How to increase the maximum number of connections to an IMAP QMAIL server

Scenario :

I had a situation where I needed to increase the number of connections to the IMAP server. I had a Centos server running QMAIL with IMAP.

The client complained about the fact that he can’t connect to the mail server with a Thunderbird mail client and even when he somehow manage to connect, some of his partners are disconnected. Or the connection is slow. Another thing to tell is that he has about 17 different mail accounts configured in his Thunderbird client and every one of them needs a separate connection to the QMAIL server.

Resolution :

1.  Searching for logs I discovered that I have some errors in the log of the IMAP service like this :

#tail –f /var/log/qmail/imap4/current

@400000004f2295d414ecf4dc DEBUG: Connection, ip=[79.112.39.109]
@400000004f2295d414eef494 tcpserver: end 22252 status 13
@400000004f2295d414ef4e6c tcpserver: status: 20/21
@400000004f2295d414efd724 tcpserver: status: 21/21
@400000004f2295d414f27aec tcpserver: pid 22253 from 109.102.59.105
@400000004f2295d414f380a4 tcpserver: ok 22253 mail.myserver.com:99.99.99.99:143 :109.102.59.105::51952
@400000004f2295d414fe234c DEBUG: Connection, ip=[109.102.9.105]
@400000004f2295d41501579c DEBUG: Disconnected, ip=[109.102.9.105], time=0
@400000004f2295d41503248c tcpserver: end 22253 status 0
@400000004f2295d415037a7c tcpserver: status: 20/21
@400000004f2295d415040334 tcpserver: status: 21/21
@400000004f2295d41506c254 tcpserver: pid 22254 from 79.112.39.109
@400000004f2295d41507c80c tcpserver: ok 22254 mail.myserver.com:99.99.99.99:143 :79.112.239.109::61550
@400000004f2295d41512b104 DEBUG: Connection, ip=[79.112.239.109]
@400000004f2295d415164314 DEBUG: Disconnected, ip=[79.112.239.109], time=0
@400000004f2295d4151871ac tcpserver: end 22254 status 0

I changed the IP’s of the server and client and the server’s name. Ip of the server is in this case: 99.99.99.99 and the one of the client is 12.12.12.12.

I begun to investigate the problem. I will give a step-by-step guide to show you roughly on how I resolved the problem.

2.  Checking the netstat command to see if the imap is working well on the port :

#netstat –ntlp | grep imap

tcp        0      0 0.0.0.0:143                 0.0.0.0:*                   LISTEN      22797/tcpserver

…and everything seems fine here. A very important thing to remark here when we are looking at the socket opened at the port 143 is the observation that it uses the tcpserver to open this socket and it is not using the xinetd.

You can also check ps –faxwu and grep after qmail or imap but since the qmail is running well and we have only a limitation of the number of connections to the server, it’s improbable that something is not running at daemon or service level.

3.  Checking to see if QMAIL working properly :

#tail –f /var/log/maillog

The result is something like this :

Jan 27 14:54:43 mail vpopmail[23298]: vchkpw-submission: (PLAIN) login success some_user@myserver.com:192.168.0.8
Jan 27 14:55:09 mail vpopmail[23352]: vchkpw-submission: (PLAIN) login success some_user@myserver.com:192.168.0.8
Jan 27 15:03:35 mail vpopmail[23611]: vchkpw-smtp: (PLAIN) login success smtpusr@myserver.com:99.99.99.99
Jan 27 15:10:21 mail vpopmail[23849]: vchkpw-smtp: (PLAIN) login success smtpusr@myserver.com:99.99.99.99

This means that login to our mail server is working well. Next:

4.  Checking the tcp rules which are defined by the tcpserver. We go to /etc/tcprules.d

And we search for the rules that we have defined here. The configuration of SMTP must be present here otherwise I will not be able to run agents using tcprules :

#ls –al /etc/tcprules.d/

-rw-r–r–   1 root root   611 Aug 18  2010 tcp.smtp
-rw-r–r–   1 root root  2403 May 17  2011 tcp.smtp.cdb

We find that there are two files. We look to the configuration file which is tcp.smtp. Do not touch the other file.

