[Postfixbuch-users] Offtopic: Dovecot treibt Last hoch

Christian Garling christian at cg-networks.de
Do Dez 17 12:36:15 CET 2009


Hallo zusammen,

zwar etwas Offtopic, aber da diese Liste hier die aktivste ist die ich im
Mailserverbereich kenne versuche ich es mal:

Wir haben letzten Dienstag bei unserem Kunden einen Mailcluster in Betrieb
genommen, welcher aus zwei Debian 5.0 64 Bit Servern mit Postfix und
Dovecot besteht. Das Dovecot Mailstore liegt auf einem DRBD Device, dass
aktuell mit Protocol A (asynchrone Synchronisation) läuft. Wir sind uns
nicht ganz sicher ob das wirklich Dovecot ist, der da Probleme macht, aber
laut top sieht es stark danach aus. Die Last des Server steigt auf 40.00
und mehr an, IO Wait schwankt laut top zwischen 30 und 60%. Die Benutzer
beklagen sich natürlich zu recht über die schlechte Performance. Wir sind
momentan etwas ratlos wie wir das Problem anpacken sollen.

Hier mal die Configs:

mailserver-prod:/var/log# dovecot -n
# 1.0.15: /etc/dovecot/dovecot.conf
log_timestamp: %Y-%m-%d %H:%M:%S
syslog_facility: local1
ssl_cert_file: /etc/ssl/certs/dovecot.crt
ssl_key_file: /etc/ssl/private/dovecot.key
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable: /usr/lib/dovecot/imap-login
login_max_processes_count: 512
login_max_connections: 1024
mail_privileged_group: mail
mail_location: maildir:/data/mail/%n/Maildir
mail_plugins: quota imap_quota
auth default:
  passdb:
    driver: pam
  passdb:
    driver: sql
    args: /etc/dovecot/dovecot-sql.conf
  userdb:
    driver: passwd
  userdb:
    driver: sql
    args: /etc/dovecot/dovecot-sql.conf
  socket:
    type: listen
    client:
      path: /var/spool/postfix/private/auth
      mode: 432
      user: postfix
      group: postfix
    master:
      path: /var/run/dovecot/auth-master
      mode: 384
      user: vmail
      group: vmail
plugin:
  quota: maildir:ignore=Trash

mailserver-prod:/var/log# postconf -n
alias_maps = hash:/etc/aliases
body_checks = pcre:/etc/postfix/header_body_checks/body_checks
bounce_queue_lifetime = 3d
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
disable_vrfy_command = yes
header_checks = pcre:/etc/postfix/header_body_checks/header_checks
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
maximal_queue_lifetime = 3d
message_size_limit = 30720000
mydestination = localhost, localhost.$mydomain, $myhostname,
mailserver.vendus.local, mailserver-prod.vendus.local
myhostname = mail.vendus-group.de
mynetworks = 127.0.0.0/8, hash:/etc/postfix/mynetworks
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases
readme_directory = /usr/share/doc/postfix
recipient_bcc_maps = hash:/etc/postfix/bcc_maps/recipient_bcc_maps
sample_directory = /usr/share/doc/postfix/examples
sender_bcc_maps = hash:/etc/postfix/bcc_maps/sender_bcc_maps
sendmail_path = /usr/sbin/sendmail
smtp_tls_security_level = may
smtpd_recipient_restrictions = check_recipient_access
hash:/etc/postfix/access_maps/access_role_accounts,                       
        check_client_access
hash:/etc/postfix/access_maps/access_client_hostname,                     
          check_client_access
cidr:/etc/postfix/access_maps/access_client_ip.cidr,                      
    check_helo_access hash:/etc/postfix/access_maps/access_helo,          
                     check_helo_access
pcre:/etc/postfix/access_maps/access_helo.pcre,                           
    check_sender_access hash:/etc/postfix/access_maps/access_sender,      
                         check_recipient_access
hash:/etc/postfix/access_maps/access_recipient,                           
    reject_non_fqdn_sender,                               
reject_non_fqdn_recipient,                               
reject_unknown_sender_domain,                               
reject_unknown_recipient_domain,                               
permit_mynetworks,                               
permit_sasl_authenticated,                               
check_recipient_access
hash:/etc/postfix/access_maps/access_interne_verteiler,                   
            check_policy_service inet:127.0.0.1:12525                     
          reject_unauth_destination,                               
reject_unauth_pipelining,                                permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/ssl/vendusCA/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/ssl/certs/postfix.crt
smtpd_tls_key_file = /etc/ssl/private/postfix.key
smtpd_tls_security_level = may
soft_bounce = no
transport_maps = hash:/etc/postfix/relay/relay.vendusch
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf,
hash:/etc/postfix/virtual/catchall
virtual_mailbox_domains =
proxy:mysql:/etc/postfix/mysql/virtual_mailbox_domains.cf,
hash:/etc/postfix/relay/relay.vendusch
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
virtual_transport = dovecot

Gruß, Christian Garling




Mehr Informationen über die Mailingliste Postfixbuch-users