You're right.
Dbmail simply spawns NCHILDREN, accepts MAXCONNECTS subsequent connects
per child, and then exits and respawns that child.
Afaik MAXCHILDREN is not used at all.
So if you're looking for intelligent pre-forking of children, or even
simply linear scaling of children to accept incoming connects, look no
further; it not there.
We do indeed need a smart setup which will allow deployment of dbmail in
hostile environments.
Eric Estabrooks wrote:
I started playing with the 1.2 software and it seems to have gotten rid
of the problems I was having with 1.1 however I did notice it's really
easy to do a dos against it. Basically I'll I had to do was open
nchildern connections to it and everyone else after connected and hung
or got dropped (once it was larger than the tcp/ip queue). Same with the
pop server, for some weird reason it wouldn't start any new children it
just stayed at nchildren never went to maxchildren. This then makes a
dos until timeout is reached on the first connect which could be a long
time.
I guess I'm not sure what should be done different as just spawning more
children could dos the box the other way. What about letting a child
deal with more than one connection at a time (like setting up a select
or poll containing all of the connections it has)
Eric
--
________________________________________________________________
Paul Stevens mailto:[EMAIL PROTECTED]
NET FACILITIES GROUP PGP: finger [EMAIL PROTECTED]
The Netherlands________________________________http://www.nfg.nl
