = imap-login<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
inet_listener imap {<br>
address =<br>
haproxy = no<br>
port = 143<br>
reuse_port = no<br>
ssl = no<br>
}<br>
inet_listener imaps {<br>
address =<br>
haproxy = no<br>
port = 993<br>
reuse_port = no<br>
ssl = yes<br>
}<br>
privileged_group =<br>
process_limit = 0<br>
process_min_avail = 10<br>
protocol = imap<br>
service_count = 0<br>
type = login<br>
user = $default_login_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service imap-urlauth-login {<br>
chroot = token-login<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = imap-urlauth-login<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 0<br>
process_min_avail = 0<br>
protocol = imap<br>
service_count = 1<br>
type = login<br>
unix_listener imap-urlauth {<br>
group =<br>
mode = 0666<br>
user =<br>
}<br>
user = $default_login_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service imap-urlauth-worker {<br>
chroot =<br>
client_limit = 1<br>
drop_priv_before_exec = no<br>
executable = imap-urlauth-worker<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 1024<br>
process_min_avail = 0<br>
protocol = imap<br>
service_count = 1<br>
type =<br>
unix_listener imap-urlauth-worker {<br>
group =<br>
mode = 0600<br>
user = $default_internal_user<br>
}<br>
user =<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service imap-urlauth {<br>
chroot =<br>
client_limit = 1<br>
drop_priv_before_exec = no<br>
executable = imap-urlauth<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 1024<br>
process_min_avail = 0<br>
protocol = imap<br>
service_count = 1<br>
type =<br>
unix_listener token-login/imap-urlauth {<br>
group =<br>
mode = 0666<br>
user =<br>
}<br>
user = $default_internal_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service imap {<br>
chroot =<br>
client_limit = 1<br>
drop_priv_before_exec = no<br>
executable = imap<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 2048<br>
process_min_avail = 0<br>
protocol = imap<br>
service_count = 1<br>
type =<br>
unix_listener imap-master {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
unix_listener login/imap {<br>
group =<br>
mode = 0666<br>
user =<br>
}<br>
user =<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service indexer-worker {<br>
chroot =<br>
client_limit = 1<br>
drop_priv_before_exec = no<br>
executable = indexer-worker<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 10<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 0<br>
type =<br>
unix_listener indexer-worker {<br>
group =<br>
mode = 0600<br>
user = $default_internal_user<br>
}<br>
user =<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service indexer {<br>
chroot =<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = indexer<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 1<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 0<br>
type =<br>
unix_listener indexer {<br>
group =<br>
mode = 0666<br>
user =<br>
}<br>
user = $default_internal_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service ipc {<br>
chroot = empty<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = ipc<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 1<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 0<br>
type =<br>
unix_listener ipc {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
unix_listener login/ipc-proxy {<br>
group =<br>
mode = 0600<br>
user = $default_login_user<br>
}<br>
user = $default_internal_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service lmtp {<br>
chroot =<br>
client_limit = 1<br>
drop_priv_before_exec = no<br>
executable = lmtp<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 120<br>
process_min_avail = 15<br>
protocol = lmtp<br>
service_count = 0<br>
type =<br>
unix_listener /var/spool/postfix/private/dovecot-lmtp {<br>
group = postfix<br>
mode = 0600<br>
user = postfix<br>
}<br>
unix_listener lmtp {<br>
group =<br>
mode = 0666<br>
user =<br>
}<br>
user = vmail<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service log {<br>
chroot =<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = log<br>
extra_groups =<br>
group =<br>
idle_kill = 4294967295 secs<br>
privileged_group =<br>
process_limit = 1<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 0<br>
type = log<br>
unix_listener log-errors {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
user =<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service managesieve-login {<br>
chroot = login<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = managesieve-login<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
inet_listener sieve {<br>
address = 127.0.0.1<br>
haproxy = no<br>
port = 4190<br>
reuse_port = no<br>
ssl = no<br>
}<br>
privileged_group =<br>
process_limit = 0<br>
process_min_avail = 0<br>
protocol = sieve<br>
service_count = 1<br>
type = login<br>
user = $default_login_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service managesieve {<br>
