Re: cyrus pop3 question
On Wednesday 16 April 2008 01:44:50 pm Andrew Morgan wrote: > On Wed, 16 Apr 2008, Corey wrote: > > I just had an experience where my server was getting slammed with > > thousands of concurrent pop3 requests. This went on for over an hour > > before it finally ceased, at which point I was able to start cyrus again. > > > > Anyhow, what are some mechanisms to prevent this in the future? > > > > In the mean time, I'd like to know whether I can configure cyrus/pop3 to > > listen only on a specific interface rather than on all interfaces on the > > server, and if so - where do I configure that option? > > You can modify cyrus.conf to bind a service entry to a particular IP > address, like so: > >imap cmd="imapd" listen="11.22.33.44:imap" prefork=1 maxchild=100 > > I don't think Cyrus has any mechanisms built-in to prevent a > denial-of-service attack like you describe. You can limit the impact on > your machine by specifying a maxchild setting for your pop3 service. > Thank you -- very helpfull! Cheers, Corey Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
cyrus pop3 question
I just had an experience where my server was getting slammed with thousands of concurrent pop3 requests. This went on for over an hour before it finally ceased, at which point I was able to start cyrus again. Anyhow, what are some mechanisms to prevent this in the future? In the mean time, I'd like to know whether I can configure cyrus/pop3 to listen only on a specific interface rather than on all interfaces on the server, and if so - where do I configure that option? THanks! Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
IMAPD Mail Delays
Hello, I have inherited a mail system that runs cyrus21, since I have never ran this setup before I am not quite sure how to troubleshoot some problems. The current problem I am having is that I am receiving mail from my outside email relay (postfix) which From what I gather forwards it over the cyrus mail sever however, I can see the postfix server getting the mail . ..but it will take another 30 minutes before the message can actually be viewed in a mail client. What and where could the delay be being caused from and where would one begin looking for such a problem. If I am missing any useful information I would be glad to produce it if someone can point me in the right direction. Thanks. Regards, Corey M. Bobb Data Center Manager 850 South Concourse Suite 150 Maitland, FL 32751 D: 321.445-2150 M: 321-262-2845 F: 407.333.7701 [EMAIL PROTECTED] www.cygnus.com Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
cyrus-imap + cyrus-sasl : "user not found"
Hello - I subscribed here because I'm having a heck of a time with something I would imagine should be pretty easy: namely, I want to cyrus-imap with the saslpasswd. But I after a few hours and much reading and trial-and-error, I've had no success. I'm on gentoo linux, using cyrus-sasl-2.1.22 and cyrus-imapd-2.2.12: mybox ~ # saslpasswd2 -a smtpauth cyrus mybox ~ # sasldblistusers2 [EMAIL PROTECTED]: userPassword mybox ~ # cyradm --user cyrus localhost IMAP Password: localhost> log output shows: May 15 13:04:22 mybox imap[8862]: accepted connection May 15 13:04:22 mybox perl: No worthy mechs found May 15 13:04:23 mybox imap[8862]: login: localhost [127.0.0.1] cyrus plaintext User logged in First question: why the "No worthy mechs found"? mybox ~ # imtest -u cyrus localhost -t "" S: * OK mybox Cyrus IMAP4 v2.2.12-Gentoo server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS LISTEXT LIST-SUBSCRIBED X-NETSCAPE S: C01 OK Completed C: S01 STARTTLS S: S01 OK Begin TLS negotiation now verify error:num=18:self signed certificate verify error:num=7:certificate signature failure TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits) C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=PLAIN SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE S: C01 OK Completed Please enter your password: C: A01 AUTHENTICATE PLAIN Y3lydXMAcm9vdABjeXJ1cw== S: A01 NO user not found Authentication failed. generic failure Security strength factor: 256 log output shows: May 15 13:06:16 mybox imap[8862]: accepted connection May 15 13:06:16 mybox imap[8862]: starttls: TLSv1 with cipher AES256-SHA (256/256 bits new) no authentication May 15 13:06:20 mybox imap[8862]: badlogin: localhost [127.0.0.1] PLAIN [SASL(-13): user not found: Password verification failed] Second question: why am I getting "user not found"? Here's my imap.conf: postmaster: postmaster sendmail: /usr/sbin/sendmail altnamespace: yes unixhierarchysep: yes configdirectory:/var/imap partition-default: /var/spool/imap tls_ca_path:/etc/ssl/certs tls_cert_file: /etc/ssl/cyrus/server.crt tls_key_file: /etc/ssl/cyrus/server.key hashimapspool: yes allowanonymouslogin:no allowplaintext: yes sasl_pwcheck_method:auxprop sasl_mech_list: PLAIN Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm auth question
