similar to: penalty configuration and proxy servers

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I'm using Dovecot v2.2 with unix_listener auth-client { } to verify passwords for a different service. However, it looks like that auth_failure_delay effects all connects going through that socket. I mean: connect /var/run/dovecot2.2/auth-client attempt bad auth 2s penalty NO disconnect ==> Note, it's another connection almost

Hi, we're running dovecot 1.1.2 (centos5 32-bit rpm from atrpms) havn't had any real issues with it, but today it looks like an index has become badly corrupted. We're seeing this in the logs every time we log in to a particular account: 2008-09-10T11:56:07+01:00 mail8 dovecot: Panic: IMAP(xxx): Trying to allocate 2273345672 bytes 2008-09-10T11:56:07+01:00 mail8 dovecot: IMAP(xxx):

Hi, About a week ago I upgraded our reasonably heavily loaded mail servers from a pretty recent courier version to dovecot-1.1rc10. IMAP performance on dovecot is amazing, however POP3 performance is worse than courier :-( I have uploaded some munin graphs taken today to http://linweb.atlas.pipex.net/dovecot/; the dovecot server is handling about 2000 pop logins/sec and 300 imap sessions (but

Dear All, I'm having an intermittent problem, with dovecot slowing to a crawl. Restarting dovecot fixes the problem. Looking at the maillog, I see loads of these errors.... dovecot: pipe() failed: Too many open files dovecot: Temporary failure in creating login processes, slowing down for now dovecot: Created login processes successfully, unstalling looking at the processes, I can see

My existing pop3/imap environment is courier imap + vpopmail + qmail with MySQL backend. I'm looking at migrating this to Dovecot. Currently I have multiple instances of Courier bound to different loopback IPs (the IPs correspond with the virtual IPs on a server load balancer). When a user authenticates they don't have to specify a domain - if they don't, Courier will use a

Hi there, I've been seeing this error in our logs quite frequently on our nfs storage (v3): 2008-11-10T13:24:26+00:00 mail8 dovecot: IMAP(XXX at YYY.com): nfs_flush_fcntl: fcntl(/var/spool/mail/XXX/Maildir/dovecot.index.cache, F_RDLCK) failed: No locks available Which is because we don't run lockd on our servers. Why is dovecot trying to use fcntl() ? I explicitly set it to use dotlocks

Following on from this thread: http://www.dovecot.org/list/dovecot/2010-September/052704.html <https://owa2010.webfusion.com/owa/redir.aspx?C=a447887e3d204944a8c766142df41453&URL=http%3a%2f%2fwww.dovecot.org%2flist%2fdovecot%2f2010-September%2f052704.html> in 2.0.16 I am seeing the same issues. I believe this would be related to some timeouts set on our mysql servers which are pretty

Hello All, We are struggling to find a solution to a problem we are encountering with a load-balanced email setup. Currently, we have a Coyote loadbalancer, and 3 Postfix/Dovecot nodes that then get their information from a mysql database. The problem is that after a couple weeks, we start seeing NFS locking issues occur, which then takes email completely down, requiring a site visit to

Hi there, I run a system that has a lot of virtual users. We invoke deliver from exim and pass the directory to deliver into using the HOME environment variable, so deliver doesn't do any database lookups during the delivery process. The exim pipe environment is described at http://exim.org/exim-html-current/doc/html/spec_html/index.html#toc0239, but basically I'd like to know the domain

Hi all, Lets say I have a maildir which doesn't contain any dovecot files but has some emails lying around in it. If I add a message to this mailbox using deliver, dovecot creates the uidlist file with a single entry (the message that was just delivered). When I then log in to the mailbox, all the other messages are added into the uidlist file in the normal order (directory list order I

Hi all, We updated to 1.1.7 a week or two back from 1.1.6 (both standard atrpms builds). Since doing so, twice now I've seen the imap services accept connections but they hang before the banner is printed (pop seems to be unaffected). I see this in the logs: Dec 23 14:02:15 mail9 dovecot: pipe() failed: Too many open files Dec 23 14:02:15 mail9 dovecot: Temporary failure in creating login

i've upgraded dovecot on my server to 2.3.9 works properly but saslauthd that uses it for rimap authentication over 127.0.0.1 works SLOW. You need to wait 15-20 seconds before authentication. only imap login over 127.0.0.1 is slowed down, while over any other IP is quick. i had this problem with older version of dovecot but it was about adding login_trusted_networks = 127.0.0.1 but i

Hi guys, Anyone know what this error with deliver is (v1.1.1)? 2008-07-03T09:45:19+01:00 mail4 deliver(alexander): Panic: file mail-index-transaction.c: line 642 (mail_index_transaction_lookup): assertion failed: (seq >= t->first_new_seq && seq <= t->last_new_seq) Seen a few of these this morning. Mark -- Mark Zealey -- Shared Hosting Team Leader Product Development *

Hi all, I want to remove the authentication penalty for specific ip addresses (subnets if possible). I am using Dovecot 2.3.2 (582970113) and figured that this information: https://wiki2.dovecot.org/Authentication/Penalty > If the IP is in login_trusted_networks (e.g. webmail), skip any authentication penalties is not up to date. Instead this information is:

Hi, For the upcoming 2.3 development, I'd like to re-suggest this: It seems the use of login_trusted_networks is overloaded. Example: * It's used for indicating which hosts you trust to provide XCLIENT remote IP's. (like a proxy) * It's used for indicating from which hosts you trust logins enough to disable auth penalty. (like in a webmail) Often these two uses cases have a

I've hit two roadblocks while using openssh -D as a general proxy: - openssh doesn't have an internal-null, so the options are to either give the user account a real shell and ForceCommand, or set the shell to something like /bin/cat and ChrootDirectory. I don't want proxy-only accounts to have a shell at all. - Comparing mini-httpd SSL/aes256 vs mini-httpd (localhost/no SSL) via

Using doveadm penalty I just noticed a penalty for 0.0.0.0. Is this Postfix querying the auth-socket for his SASL-requests? I tried adding 0.0.0.0 to login_trusted_networks, but that doesn't help. Peer -- Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin http://www.heinlein-support.de Tel: 030 / 405051-42 Fax: 030 / 405051-19 Zwangsangaben lt. ?35a GmbHG: HRB 93818 B /

Hi all, We need to set our filestore to read-only for quite a while, and I want to mitigate the effects for our clients. First issue; dovecot. If we just change the nfs mounts to read-only, dovecot complains: 2009-02-19T14:03:19+00:00 mail2 dovecot: pop3-login: Login: user=<test2 at markandruth.co.uk>, method=PLAIN, rip=10.15.10.95, lip=10.15.10.102:11002 2009-02-19T14:03:19+00:00 mail2

Hi i have a nice working proxy setup and postlogin script that is doing logging logs. echo "$(date +%Y.%m.%d-%H:%M:%S), $USER, $IP, ${1}" >> /var/log/mail/logins.info 2>&1 is it possible that i recieve a remote ip of user client on proxied internal machine, cause i have only the proxy one, and that date is not a relevant to me thanx t. -- View this message in context:

Hi all, This is just an idea I had over the weekend; I was wondering if instead of storing the indexes/caches on disk, it would be possible to have an option to store them in a remote database (eg mysql). There are several issues that we currently have with scaling dovecot, and I think that if it could store indexes in an external database we could alleviate most of these issues. In no particular