chroot =<br>
client_limit = 1<br>
drop_priv_before_exec = no<br>
executable = managesieve<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 0<br>
process_min_avail = 0<br>
protocol = sieve<br>
service_count = 1<br>
type =<br>
unix_listener login/sieve {<br>
group =<br>
mode = 0666<br>
user =<br>
}<br>
user =<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service pop3-login {<br>
chroot = login<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = pop3-login<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
inet_listener pop3 {<br>
address =<br>
haproxy = no<br>
port = 110<br>
reuse_port = no<br>
ssl = no<br>
}<br>
inet_listener pop3s {<br>
address =<br>
haproxy = no<br>
port = 995<br>
reuse_port = no<br>
ssl = yes<br>
}<br>
privileged_group =<br>
process_limit = 0<br>
process_min_avail = 0<br>
protocol = pop3<br>
service_count = 1<br>
type = login<br>
user = $default_login_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service pop3 {<br>
chroot =<br>
client_limit = 1<br>
drop_priv_before_exec = no<br>
executable = pop3<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 1024<br>
process_min_avail = 0<br>
protocol = pop3<br>
service_count = 1<br>
type =<br>
unix_listener login/pop3 {<br>
group =<br>
mode = 0666<br>
user =<br>
}<br>
user =<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service replicator {<br>
chroot =<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = replicator<br>
extra_groups =<br>
group =<br>
idle_kill = 4294967295 secs<br>
privileged_group =<br>
process_limit = 1<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 0<br>
type =<br>
unix_listener replicator-doveadm {<br>
group =<br>
mode = 00<br>
user = $default_internal_user<br>
}<br>
unix_listener replicator {<br>
group =<br>
mode = 0600<br>
user = $default_internal_user<br>
}<br>
user =<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service ssl-params {<br>
chroot =<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = ssl-params<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 0<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 0<br>
type = startup<br>
unix_listener login/ssl-params {<br>
group =<br>
mode = 0666<br>
user =<br>
}<br>
unix_listener ssl-params {<br>
group =<br>
mode = 0666<br>
user =<br>
}<br>
user =<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service stats {<br>
chroot = empty<br>
client_limit = 0<br>
drop_priv_before_exec = no<br>
executable = stats<br>
extra_groups =<br>
fifo_listener stats-mail {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
fifo_listener stats-user {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
group =<br>
idle_kill = 4294967295 secs<br>
privileged_group =<br>
process_limit = 1<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 0<br>
type =<br>
unix_listener stats {<br>
group =<br>
mode = 0600<br>
user =<br>
}<br>
user = $default_internal_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
service tcpwrap {<br>
chroot =<br>
client_limit = 1<br>
drop_priv_before_exec = no<br>
executable = tcpwrap<br>
extra_groups =<br>
group =<br>
idle_kill = 0<br>
privileged_group =<br>
process_limit = 0<br>
process_min_avail = 0<br>
protocol =<br>
service_count = 0<br>
type =<br>
user = $default_internal_user<br>
vsz_limit = 18446744073709551615 B<br>
}<br>
shutdown_clients = yes<br>
ssl = required<br>
ssl_ca =<br>
ssl_cert = </etc/dovecot/private/imap.chained.crt<br>
ssl_cert_username_field = commonName<br>
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL<br>
ssl_client_ca_dir = /etc/ssl/certs<br>
ssl_client_ca_file =<br>
ssl_client_cert =<br>
ssl_client_key =<br>
ssl_crypto_device =<br>
ssl_dh_parameters_length = 1024<br>
ssl_key = # hidden, use -P to show it<br>
ssl_key_password =<br>
ssl_options =<br>
ssl_parameters_regenerate = 0<br>
ssl_prefer_server_ciphers = no<br>
ssl_protocols = !SSLv3<br>
ssl_require_crl = yes<br>
ssl_verify_client_cert = no<br>
state_dir = /var/lib/dovecot<br>
stats_carbon_interval = 30 secs<br>
stats_carbon_name =<br>
stats_carbon_server =<br>
stats_command_min_time = 1 mins<br>
stats_domain_min_time = 12 hours<br>
stats_ip_min_time = 12 hours<br>
stats_memory_limit = 16 M<br>
stats_session_min_time = 15 mins<br>
stats_user_min_time = 1 hours<br>
submission_host =<br>
syslog_facility = mail<br>
userdb {<br>
args = username_format=%n /data/vmail/global/users<br>
auth_verbose = default<br>
default_fields = home=/data/vmail/user/%n uid=vmail gid=vmail<br>
driver = passwd-file<br>
name =<br>
override_fields =<br>
result_failure = continue<br>
result_internalfail = continue<br>
result_success = return-ok<br>
skip = never<br>
}<br>
valid_chroot_dirs =<br>
verbose_proctitle = no<br>
verbose_ssl = no<br>
version_ignore = no<br>
protocol lmtp {<br>
mail_plugins = " sieve"<br>
postmaster_address = postmaster@...<br>
}<br>
protocol imap {<br>
mail_plugins = " acl imap_acl"<br>
}</blockquote></div></body></html>