And upon Wednesday of July 11, the illustrious Ken Murchison spake thusly... > Cillian Sharkey wrote: > > [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > > > > Jul 9 23:36:35 shnarf imapd[4912]: badlogin: > > > shnarf.axcelerant.com[192.168.240.66] PLAIN no mechanism available > > > > Currently, the PLAIN auth mechanism only becomes available when the session is > > encrypted (i.e. over SSL/TLS) - hence the error "no mechanism available". The > > first password prompt above is from sasl. > > > > cyradm then falls back to the IMAP LOGIN method and it prompts for a password > > as below: > > Try removing (or commenting out) the following line in IMAP.pm (should > be #195): > > $opts{-mechanism} .= 'PLAIN'; > > This solves the problem described above. I'm making sure that this > doesn't screw something else up before I commit the fix to CVS. > Excellent! Works like a charm - thanks! I'll do some monitoring and general tweaking around as well, and let you know if I should happen to come across any ill side-affects resulting from the above fix. Beers, Corey
cyradm auth question
Cyrus IMAPD v. 2.0.15 Postfix MTA v. 20010228-pl03 pam_mysql Linux This could probably be considered a Postfix issue - but I'm going to try here first if nobody minds... (c8= Hopefully this is very simple: When I log onto cyradm, the first prompt I recieve is: 'Please enter your password:' ...which never works ( I'm using pam_mysql for auth ), and subsequently generates the following log: Jul 9 23:36:35 shnarf imapd[4912]: badlogin: shnarf.axcelerant.com[192.168.240.66] PLAIN no mechanism available ... and *then* I get the 'IMAP Password:' prompt ( after a short but annoying pause ), which works as it should, allowing me to begin my cyradm session. SOOooo, can any of you kind folks out there perhaps throw me a clue? I'd like to do whatever may be required ( whether via cyrus, or via Postfix - I know there's got to be some postfix-cyrus user out there ), in order to disable and completely 'nix that first prompt. The only possibly applicable params in my 'main.cf' postfix conf file are the following: pwcheck_method = PAM smtpd_sasl_security_options = noanonymous, noplaintext ( I thought maybe 'noplaintext' would do tha trick -- but, no go. ) I really appreciate any and all suggestions! Beers, and thanks - Corey
Re: Redhat7+RPM
And upon Friday of December 15, the illustrious Marcel Beltz spake thusly... > Hello, > i am new on cyrus, but i want to use it. > i use Redhat7 and install the cyrus-imapd-2.0.6...rpm. > i can start the /etc/rc.d/init.d/cyrus script, thats why i tink its ok. > But now i want to use cyradm and i get many errors: I think you probably need to install the 'openssl' rpm. Hope that helps! Beers, Corey
Re: acerca de los métodos abstractos II
And upon Thursday of November 16, the illustrious Jorge A. Rodríguez Suárez. spake thusly... > Hi friends: > > Anyone can tellme about some webmail server that i can install in my cyrus > server to read my email from the web? > Yep - check out WorldPilot - it'll give you Contacts, Calendaring, File Sharing, Todo and Notes, as well as Cyrus imap email integration. It uses Zope as it's back-end. Very easy to set up and start using. http://www.worldpilot.com Beers, Corey
Re: Cyrus iimap/ldap account creation cgi script available
And upon Monday of November 06, the illustrious The Hermit Hacker spake thusly... > > I don't believe so ... I'm using FreeBSD's jail environment to create a > distinctive mail server per domain ... its own sendmail, its own cyrus > master process, its own web server for IMP ... That *is* pretty damned cool... Cheers, Corey
Re: Cyrus, Linux, and Anti-Virus
Check out PerlMx -- an all purpose, extremely low-level mail filtering API scripted using Perl. You should be able to roll your own virus protection with it. Only runs with sendmail. <http://activestate.com/Products/PerlMx/index.html> Cheers, Corey And upon Thursday of October 26, the illustrious Michael Salmon spake thusly... > On 10/25/00 03:45:18 PM -0400 John Conant <[EMAIL PROTECTED]> wrote: > +-- > | Hi all, > | We have Cyrus server 1.6 running on RedHat Linux 6.2 (on Intel). I'm > | wondering if there's an anti-virus client I could run on the server [in > | addition to hoping all the mail clients are configured to work with a > | local a-v program...]. It would have to be (1) on linux, (2) able to > | work with sendmail or the cyrus mailstore, and (3) not overly slow down > | a PentiumIII/600Mhz (with about 40 users). > | > | Come to think of it, it should really intercept incoming traffic > | (sendmail on our system) and not the cyrus mailstore, so it doesn't > | have to re-check everything for every log-on!!. > | > +-X8 >