On Wed, 16 Apr 2008, Corey wrote:
> I just had an experience where my server was getting slammed with thousands
> of concurrent pop3 requests. This went on for over an hour before it finally
> ceased, at which point I was able to start cyrus again.
>
> Anyhow, what are some mechanisms to prevent this in the future?
>
> In the mean time, I'd like to know whether I can configure cyrus/pop3 to
> listen only on a specific interface rather than on all interfaces on the
> server, and if so - where do I configure that option?
You can modify cyrus.conf to bind a service entry to a particular IP
address, like so:
imap cmd="imapd" listen="11.22.33.44:imap" prefork=1 maxchild=100
I don't think Cyrus has any mechanisms built-in to prevent a
denial-of-service attack like you describe. You can limit the impact on
your machine by specifying a maxchild setting for your pop3 service.
Andy
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
