dovecot - Aug 2012 - New log entries with 2.0.19?

I just upgraded my Ubuntu server from 11.10 to 12.04.1 and that upgraded 
Dovecot to 2.0.19.  For some reason I'm getting a lot more (5 times) 
disconnect in IDLE and inactivity time outs.  I'm using only IMAP with 
two users.  Both users access the server from multiple devices, phone, 
tablet and desktop computer.  I had previously set the 
max_userip_connections to 20 and rarely got the following limits 
exceeded message.  That's probably being triggered when we are both home 
and using all of our devices on the same network.  I've now changed it 
to 40 and we'll see how that does.

The other is the IDLE and inactivity timeouts.  I don't really 
understand how IDLE works and I couldn't find an inactivity timeout 
setting to play with.  There are at this second 32 imap or imap-login 
processes running with only two phones and one desktop running.  That's 
a few more than before the upgrade but not a lot.

--------------------- Dovecot Begin ------------------------

  Dovecot limits exceeded:
     max_userip_connections: penny from 216.240.58.138 to 
216.240.58.140: 56 Time(s)

  Dovecot disconnects:
     Disconnected in IDLE: 485 Time(s)
     Inactivity: 343 Time(s)
     no auth attempts: 14 Time(s)
     no reason: 21 Time(s)

Everything seems to be working OK so maybe I should just not worry about it?

Thanks,

knute...

