Re: [Dovecot] Architecture for large Dovecot cluster
Great mail, Stan Another trick: you can save storage (both space & iops) using mdox and compression. CPU power is far cheaper than iops , the less data you read/write, the fewer iops. You can use gzip,bzip2 or even LZMA/xz compression for LDA. If you also use Single Instace Storage and Alternate (cheap) storage for old mail, you can save a lot of money in storage. Also consider using mdbox + ssd for indexes (hp storevirtual VSA+ a couple of ESXi with ssd disks will give you real-time replicated ssd iscsi lun for indexes) Just my 2 cents. Regards Javier
Re: [Dovecot] mdbox - healthy rotation size vs default
Another intesting thing for this thread: if you set a very high value for mdbox rotate settings, your incremental backups will be awful. If you have hundreds of messages in a mdbox and you doveadm purge one of them, the full .m file must be copied in the incremental / diferential backup. I use 10 MB+zlib for "main storage" and 250 MB+bzip2 for alternate storage. Regards Javier
Re: [Dovecot] index IO patterns
Even without LDA/LMTP dovecot-imap needs to write right? It would need to update the index every time an imap connect happens and new mails are found in the mail store. Well of course. Indexes are also updated when flags are modified, moved a messages, delete a message, etc.. But in my setup there are 65% reads and the rest writes Regards Javier Cor
Re: [Dovecot] Performance-Tuning
Other important thing to consider is message expunging. With mdbox you are "delaying" the I/O associated with deleting e-mails. We have a nightly cronjob that expunge messages from mdboxes. If you have en EVA (wich one? 4.400? 6.400? ) you also can consider RAID 1+0 or SSD for indexes. Indexes are hammered in mdbox. Regards Javier Am Dienstag, 8. November 2011, 15:15:39 schrieb Javier de Miguel Rodríguez: Hi, If you have CPU to spare, consider using zlib with mdbox. You are trading CPU power (cheap) to get fewer IOPS (IOPS count is expensive). Hey. This point is great. I hadn't realized that. Sure. zlib will save IOPS and 2x6-CPUs aren't a problem. Good point -thanks. compressed) and backup software is happier because there are few (100.000+ files with mdbox) to backup instead of several millions (Maildir) Yes, that#s the main reason why I want to switch to mbox. At the moment our roundtrip-time for the backup is> 24h... Peer
Re: [Dovecot] Performance-Tuning
We are very happy with mdbox+zlib+ext4 + iSCSI SAN (HP Lefthand in our setup) If you have CPU to spare, consider using zlib with mdbox. You are trading CPU power (cheap) to get fewer IOPS (IOPS count is expensive). Mdbox has halved our backup windows (2,8 TB uncompressed mailboxes, 2 TB compressed) and backup software is happier because there are few (100.000+ files with mdbox) to backup instead of several millions (Maildir) Regards Javier Hi, I have> 11 TB hard used Mailstorage, saved als maildir in ext3 on HP EVA. I always wanted to make some mesurements about several influences to the performance (switch to ext4, switch to mdbox), but I never had enough time to do that. At the moment I *need* more speed, we have too much waitI/O on the system and I already used all other performance and tuning-tricks (separated cache, noatime, fsync and all that stuff). I have to change my setup, maybe somebody else here have hard facts: *) Is ext4 faster? How much faster? *) Is it faster because of the ext4 kernel-module (which can be used on ext3 to) or because of the ext4 filesystem layout? *) Is mdbox really faster? I'd like to have mdbox to have better performance in running my backup-processes. But does it bring some performance boosts to? Thanks for any hints an tricks, Peer
Re: [Dovecot] Dot Lock timestmap, users disconnections from roundcube
Same problem here, any hint about a fix or workaround? Regards Javier We follow the guidelines about timekeeping RHEL in vmware vsphere located here http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1006427 These problems happens in peak hours. Any dovecot config parameter I could set to mitigate this problem? Regards Maria - Original Message - From: Ed W Sent: 11/03/11 11:57 AM To: Maria Arrea, Dovecot Mailing List Subject: Re: [Dovecot] Dot Lock timestmap, users disconnections from roundcube On 03/11/2011 10:49, Maria Arrea wrote:> All the ESXs hosts and all the VM use the same NTP server.> > Any other idea?> Doesn't ESX have issues with the time drifting when certain kernel options are set? Something to do with it rescheduling machines and them not counting idle ticks or something..? Does this problem happen during idle hours or peak hours? I should home in on clock problems... Probably vmware related issues to the kernel you are using? Good luck Ed W
Re: [Dovecot] 2.0.10 Auth failed while binding ldap
http://hg.dovecot.org/dovecot-2.0/rev/b44ec48d9425 probably fixes it? That patch solves the problem for me, now dovecot ldap auth works. Thank you Timo. (I was going to test that broken change when I made it, but then I realized I didn't have LDAP server installed and I just hate installing slapd. Today I thought I'd rather try writing my own really simple LDAP server, but after a few hours I gave up on it too. Maybe some day I'll try again. So the above patch is also untested.)
