Exploding number of cyrus processes

Freerk J. Bosscha f.j.bosscha at nhl.nl
Thu Dec 19 15:04:33 EST 2002

I notice the following problem on my mail-system:

When the system load increases, once in a while, the number of tls 
sessions explode (up to 2500 processes) and no user is connected to it.
During this, the system slows down and the only thing I can do is stop 
and start the cyrus daemons.

Has anyone else noticed the same problem

If you need additional info, please ask

Freerk Bosscha
Noordelijke Hogeschool Leeuwarden
The Netherlands
e-mail: f.j.bosscha at nhl.nl

Mailsystem: RedHat 7.3 raid 5 with cyrus imap 2.1.11 and cyrus sasl 

CPU: 686 dual processor 2 Gb internal and 300 Gb disk

All the accounts are validated through an openldap server (local).

Imap is compiled as follow:

./configure \
--with-auth=unix \
--enable-sieve \
--with-sasl=/usr/lib/sasl2 \
--with-openssl=../openssl-0.9.6g \
--with-ucdsnmp \
--with-duplicate-db=db3_nosync \
--with-mboxlist-db=skiplist \
--with-seen-db=skiplist \

sasl is compiled as follow:

./configure \
--with-bdb-libdir=/usr/local/BerkeleyDB.4.0/lib \
--with-bdb-incdir=/usr/local/BerkeleyDB.4.0/include \
--disable-cram \
--disable-digest \
--with-pam \
--with-dblin=gdbm \
--with-saslauthd=/var/run/saslauthd \
--without-pwcheck \
--enable-login \
--enable-plain \
--with-rc4 \
--enable-static \
--with-pic \
--enable-shared \
--disable-java \

My cyrus.conf file looks like:

# standard standalone server implementation

  # do not delete these entries!
  recover       cmd="/usr/cyrus/bin/ctl_cyrusdb -r"
  # this is only necessary if using idled for IMAP IDLE
#  idled       cmd="/usr/cyrus/bin/idled"

# UNIX sockets start with a slash and are put into /var/imap/socket
  # add or remove based on preferences
  imap          cmd="/usr/cyrus/bin/imapd" listen="imap" prefork=5
  imaps         cmd="/usr/cyrus/bin/imapd -s" listen="imaps" prefork=1
#  pop3         cmd="/usr/cyrus/bin/pop3d" listen="pop3" prefork=0
#  pop3s                cmd="/usr/cyrus/bin/pop3d -s" listen="pop3s" prefork=0
  sieve         cmd="/usr/cyrus/bin/timsieved" listen="sieve" prefork=1

# at least one LMTP listener is required for proper delivery
#  lmtp         cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=5
  lmtpunix      cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=1

  # this is required
  checkpoint    cmd="/usr/cyrus/bin/ctl_cyrusdb -c" period=30

  # this is only necessary if using duplicate delivery suppression
  delprune      cmd="/usr/cyrus/bin/ctl_deliver -E 3" period=1440
  # this is only necessary if caching TLS sessions
  tlsprune      cmd="/usr/cyrus/bin/tls_prune" period=1440

my imapd.conf looks like

configdirectory: /var/imap
partition-default: /imap
admins: cyrus admin cyrusbeh
srvtab: /imap/srvtab
allowanonymouslogin: no
quotawarn: 90
umask: 077
tls_cert_file: /var/imap/server.pem
tls_key_file: /var/imap/server.pem

# Sieve parameters
sieveusehomedir: false
sievedir: /usr/sieve
sieve_maxscripts: 10
sendmail: /usr/sbin/sendmail
postmaster: postmaster

# To use the PAM for authentication (but not /etc/passwd or shadow), change
# the following line to specify "pam" instead of "sasldb".
#sasl_pwcheck_method: pam
sasl_pwcheck_method: saslauthd

Freerk J. Bosscha

tel. xx-31(0)58 2961435
fax. xx-31(0)58 2961466
e-mail: f.j.bosscha at bosscha.nu
url: http://www.bosscha.nu/

More information about the Info-cyrus mailing list