# 2.0.19: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-29-generic x86_64 Ubuntu 12.04.1 LTS
auth_anonymous_username = anonymous
auth_cache_negative_ttl = 1 hours
auth_cache_size = 0
auth_cache_ttl = 1 hours
auth_debug = no
auth_debug_passwords = no
auth_default_realm auth_failure_delay = 2 secs
auth_first_valid_uid = 500
auth_gssapi_hostname auth_krb5_keytab auth_last_valid_uid = 0
auth_master_user_separator auth_mechanisms = plain login
auth_realms auth_socket_path = auth-userdb
auth_ssl_require_client_cert = no
auth_ssl_username_from_cert = no
auth_use_winbind = no
auth_username_chars = 
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
auth_username_format auth_username_translation auth_verbose = no
auth_verbose_passwords = no
auth_winbind_helper_path = /usr/bin/ntlm_auth
auth_worker_max_count = 30
base_dir = /var/run/dovecot
config_cache_size = 1 M
debug_log_path default_client_limit = 1000
default_idle_kill = 60
default_internal_user = dovecot
default_login_user = dovenull
default_process_limit = 100
default_vsz_limit = 256 M
deliver_log_format = msgid=%m: %$
dict_db_config director_doveadm_port = 0
director_mail_servers director_servers director_user_expire = 15 mins
disable_plaintext_auth = yes
dotlock_use_excl = yes
doveadm_allowed_commands doveadm_password doveadm_proxy_port = 0
doveadm_socket_path = doveadm-server
doveadm_worker_count = 0
first_valid_gid = 1
first_valid_uid = 500
hostname imap_capability imap_client_workarounds imap_id_log imap_id_send
imap_idle_notify_interval = 2 mins
imap_logout_format = bytes=%i/%o
imap_max_line_length = 64 k
import_environment = TZ
info_log_path instance_name = dovecot
last_valid_gid = 0
last_valid_uid = 0
lda_mailbox_autocreate = no
lda_mailbox_autosubscribe = no
lda_original_recipient_header libexec_dir = /usr/lib/dovecot
listen = *, ::
lmtp_proxy = no
lmtp_save_to_detail_mailbox = no
lock_method = fcntl
log_path = syslog
log_timestamp = "%b %d %H:%M:%S "
login_access_sockets login_greeting = Dovecot ready.
login_log_format = %$: %s
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
login_trusted_networks mail_access_groups mail_attachment_dir mail_attachment_fs
= sis posix
mail_attachment_hash = %{sha1}
mail_attachment_min_size = 128 k
mail_cache_fields = flags
mail_cache_min_mail_count = 0
mail_chroot mail_debug = no
mail_fsync = optimized
mail_full_filesystem_access = no
mail_gid mail_home mail_location = mbox:~/mail:INBOX=/var/mail/%u
mail_log_prefix = "%s(%u): "
mail_max_keyword_length = 50
mail_max_lock_timeout = 0
mail_max_userip_connections = 10
mail_never_cache_fields = imap.envelope
mail_nfs_index = no
mail_nfs_storage = no
mail_plugin_dir = /usr/lib/dovecot/modules
mail_plugins mail_privileged_group mail_save_crlf = no
mail_temp_dir = /tmp
mail_uid mailbox_idle_check_interval = 30 secs
mailbox_list_index_disable = no
maildir_copy_with_hardlinks = yes
maildir_stat_dirs = no
maildir_very_dirty_syncs = no
master_user_separator mbox_dirty_syncs = yes
mbox_dotlock_change_timeout = 2 mins
mbox_lazy_writes = yes
mbox_lock_timeout = 5 mins
mbox_min_index_size = 0
mbox_read_locks = fcntl
mbox_very_dirty_syncs = no
mbox_write_locks = dotlock fcntl
mdbox_preallocate_space = no
mdbox_rotate_interval = 0
mdbox_rotate_size = 2 M
mmap_disable = no
passdb {
   args    deny = no
   driver = pam
   master = no
   pass = no
}
pop3_client_workarounds pop3_enable_last = no
pop3_fast_size_lookups = no
pop3_lock_session = no
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
pop3_no_flag_updates = no
pop3_reuse_xuidl = no
pop3_save_uidl = no
pop3_uidl_format = %08Xu%08Xv
postmaster_address protocols = " imap"
quota_full_tempfail = no
recipient_delimiter = +
rejection_reason = Your message to <%t> was automatically rejected:%n%r
rejection_subject = Rejected: %s
sendmail_path = /usr/sbin/sendmail
service anvil {
   chroot = empty
   client_limit = 0
   drop_priv_before_exec = no