Re: [Dovecot] 2.0.10 Auth failed while binding ldap
El 05/03/11 11:48, Stéphane Wartel escribió: Dear all, Since new release has been installed, auth process crash with io loop : Same problem here, dovecot 2.0.9 works right with ldap (RHEL 5.6 x64) , but dovecot 2.0.10 crashes /Mar 5 19:21:21 buzon dovecot: auth: Panic: file db-ldap.c: line 1113 (db_ldap_result_change_attr): assertion failed: (ctx->vals == NULL) Mar 5 19:21:21 buzon dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0 [0x2b5c03bded30] -> /usr/lib64/dovecot/libdovecot.so.0 [0x2b5c03bded86] -> /usr/lib64/dovecot/libdovecot.so.0 [0x2b5c03bde743] -> /usr/lib64/dovecot/auth/libauthdb_ldap.so(db_ldap_result_iterate_next+0x36e) [0x2b5c03e3f7ee] -> /usr/lib64/dovecot/auth/libauthdb_ldap.so [0x2b5c03e42130] -> /usr/lib64/dovecot/auth/libauthdb_ldap.so [0x2b5c03e40d6e] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x48) [0x2b5c03be9708] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0xd5) [0x2b5c03beaa75] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x2d) [0x2b5c03be969d] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x2b5c03bd8163] -> dovecot/auth [0 wait, 0 passdb, 1 userdb](main+0x2cc) [0x4151ec] -> /lib64/libc.so.6(__libc_start_main+0xf4) [0x3b0881d994] -> dovecot/auth [0 wait, 0 passdb, 1 userdb] [0x409ab9] Mar 5 19:21:21 buzon dovecot: master: Error: service(auth): child 14082 killed with signal 6 (core dumps disabled)/ Any ideas? Regards Javier
[Dovecot] Question about mdbox_preallocate_space and ext4
Hello Can anyone explain about mdbox_preallocate_space and ext4? Regards Javier
Re: [Dovecot] Great time savings backing a mdbox versus Maildir
Hello Hmm. I guess if you were doing backups 24h/day, then you can't really say how much faster mdbox performs than maildir (outside backups)? No, 24 hours is for a FULL backup in the weekend. An incremental backup is only 2-3 hours in the night every day. About performance... I can not give you real numbers of Maildir vs mdbox. In Maildir our indexes were stored in a ram disk, but we can not do that with mdbox (we can not recreate them if power is lost). Regards Javier
Re: [Dovecot] Questiosn about dbox
The intended way to restore stuff is to either restore the entire dbox to a temp directory, or at least all the important parts of it (indexes + the files that contain the wanted mails) and then use something like: doveadm import sdbox:/tmp/restoredbox "" savedsince 2011-01-01 Thank you for your response, Timo. That was the answer I was looking for. The above example is for sdbox, mdbox should be exactly the same, am I right? - The previous question applies to sdbox and mdbox. In the case of mdbox, we can configure rotation of files using /mdbox_rotate_size/ . We would like to rotate daily, not based in size (our users ask us for yesterday's backup). How can we accomplish this? mdbox_rotate_interval = 1d Any known issues with mdbox and zlib plugin in lda & imap? I have read about mbox is /"read-only"/ with zlib plugin. What about mdbox with a high rotate interval (almost a mbox)? How does this work? Is the entire mdbox file loaded into ram and decompressed or a temp file in the filesystem is used? Another question: any hint about the "hot spot" of size for /mdbox_rotate_interval/? We have now 17.000.000 messages in our maildir, almost 1.5 TB (zlib compresssion enabled). Our backup time with bacula is rather bad: 24 hours for a full backup, most of the time the backup is busy fstat'ing all those little messages. In case of Maildir there's no point in fstating any mail files. I'd guess it should be possible to patch bacula to not do that. Good idea. I will write to bacula folks about that. We think that mdbox can help us in this. Does anybody has good experiences migrating from maildir->mdox in "large" enviroments? What about mdox performance& reliability? I haven't recently heard of corruption complaints about mdbox.. Previously when there were those, I didn't hear of complains about losing mails or anything, so that's good :) Any additional comments about this? We are seriously thinking about migrating to mdbox, but is always scary "to be the first one" Thank you for your support Regards Javier
[Dovecot] Question about indexes and maildir/sdbox/mdbox
Hello We are now running dovecot 2.0.9 with indexes in a ram disk and maildir storage in a test system. We have the following questions: - If there is a power outage / kernel crash, we will lose the content of ramdisk. We have tested that indexes are regenerated when a user logs in via imap, so e-mail access will be "slower" after a power outage / kernel crash, but everything should work as expected (TM). Are we missing something? - We are evaluating migrating from maildir to dbox. There are two alternatives: sdbox and mdbox. Reading about dbox in the wiki (http://wiki2.dovecot.org/MailboxFormat/dbox) we see that using a ram disk for indexes for mdbox is a really bad idea: /"Note that with dbox the Index files actually contain significant data which is held nowhere else. Index files for both *single-dbox* and *multi-dbox* contain message flags and keywords. For *multi-dbox*, the index file also contains the map_uids which link (via the "map index") to the actual message data. This data cannot be automatically recreated, so it is important that Index files are treated with the same care as message data files."/ So in mdbox we should not use a ramdisk for indexes. But what about sdbox? sdbox indexes work as maildir indexes? Are sdbox indexes bigger than maildir indexes? Thank you very much for your support Regards Javier