#cat tcp.smtp

#127.:allow,RELAYCLIENT=”",DKSIGN=”/var/qmail/control/domainkeys/%/private”,RBLSMTPD=”",NOP0FCHECK=”1″
#:allow,BADMIMETYPE=”",BADLOADERTYPE=”M”,CHKUSER_RCPTLIMIT=”50″,CHKUSER_WRONGRCPTLIMIT=”10″,QMAILQUEUE=”/var/qmail/bin/simscan”,DKSIGN=”/var/qmail/control/domainkeys/%/private”,NOP0FCHECK=”1″
127.:allow,RELAYCLIENT=”",DKSIGN=”/var/qmail/control/domainkeys/%/private”,RBLSMTPD=”",NOP0FCHECK=”1″
192.168.:allow,RELAYCLIENT=”",DKSIGN=”/var/qmail/control/domainkeys/%/private”,RBLSMTPD=”",NOP0FCHECK=”1″
:allow,QMAILQUEUE=”/var/qmail/bin/simscan”,DKSIGN=”/var/qmail/control/domainkeys/%/private”,NOP0FCHECK=”1″

And the active configuration looks ok as recommended by QMAIL.

5.  We go back a little to the netstat command to check how many connections I have to the IMAP server. I made a longer command to check this which looks like this :

#netstat -nt | grep ‘:143′ | awk -F”:”  ‘{print $2}’ | awk ‘{print $2}’ | sort -n | uniq -c | sort –rn

And I get the IP’s and the number of connections of mail clients connected to the 143 protocol and how many connections I have from each mail client :

7 12.12.12.12
5 192.168.0.8
4 79.19.136.40
2 192.168.0.7
1 79.112.239.109
1 131.28.18.39
1 131.228.148.120

I can calculate the sum of the total number of client connections using AWK:

#netstat -nt | grep ‘:143′ | awk -F”:”  ‘{print $2}’ | awk ‘{print $2}’ | sort -n | uniq -c | sort -rn | awk ‘{SUM +=$1} END {print SUM}’

21

So, my total number of connections on the 143 port is 21. Looking back to the point 1 where I looked at the logs I see that when I have 21 connections from 21 available I receive a disconnect when a new connection is established:

@400000004f2295d414efd724 tcpserver: status: 21/21
@400000004f2295d414f27aec tcpserver: pid 22253 from 12.12.12.12
@400000004f2295d414f380a4 tcpserver: ok 22253 mail.myserver.com:99.99.99.99:143 :109.102.59.105::51952
@400000004f2295d414fe234c DEBUG: Connection, ip=[12.12.12.112]
@400000004f2295d41501579c DEBUG: Disconnected, ip=[12.12.12.12], time=0
@400000004f2295d41503248c tcpserver: end 22253 status 0

I conclude that I must raise the number of concurrent connections of my TCP IMAP server.

6.  Increasing the number of concurrent connections of my IMAP service is the next logical step.

To do that I must go where the IMAP is holding its configuration :

#cd /var/qmail/supervise/imap4/

#ls –al

drwx——  2 qmaill qmail 4096 Jan 27 14:37 env
drwx——  3 qmaill qmail 4096 May 17  2011 log
-rwxr-x–x  1 qmaill qmail  267 Jan 27 14:36 run
drwx——  2 qmaill qmail 4096 Jan 27 14:37 supervise

The file we need to configure is run file :

#cat run

#!/bin/sh
HOSTNAME=`hostname –fqdn`
rm -rf ./env/*;
cat /etc/courier/imapd | /usr/bin/envconv
exec /usr/bin/envdir ./env/ \
/usr/bin/softlimit -m 50000000 \
/usr/bin/tcpserver -c 21 -v -R -H -l $HOSTNAME 0 143  \
/usr/sbin/imaplogin \
/usr/bin/imapd Maildir 2>&1

We identify the line responsible for the number of connections and we see that the number of connections is limited to 21.

NOTE : It’s very possibly that you have this line containing the tcpserver definition which come with the default configuration :

/usr/bin/tcpserver -v -R -H -l $HOSTNAME 0 143  \

In this case the default value of maximum allowed number of IMAP concurrent connections is assumed to be 50, if I remember correctly. Anyway change this line to be :

/usr/bin/tcpserver -c 64 -v -R -H -l $HOSTNAME 0 143  \

And restart the qmail:

#/etc/init.d/qmail restart

It will disconnect all clients and it will take while until everyone of them will reconnect. But watch again # tail –f /var/log/qmail/imap4/current to check how many connections you have on your IMAP server.

The number that you specified in the run file earlier must appear here when it shows you the number of connections you have, like this :

@400000004f2295d415037a7c tcpserver: status: 40/64

This is pretty all I wanted to say about setting maximum number of concurrent connections to the IMAP TCP server. Success !