   executable = anvil
   extra_groups    group    idle_kill = 4294967295 secs
   privileged_group    process_limit = 1
   process_min_avail = 1
   protocol    service_count = 0
   type = anvil
   unix_listener anvil-auth-penalty {
     group      mode = 0600
     user    }
   unix_listener anvil {
     group      mode = 0600
     user    }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service auth-worker {
   chroot    client_limit = 1
   drop_priv_before_exec = no
   executable = auth -w
   extra_groups    group    idle_kill = 0
   privileged_group    process_limit = 0
   process_min_avail = 0
   protocol    service_count = 1
   type    unix_listener auth-worker {
     group      mode = 0600
     user = $default_internal_user
   }
   user    vsz_limit = 18446744073709551615 B
}
service auth {
   chroot    client_limit = 4096
   drop_priv_before_exec = no
   executable = auth
   extra_groups    group    idle_kill = 0
   privileged_group    process_limit = 1
   process_min_avail = 0
   protocol    service_count = 0
   type    unix_listener auth-client {
     group      mode = 0600
     user    }
   unix_listener auth-login {
     group      mode = 0600
     user = $default_internal_user
   }
   unix_listener auth-master {
     group      mode = 0600
     user    }
   unix_listener auth-userdb {
     group      mode = 0600
     user    }
   unix_listener login/login {
     group      mode = 0666
     user    }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service config {
   chroot    client_limit = 0
   drop_priv_before_exec = no
   executable = config
   extra_groups    group    idle_kill = 0
   privileged_group    process_limit = 0
   process_min_avail = 0
   protocol    service_count = 0
   type = config
   unix_listener config {
     group      mode = 0600
     user    }
   user    vsz_limit = 18446744073709551615 B
}
service dict {
   chroot    client_limit = 1
   drop_priv_before_exec = no
   executable = dict
   extra_groups    group    idle_kill = 0
   privileged_group    process_limit = 0
   process_min_avail = 0
   protocol    service_count = 0
   type    unix_listener dict {
     group      mode = 0600
     user    }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service director {
   chroot    client_limit = 0
   drop_priv_before_exec = no
   executable = director
   extra_groups    fifo_listener login/proxy-notify {
     group      mode = 00
     user    }
   group    idle_kill = 4294967295 secs
   inet_listener {
     address      port = 0
     ssl = no
   }
   privileged_group    process_limit = 1
   process_min_avail = 0
   protocol    service_count = 0
   type    unix_listener director-admin {
     group      mode = 0600
     user    }
   unix_listener director-userdb {
     group      mode = 0600
     user    }
   unix_listener login/director {
     group      mode = 00
     user    }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service dns_client {
   chroot    client_limit = 1
   drop_priv_before_exec = no
   executable = dns-client
   extra_groups    group    idle_kill = 0
   privileged_group    process_limit = 0
   process_min_avail = 0
   protocol    service_count = 0
   type    unix_listener dns-client {
     group      mode = 0666
     user    }
   unix_listener login/dns-client {
     group      mode = 0666
     user    }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service doveadm {
   chroot    client_limit = 1
   drop_priv_before_exec = no
   executable = doveadm-server
   extra_groups    group    idle_kill = 0
   privileged_group    process_limit = 0
   process_min_avail = 0
   protocol    service_count = 1
   type    unix_listener doveadm-server {
     group      mode = 0600
     user    }
   user    vsz_limit = 18446744073709551615 B
}
service imap-login {
   chroot = login
   client_limit = 0
   drop_priv_before_exec = no
   executable = imap-login
   extra_groups    group    idle_kill = 0