Re: [Dovecot] SSD drives are really fast running Dovecot
El 13/01/11 17:01, David Woodhouse escribió: On Wed, 2011-01-12 at 09:53 -0800, Marc Perkel wrote: I just replaced my drives for Dovecot using Maildir format with a pair of Solid State Drives (SSD) in a raid 0 configuration. It's really really fast. Kind of expensive but it's like getting 20x the speed for 20x the price. I think the big gain is in the 0 seek time. You may find ramfs is even faster :) ramfs (tmpfs in linux-land) is useful for indexes. If you lose the indexes, they will created automatically the next time a user logs in. We are now trying zlib plugin to lower the number of iops to our maildir storage systems. We are using gzip (bzip2 increases a lot the latency). LZMA/xz seems interesting (high compression and rather good decompression speed) and lzo also seems interesting (blazing fast compression AND decompression, not much compression savings though) What kind of "tricks" do you use to lower the number of IOPs of your dovecot servers? Regards Javier I hope you have backups.
Re: [Dovecot] Maildir feature I'd like to see - SSD for newer messages
On Thu, 23 Dec 2010 11:27:45 -0800, Marc Perkel wrote: SSD drives are very fast but expensive. So I have a crude idea that I'd like to see. May not be practical but would like to get some thoughts on it. You are asking about automatic storage tiering. You can get what you want in a transparant way, independient of Dovecot. Some storage vendor (search for Fully Automated Storage Tiering - FAST from EMC or Compellent, recently bought by Dell) get what you are asking for. If the budget is low, you can achive a "poor´s man" storage tiering with some shell scripting, cron and soft links; Or you can look at http://code.google.com/p/fscops/ for a more mature implementation. Or just use ZFS and "hybrid storage pools" Merry Xmas Javier
Re: [Dovecot] Question about "slow" storage but fast cpus, plenty of ram and dovecot
Thank you very much for all the responses in this thread. Now I have more questions: - I have "slow" I/O (about 3.5000-4.000 IOPS, measured via imapsync), if I enable zlib compression in my maildirs, that should lower the number the IOPS (less to read, less to write, less IOPS, more CPU). Dovecot 2.0 is better for zlib (lda support) than dovecot 1.2.X.. - I understand that indexes should go to the fastest storage I own. Somebody talked about storing them in a ramdisk and then backup them to disk on shutdown. I have several questions about that: - In my setup I have 25.000+ users, almost 7.000.000 messages in my maildir. How much memory should I need in a ramdisk to hold that? - What happens if something fails? I think that if I lose the indexes (ej: kernel crash) the next time I boot the system the ramdisk will be empty, so the indexes should be recreated. Am I right? - If I buy a SSD system and export that little and fast storage via iSCSI, does zlib compression applies to indexes? - Any additional filesystem info? I am using ext3 on RHEL 5.5, in RHEL 5.6 ext4 will be supported. Any performance hint/tuning (I already use noatime, 4k blocksize)? Regards Javier mail_location = maildir:~/Maildir:INDEX=MEMORY The ":INDEX=MEMORY" disables writing the index files to disk, and as the name implies, I believe, simply keeps indexes in memory. I think maybe I shoudn't have called it INDEX=MEMORY, but rather more like INDEX=DISABLE. "If you really want to, you can also disable the index files completely by appending :INDEX=MEMORY." My read of that is that indexing isn't disabled completely, merely storing the indexes to disk is disables. The indexes are still built and maintained in memory. Timo, is that correct? It's a per-connection in-memory index. Also there is no kind of caching of anything (dovecot.index.cache file, which is where most of Dovecot performance usually comes from). I don't know if, or how much, storing them in RAM via :INDEX=MEMORY consumes, as compared to using a ramdisk. The memory consumption may be less or it may be more. Timo should be able to answer this, and give a recommendation as to whether this is even a sane thing to do. I think INDEX=MEMORY performance is going to suck. http://imapwiki.org/Benchmarking explains IMAP performance a bit more. By default Dovecot is the "Dynamically caching server", but with INDEX=MEMORY it becomes "Non-caching server".
