From c26dac75dc0f2c6a70e78a243e9c1e82299fe611 Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Mon, 6 Jan 2025 10:12:16 +0100
Subject: [PATCH] Tune some Dovecot client_limits

Fixes issue ai3/prod#310.
---
 .../mail/templates/dovecot-backend/conf.d/10-master.conf  | 8 +++++---
 .../mail/templates/dovecot-frontend/conf.d/10-master.conf | 4 ++--
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/roles/mail/templates/dovecot-backend/conf.d/10-master.conf b/roles/mail/templates/dovecot-backend/conf.d/10-master.conf
index 69bacbe8..8e1bc852 100644
--- a/roles/mail/templates/dovecot-backend/conf.d/10-master.conf
+++ b/roles/mail/templates/dovecot-backend/conf.d/10-master.conf
@@ -24,7 +24,7 @@ service imap-login {
   }
 
   service_count = 0
-  client_limit = 65536
+  client_limit = 65535
   process_limit = 8
   process_min_avail = 8
   vsz_limit = 1G
@@ -40,7 +40,7 @@ service pop3-login {
   }
 
   service_count = 0
-  client_limit = 65536
+  client_limit = 65535
   process_limit = 8
   process_min_avail = 8
   vsz_limit = 1G
@@ -56,7 +56,7 @@ service managesieve-login {
   #}
 
   service_count = 0
-  client_limit = 65536
+  client_limit = 65535
   process_limit = 4
   process_min_avail = 2
   vsz_limit = 1G
@@ -108,6 +108,8 @@ service managesieve {
 }
 
 service auth {
+  client_limit = 25720
+
   # auth_socket_path points to this userdb socket by default. It's typically
   # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
   # full permissions to this socket are able to get a list of all usernames and
diff --git a/roles/mail/templates/dovecot-frontend/conf.d/10-master.conf b/roles/mail/templates/dovecot-frontend/conf.d/10-master.conf
index 3ab3cfdf..2c81f214 100644
--- a/roles/mail/templates/dovecot-frontend/conf.d/10-master.conf
+++ b/roles/mail/templates/dovecot-frontend/conf.d/10-master.conf
@@ -26,7 +26,7 @@ service imap-login {
   service_count = 0
   process_limit = 8
   process_min_avail = 8
-  client_limit = 65536
+  client_limit = 65535
   vsz_limit = 4096M
 }
 
@@ -42,7 +42,7 @@ service pop3-login {
   service_count = 0
   process_limit = 8
   process_min_avail = 8
-  client_limit = 65536
+  client_limit = 65535
   vsz_limit = 4096M
 }
 
-- 
GitLab