   inet_listener imap {
     address      port = 143
     ssl = no
   }
   inet_listener imaps {
     address      port = 993
     ssl = yes
   }
   privileged_group    process_limit = 0
   process_min_avail = 0
   protocol = imap
   service_count = 1
   type = login
   user = $default_login_user
   vsz_limit = 18446744073709551615 B
}
service imap {
   chroot    client_limit = 1
   drop_priv_before_exec = no
   executable = imap
   extra_groups    group    idle_kill = 0
   privileged_group    process_limit = 1024
   process_min_avail = 0
   protocol = imap
   service_count = 1
   type    unix_listener login/imap {
     group      mode = 0666
     user    }
   user    vsz_limit = 18446744073709551615 B
}
service ipc {
   chroot = empty
   client_limit = 0
   drop_priv_before_exec = no
   executable = ipc
   extra_groups    group    idle_kill = 0
   privileged_group    process_limit = 1
   process_min_avail = 0
   protocol    service_count = 0
   type    unix_listener ipc {
     group      mode = 0600
     user    }
   unix_listener login/ipc-proxy {
     group      mode = 0600
     user = $default_login_user
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service lmtp {
   chroot    client_limit = 1
   drop_priv_before_exec = no
   executable = lmtp
   extra_groups    group    idle_kill = 0
   privileged_group    process_limit = 0
   process_min_avail = 0
   protocol = lmtp
   service_count = 0
   type    unix_listener lmtp {
     group      mode = 0666
     user    }
   user    vsz_limit = 18446744073709551615 B
}
service log {
   chroot    client_limit = 0
   drop_priv_before_exec = no
   executable = log
   extra_groups    group    idle_kill = 0
   privileged_group    process_limit = 1
   process_min_avail = 0
   protocol    service_count = 0
   type = log
   user    vsz_limit = 18446744073709551615 B
}
service pop3-login {
   chroot = login
   client_limit = 0
   drop_priv_before_exec = no
   executable = pop3-login
   extra_groups    group    idle_kill = 0
   inet_listener pop3 {
     address      port = 0
     ssl = no
   }
   inet_listener pop3s {
     address      port = 0
     ssl = yes
   }
   privileged_group    process_limit = 0
   process_min_avail = 0
   protocol = pop3
   service_count = 1
   type = login
   user = $default_login_user
   vsz_limit = 18446744073709551615 B
}
service pop3 {
   chroot    client_limit = 1
   drop_priv_before_exec = no
   executable = pop3
   extra_groups    group    idle_kill = 0
   privileged_group    process_limit = 1024
   process_min_avail = 0
   protocol = pop3
   service_count = 1
   type    unix_listener login/pop3 {
     group      mode = 0666
     user    }
   user    vsz_limit = 18446744073709551615 B
}
service ssl-params {
   chroot    client_limit = 0
   drop_priv_before_exec = no
   executable = ssl-params
   extra_groups    group    idle_kill = 0
   privileged_group    process_limit = 0
   process_min_avail = 0
   protocol    service_count = 0
   type = startup
   unix_listener login/ssl-params {
     group      mode = 0666
     user    }
   user    vsz_limit = 18446744073709551615 B
}
shutdown_clients = yes
ssl = yes
ssl_ca ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_cert_username_field = commonName
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
ssl_client_cert ssl_client_key ssl_key = </etc/ssl/private/dovecot.pem
ssl_key_password ssl_parameters_regenerate = 168
ssl_verify_client_cert = no
submission_host syslog_facility = mail
userdb {
   args    driver = passwd
}
valid_chroot_dirs verbose_proctitle = no
verbose_ssl = no
version_ignore = no
protocol imap {
   imap_capability = IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID 
ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND 
UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 ESEARCH 
ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS
   mail_max_userip_connections = 40
}