Re: [Dovecot] mailboxes and IMAP folders mirroring ?
On 17 de noviembre de 2010 at 13:30 Frank Bonnet wrote: > Hello > > This is a bit off Dovecot but ... Hmm... You can accomplish that in several ways: 1º Use inotify to rsync when mbox file changes (I recommend maildir for this, you do not have to copy the whole file) 2º Use replicated storage (maybe this is not what you are looking for) 3º Search for "continous data protection" (cdp) in google Regards Javier > > I'm searching some software to mirror mailboxes and IMAP forlders > from the mailhub to another (clone) computer. > > Actually I use rsync daily but I wonder if it exists some software > that are real time mirroring capable ? > > I'm using Dovecot 1.2.14 and Postfix with MBOX format. > > Thanks >
[Dovecot] Dovecot and OpenSSO
Has anybody tried to use opensso as authentication source for dovecot ? Maybe using PAM+Opensso? Regards Javier
Re: [Dovecot] Questions about migration Sun Messaging -> Dovecot+Postfix+Ldap
El 07/06/10 19:00, Timo Sirainen escribió: On su, 2010-06-06 at 14:38 +0200, Javier de Miguel Rodríguez wrote: 1) We are unable to make dbox work with quota, but we have no problem with maildir. Quota is stored in a ldap attibute called "mailQuota" I don't really recommend using dbox in v1.2. It has much better performance and stability in v2.0. Anyway, with dbox you'll have to use dict quota instead of maildir quota. Thank you 4) Some users could have their mailboxes "disabled". We use the following line: user_filter = (&(objectClass=inetorgperson)(uid=%n)(mailUserStatus=active)) but it does NOT work as expected. Any idea) You should do it also for pass_filter. But other than that, I'd guess it should work. Thank you. 7) When we set vacation messages they work but we see this error in the log: dovecot: deliver(jorgelp): file_dotlock_create(~/.dovecot.lda-dupes) failed: No such file or directory Your userdb doesn't return a home directory for users. http://wiki.dovecot.org/VirtualUsers/Home Thank you. 8) When a user log in she uses his username "mary" (without @us.es or @alum.us.es) . Our dovecot search in all the ldap tree until it finds that uid. But we would like to store in our mail_location /buzones/us.es or /buzones/alum.us.es. How can we accomplish this? We should use the "upper branch name" as part of the mail_location. pass_attrs = .., someField=domain, .. where someField contains the us.es or alum.us.es. If there's no such field, I guess there's no way to do it. Thank you. auth default_with_listener: mechanisms: plain login passdb: driver: ldap args: /etc/dovecot-ldap.conf userdb: driver: ldap args: /etc/dovecot-ldap-userdb.conf auth default: mechanisms: plain login passdb: driver: ldap args: /etc/dovecot-ldap.conf userdb: driver: ldap args: /etc/dovecot-ldap.conf Don't add more than one auth block, now it's sometimes (more or less randomly) using dovecot-ldap-userdb.conf and other times dovecot-ldap.conf for userdb lookups. They are a simbolink link to the same file, anyway... Thank you Timo. If you ever come to Seville (Spain) you will have as much as free beer you can drink :)
[Dovecot] Questions about migration Sun Messaging -> Dovecot+Postfix+Ldap
Hello. We are planning a migration from Sun One Messaging Server to Dovecot+Postfix+Ldap. We are using Dovecot 1.2.11 with Sun One Directory Server 5.2 ldap (we will migrate to Directory Server 6.3.1) soon. In our University we have 65.000 students, 5.500 staff and 6.500 teachers. Our main ldap realm is dc=us,dc=es (us means University of Seville, Spain). We have two e-mail domains, @us.es (staff+teachers) and @alum.us.es (students). We use Sun One Directory Server to load data to our ldap from several sources (like Oracle databases, flat files, etc) Our ldap tree is like this: dc=us,dc=es | |->ou=People,dc=us,dc=es // "special" users only used by