-- 

	
Knute Johnson

A couple of days later and it is back to normal.  Never mind.

knute...

On 8/31/2012 4:06 PM, Knute Johnson wrote:
> I just upgraded my Ubuntu server from 11.10 to 12.04.1 and that upgraded
> Dovecot to 2.0.19.  For some reason I'm getting a lot more (5 times)
> disconnect in IDLE and inactivity time outs.  I'm using only IMAP with
> two users.  Both users access the server from multiple devices, phone,
> tablet and desktop computer.  I had previously set the
> max_userip_connections to 20 and rarely got the following limits
> exceeded message.  That's probably being triggered when we are both
home
> and using all of our devices on the same network.  I've now changed it
> to 40 and we'll see how that does.
>
> The other is the IDLE and inactivity timeouts.  I don't really
> understand how IDLE works and I couldn't find an inactivity timeout
> setting to play with.  There are at this second 32 imap or imap-login
> processes running with only two phones and one desktop running.  That's
> a few more than before the upgrade but not a lot.
>
> --------------------- Dovecot Begin ------------------------
>
>   Dovecot limits exceeded:
>      max_userip_connections: penny from 216.240.58.138 to
> 216.240.58.140: 56 Time(s)
>
>   Dovecot disconnects:
>      Disconnected in IDLE: 485 Time(s)
>      Inactivity: 343 Time(s)
>      no auth attempts: 14 Time(s)
>      no reason: 21 Time(s)
>
> Everything seems to be working OK so maybe I should just not worry about
> it?
>
> Thanks,
>
> knute...
>
> # 2.0.19: /etc/dovecot/dovecot.conf
> # OS: Linux 3.2.0-29-generic x86_64 Ubuntu 12.04.1 LTS
> auth_anonymous_username = anonymous
> auth_cache_negative_ttl = 1 hours
> auth_cache_size = 0
> auth_cache_ttl = 1 hours
> auth_debug = no
> auth_debug_passwords = no
> auth_default_realm > auth_failure_delay = 2 secs
> auth_first_valid_uid = 500
> auth_gssapi_hostname > auth_krb5_keytab > auth_last_valid_uid = 0
> auth_master_user_separator > auth_mechanisms = plain login
> auth_realms > auth_socket_path = auth-userdb
> auth_ssl_require_client_cert = no
> auth_ssl_username_from_cert = no
> auth_use_winbind = no
> auth_username_chars >
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
> auth_username_format > auth_username_translation > auth_verbose = no
> auth_verbose_passwords = no
> auth_winbind_helper_path = /usr/bin/ntlm_auth
> auth_worker_max_count = 30
> base_dir = /var/run/dovecot
> config_cache_size = 1 M
> debug_log_path > default_client_limit = 1000
> default_idle_kill = 60
> default_internal_user = dovecot
> default_login_user = dovenull
> default_process_limit = 100
> default_vsz_limit = 256 M
> deliver_log_format = msgid=%m: %$
> dict_db_config > director_doveadm_port = 0
> director_mail_servers > director_servers > director_user_expire = 15
mins
> disable_plaintext_auth = yes
> dotlock_use_excl = yes
> doveadm_allowed_commands > doveadm_password > doveadm_proxy_port = 0
> doveadm_socket_path = doveadm-server
> doveadm_worker_count = 0
> first_valid_gid = 1
> first_valid_uid = 500
> hostname > imap_capability > imap_client_workarounds > imap_id_log
> imap_id_send > imap_idle_notify_interval = 2 mins
> imap_logout_format = bytes=%i/%o
> imap_max_line_length = 64 k
> import_environment = TZ
> info_log_path > instance_name = dovecot
> last_valid_gid = 0
> last_valid_uid = 0
> lda_mailbox_autocreate = no
> lda_mailbox_autosubscribe = no
> lda_original_recipient_header > libexec_dir = /usr/lib/dovecot
> listen = *, ::
> lmtp_proxy = no
> lmtp_save_to_detail_mailbox = no
> lock_method = fcntl
> log_path = syslog
> log_timestamp = "%b %d %H:%M:%S "
> login_access_sockets > login_greeting = Dovecot ready.
> login_log_format = %$: %s
> login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e
%c
> login_trusted_networks > mail_access_groups > mail_attachment_dir
> mail_attachment_fs = sis posix
> mail_attachment_hash = %{sha1}
> mail_attachment_min_size = 128 k
> mail_cache_fields = flags
> mail_cache_min_mail_count = 0
> mail_chroot > mail_debug = no
> mail_fsync = optimized
> mail_full_filesystem_access = no
> mail_gid > mail_home > mail_location = mbox:~/mail:INBOX=/var/mail/%u
> mail_log_prefix = "%s(%u): "
> mail_max_keyword_length = 50
> mail_max_lock_timeout = 0
> mail_max_userip_connections = 10
> mail_never_cache_fields = imap.envelope
> mail_nfs_index = no
> mail_nfs_storage = no
> mail_plugin_dir = /usr/lib/dovecot/modules
> mail_plugins > mail_privileged_group > mail_save_crlf = no
> mail_temp_dir = /tmp
> mail_uid > mailbox_idle_check_interval = 30 secs
> mailbox_list_index_disable = no
> maildir_copy_with_hardlinks = yes
> maildir_stat_dirs = no
> maildir_very_dirty_syncs = no
> master_user_separator > mbox_dirty_syncs = yes
> mbox_dotlock_change_timeout = 2 mins
> mbox_lazy_writes = yes
> mbox_lock_timeout = 5 mins
> mbox_min_index_size = 0
> mbox_read_locks = fcntl
> mbox_very_dirty_syncs = no
> mbox_write_locks = dotlock fcntl
> mdbox_preallocate_space = no
> mdbox_rotate_interval = 0
> mdbox_rotate_size = 2 M
> mmap_disable = no
> passdb {
>    args >    deny = no
>    driver = pam
>    master = no
>    pass = no
> }
> pop3_client_workarounds > pop3_enable_last = no
> pop3_fast_size_lookups = no
> pop3_lock_session = no
> pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
> pop3_no_flag_updates = no
> pop3_reuse_xuidl = no
> pop3_save_uidl = no
> pop3_uidl_format = %08Xu%08Xv
> postmaster_address > protocols = " imap"
> quota_full_tempfail = no
> recipient_delimiter = +
> rejection_reason = Your message to <%t> was automatically
rejected:%n%r
> rejection_subject = Rejected: %s
> sendmail_path = /usr/sbin/sendmail
> service anvil {
>    chroot = empty
>    client_limit = 0
>    drop_priv_before_exec = no
>    executable = anvil
>    extra_groups >    group >    idle_kill = 4294967295 secs
>    privileged_group >    process_limit = 1
>    process_min_avail = 1
>    protocol >    service_count = 0
>    type = anvil
>    unix_listener anvil-auth-penalty {
>      group >      mode = 0600
>      user >    }
>    unix_listener anvil {
>      group >      mode = 0600
>      user >    }
>    user = $default_internal_user
>    vsz_limit = 18446744073709551615 B
> }
> service auth-worker {
>    chroot >    client_limit = 1
>    drop_priv_before_exec = no
>    executable = auth -w
>    extra_groups >    group >    idle_kill = 0
>    privileged_group >    process_limit = 0
>    process_min_avail = 0
>    protocol >    service_count = 1
>    type >    unix_listener auth-worker {
>      group >      mode = 0600
>      user = $default_internal_user
>    }
>    user >    vsz_limit = 18446744073709551615 B
> }
> service auth {
>    chroot >    client_limit = 4096
>    drop_priv_before_exec = no
>    executable = auth
>    extra_groups >    group >    idle_kill = 0
>    privileged_group >    process_limit = 1
>    process_min_avail = 0
>    protocol >    service_count = 0
>    type >    unix_listener auth-client {
>      group >      mode = 0600
>      user >    }
>    unix_listener auth-login {
>      group >      mode = 0600
>      user = $default_internal_user
>    }
>    unix_listener auth-master {
>      group >      mode = 0600
>      user >    }
>    unix_listener auth-userdb {
>      group >      mode = 0600
>      user >    }
>    unix_listener login/login {
>      group >      mode = 0666
>      user >    }
>    user = $default_internal_user
>    vsz_limit = 18446744073709551615 B
> }
> service config {
>    chroot >    client_limit = 0
>    drop_priv_before_exec = no
>    executable = config
>    extra_groups >    group >    idle_kill = 0
>    privileged_group >    process_limit = 0
>    process_min_avail = 0
>    protocol >    service_count = 0
>    type = config
>    unix_listener config {
>      group >      mode = 0600
>      user >    }
>    user >    vsz_limit = 18446744073709551615 B
> }
> service dict {
>    chroot >    client_limit = 1
>    drop_priv_before_exec = no
>    executable = dict
>    extra_groups >    group >    idle_kill = 0
>    privileged_group >    process_limit = 0
>    process_min_avail = 0
>    protocol >    service_count = 0
>    type >    unix_listener dict {
>      group >      mode = 0600
>      user >    }
>    user = $default_internal_user
>    vsz_limit = 18446744073709551615 B
> }
> service director {
>    chroot >    client_limit = 0
>    drop_priv_before_exec = no
>    executable = director
>    extra_groups >    fifo_listener login/proxy-notify {
>      group >      mode = 00
>      user >    }
>    group >    idle_kill = 4294967295 secs
>    inet_listener {
>      address >      port = 0
>      ssl = no
>    }
>    privileged_group >    process_limit = 1
>    process_min_avail = 0
>    protocol >    service_count = 0
>    type >    unix_listener director-admin {
>      group >      mode = 0600
>      user >    }
>    unix_listener director-userdb {
>      group >      mode = 0600
>      user >    }
>    unix_listener login/director {
>      group >      mode = 00
>      user >    }
>    user = $default_internal_user
>    vsz_limit = 18446744073709551615 B
> }
> service dns_client {
>    chroot >    client_limit = 1
>    drop_priv_before_exec = no
>    executable = dns-client
>    extra_groups >    group >    idle_kill = 0
>    privileged_group >    process_limit = 0
>    process_min_avail = 0
>    protocol >    service_count = 0
>    type >    unix_listener dns-client {
>      group >      mode = 0666
>      user >    }
>    unix_listener login/dns-client {
>      group >      mode = 0666
>      user >    }
>    user = $default_internal_user
>    vsz_limit = 18446744073709551615 B
> }
> service doveadm {
>    chroot >    client_limit = 1
>    drop_priv_before_exec = no
>    executable = doveadm-server
>    extra_groups >    group >    idle_kill = 0
>    privileged_group >    process_limit = 0
>    process_min_avail = 0
>    protocol >    service_count = 1
>    type >    unix_listener doveadm-server {
>      group >      mode = 0600
>      user >    }
>    user >    vsz_limit = 18446744073709551615 B
> }
> service imap-login {
>    chroot = login
>    client_limit = 0
>    drop_priv_before_exec = no
>    executable = imap-login
>    extra_groups >    group >    idle_kill = 0
>    inet_listener imap {
>      address >      port = 143
>      ssl = no
>    }
>    inet_listener imaps {
>      address >      port = 993
>      ssl = yes
>    }
>    privileged_group >    process_limit = 0
>    process_min_avail = 0
>    protocol = imap
>    service_count = 1
>    type = login
>    user = $default_login_user
>    vsz_limit = 18446744073709551615 B
> }
> service imap {
>    chroot >    client_limit = 1
>    drop_priv_before_exec = no
>    executable = imap
>    extra_groups >    group >    idle_kill = 0
>    privileged_group >    process_limit = 1024
>    process_min_avail = 0
>    protocol = imap
>    service_count = 1
>    type >    unix_listener login/imap {
>      group >      mode = 0666
>      user >    }
>    user >    vsz_limit = 18446744073709551615 B
> }
> service ipc {
>    chroot = empty
>    client_limit = 0
>    drop_priv_before_exec = no
>    executable = ipc
>    extra_groups >    group >    idle_kill = 0
>    privileged_group >    process_limit = 1
>    process_min_avail = 0
>    protocol >    service_count = 0
>    type >    unix_listener ipc {
>      group >      mode = 0600
>      user >    }
>    unix_listener login/ipc-proxy {
>      group >      mode = 0600
>      user = $default_login_user
>    }
>    user = $default_internal_user
>    vsz_limit = 18446744073709551615 B
> }
> service lmtp {
>    chroot >    client_limit = 1
>    drop_priv_before_exec = no
>    executable = lmtp
>    extra_groups >    group >    idle_kill = 0
>    privileged_group >    process_limit = 0
>    process_min_avail = 0
>    protocol = lmtp
>    service_count = 0
>    type >    unix_listener lmtp {
>      group >      mode = 0666
>      user >    }
>    user >    vsz_limit = 18446744073709551615 B
> }
> service log {
>    chroot >    client_limit = 0
>    drop_priv_before_exec = no
>    executable = log
>    extra_groups >    group >    idle_kill = 0
>    privileged_group >    process_limit = 1
>    process_min_avail = 0
>    protocol >    service_count = 0
>    type = log
>    user >    vsz_limit = 18446744073709551615 B
> }
> service pop3-login {
>    chroot = login
>    client_limit = 0
>    drop_priv_before_exec = no
>    executable = pop3-login
>    extra_groups >    group >    idle_kill = 0
>    inet_listener pop3 {
>      address >      port = 0
>      ssl = no
>    }
>    inet_listener pop3s {
>      address >      port = 0
>      ssl = yes
>    }
>    privileged_group >    process_limit = 0
>    process_min_avail = 0
>    protocol = pop3
>    service_count = 1
>    type = login
>    user = $default_login_user
>    vsz_limit = 18446744073709551615 B
> }
> service pop3 {
>    chroot >    client_limit = 1
>    drop_priv_before_exec = no
>    executable = pop3
>    extra_groups >    group >    idle_kill = 0
>    privileged_group >    process_limit = 1024
>    process_min_avail = 0
>    protocol = pop3
>    service_count = 1
>    type >    unix_listener login/pop3 {
>      group >      mode = 0666
>      user >    }
>    user >    vsz_limit = 18446744073709551615 B
> }
> service ssl-params {
>    chroot >    client_limit = 0
>    drop_priv_before_exec = no
>    executable = ssl-params
>    extra_groups >    group >    idle_kill = 0
>    privileged_group >    process_limit = 0
>    process_min_avail = 0
>    protocol >    service_count = 0
>    type = startup
>    unix_listener login/ssl-params {
>      group >      mode = 0666
>      user >    }
>    user >    vsz_limit = 18446744073709551615 B
> }
> shutdown_clients = yes
> ssl = yes
> ssl_ca > ssl_cert = </etc/ssl/certs/dovecot.pem
> ssl_cert_username_field = commonName
> ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
> ssl_client_cert > ssl_client_key > ssl_key =
</etc/ssl/private/dovecot.pem
> ssl_key_password > ssl_parameters_regenerate = 168
> ssl_verify_client_cert = no
> submission_host > syslog_facility = mail
> userdb {
>    args >    driver = passwd
> }
> valid_chroot_dirs > verbose_proctitle = no
> verbose_ssl = no
> version_ignore = no
> protocol imap {
>    imap_capability = IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID
> ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND
> UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 ESEARCH
> ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS
>    mail_max_userip_connections = 40
> }
>

-- 


Knute Johnson