apps | | |->o=us.es,dc=us,dc=es // ldap branch for staff+teachers | | |->o=alum.us.es,dc=us,dc=es // ldap branch for students A user id is unique, so there is only a "john_doe" in the ldap tree (I repeat, there is NOT uid=john_doe,o=us.es,dc=us,dc=es and uid=john_doe,o=alum.us.es,dc=us,dc=es). Below you will find a copy of the dovecot.conf and dovecot-ldap.conf. Our operating system is Red Hat Enteprise Linux 5 x64. These are our questions: 1) We are unable to make dbox work with quota, but we have no problem with maildir. Quota is stored in a ldap attibute called "mailQuota" 2) A user can be in different branches in the same time: for example, a teacher called pepito should be in the uid=pepito,o=us.es,dc=us,dc=es branch but if that teacher is also a student should have another ldap entry uid=pepitosurname,o=us.es,dc=us,dc=es. Our identity management is the piece of software that "promotes" a user in that case. How should we use "mail_location" to addres this? 3) We are planning to use two raid5 of 8 SAS 15.000 rpm disks for these mailboxes. We will use a "2.0, ajax-based webmail" like roundcube. Most of our users will use webmail (imap based). How many iops should we have in that enviroment? We would like to use dbox, but we are stuck in maildir because 1) 4) Some users could have their mailboxes "disabled". We use the following line: user_filter = (&(objectClass=inetorgperson)(uid=%n)(mailUserStatus=active)) but it does NOT work as expected. Any idea) 5) We are planning to use bacula to backup user mailboxes. Any known problem with this (i will ask in the bacula mailing list anyway) 6) I have read carefully perfomance in dovecot wiki. Can I use noatime in /etc/fstab safely with dovecot? Any perfomance hint apart from we already have in our config files? 7) When we set vacation messages they work but we see this error in the log: dovecot: deliver(jorgelp): file_dotlock_create(~/.dovecot.lda-dupes) failed: No such file or directory 8) When a user log in she uses his username "mary" (without @us.es or @alum.us.es) . Our dovecot search in all the ldap tree until it finds that uid. But we would like to store in our mail_location /buzones/us.es or /buzones/alum.us.es. How can we accomplish this? We should use the "upper branch name" as part of the mail_location. Thank you for your support (and for your patience). Regards Javier < Config files --> dovecot.conf: # 1.2.11: /etc/dovecot.conf # OS: Linux 2.6.18-194.3.1.el5 i686 Red Hat Enterprise Linux Server release 5.5 (Tikanga) ext3 base_dir: /var/run/dovecot/ protocols: pop3 imap imaps pop3s managesieve listen(default): *, [::] listen(imap): *, [::] listen(pop3): *, [::] listen(managesieve): *:2000 login_dir: /var/run/dovecot//login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login login_executable(managesieve): /usr/libexec/dovecot/managesieve-login login_max_processes_count: 2000 max_mail_processes: 2000 verbose_proctitle: yes mail_uid: prueba mail_gid: prueba mail_location: maildir:/buzones/us.es/%M/%n/ fsync_disable: yes mail_executable(default): /usr/libexec/dovecot/rawlog /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/rawlog /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_executable(managesieve): /usr/libexec/dovecot/managesieve mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): quota mail_plugins(managesieve): mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 mail_plugin_dir(managesieve): /usr/lib/dovecot/managesieve pop3_enable_last(default): no pop3_enable_last(imap): no pop3_enable_last(pop3): yes pop3_enable_last(managesieve): no pop3_uidl_format(default): %08Xu%08Xv pop3_uidl_format(imap): %08Xu%08Xv pop3_uidl_format(pop3): %08Xv%08Xu pop3_uidl_format(managesieve): %08Xu%08Xv lda: postmaster_address: javierdemig...@us.es hostname: us.es mail_plugins: sieve log_path: info_log_path:
