cyrus pop3 question

2008-04-16 Thread Corey 

I just had an experience where my server was getting slammed with thousands
of concurrent pop3 requests. This went on for over an hour before it finally
ceased, at which point I was able to start cyrus again.

Anyhow, what are some mechanisms to prevent this in the future?

In the mean time, I'd like to know whether I can configure cyrus/pop3 to
listen only on a specific interface rather than on all interfaces on the
server, and if so - where do I configure that option?


THanks!


Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: cyrus pop3 question

2008-04-16 Thread Corey 
On Wednesday 16 April 2008 01:44:50 pm Andrew Morgan wrote:
 On Wed, 16 Apr 2008, Corey wrote:
  I just had an experience where my server was getting slammed with
  thousands of concurrent pop3 requests. This went on for over an hour
  before it finally ceased, at which point I was able to start cyrus again.
 
  Anyhow, what are some mechanisms to prevent this in the future?
 
  In the mean time, I'd like to know whether I can configure cyrus/pop3 to
  listen only on a specific interface rather than on all interfaces on the
  server, and if so - where do I configure that option?

 You can modify cyrus.conf to bind a service entry to a particular IP
 address, like so:

imap  cmd=imapd listen=11.22.33.44:imap prefork=1 maxchild=100

 I don't think Cyrus has any mechanisms built-in to prevent a
 denial-of-service attack like you describe.  You can limit the impact on
 your machine by specifying a maxchild setting for your pop3 service.



Thank you -- very helpfull!


Cheers,

Corey


Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

IMAPD Mail Delays

2007-09-04 Thread Corey Bobb 
Hello,

 

I have inherited a mail system that runs cyrus21, since I have never ran
this setup before I am not quite sure how to troubleshoot some problems.
The current problem I am having is that I am receiving mail from my outside
email relay (postfix) which From what I gather forwards it over the cyrus
mail sever however, I can see the postfix server getting the mail . ..but it
will take another 30 minutes before the message can actually be viewed in a
mail client. 

 

What and where could the delay be being caused from and where would one
begin looking for such a problem.  If I am missing any useful information I
would be glad to produce it if someone can point me in the right direction.


 

Thanks.

 

 

 

 

Regards, Corey M. Bobb

Data Center Manager

 

850 South Concourse

Suite 150

Maitland, FL 32751

D:  321.445-2150

M: 321-262-2845

F: 407.333.7701

[EMAIL PROTECTED] 

www.cygnus.com

 

 


Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

cyrus-imap + cyrus-sasl : user not found

2007-05-14 Thread Corey 

Hello - I subscribed here because I'm having a heck of a time with something
I would imagine should be pretty easy: namely, I want to cyrus-imap with the
saslpasswd. But I after a few hours and much reading and trial-and-error, I've
had no success.

I'm on gentoo linux, using cyrus-sasl-2.1.22 and cyrus-imapd-2.2.12:

mybox ~ # saslpasswd2 -a smtpauth cyrus

mybox ~ # sasldblistusers2
[EMAIL PROTECTED]: userPassword

mybox ~ # cyradm --user cyrus localhost
IMAP Password:
localhost

log output shows:
May 15 13:04:22 mybox imap[8862]: accepted connection
May 15 13:04:22 mybox perl: No worthy mechs found
May 15 13:04:23 mybox imap[8862]: login: localhost [127.0.0.1] cyrus plaintext 
User logged in


First question: why the No worthy mechs found?


mybox ~ # imtest -u cyrus localhost -t 
S: * OK mybox Cyrus IMAP4 v2.2.12-Gentoo server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE 
UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT 
THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS LISTEXT 
LIST-SUBSCRIBED X-NETSCAPE
S: C01 OK Completed
C: S01 STARTTLS
S: S01 OK Begin TLS negotiation now
verify error:num=18:self signed certificate
verify error:num=7:certificate signature failure
TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits)
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE 
UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT 
THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=PLAIN SASL-IR 
LISTEXT LIST-SUBSCRIBED X-NETSCAPE
S: C01 OK Completed
Please enter your password:
C: A01 AUTHENTICATE PLAIN Y3lydXMAcm9vdABjeXJ1cw==
S: A01 NO user not found
Authentication failed. generic failure
Security strength factor: 256


log output shows:
May 15 13:06:16 mybox imap[8862]: accepted connection
May 15 13:06:16 mybox imap[8862]: starttls: TLSv1 with cipher AES256-SHA 
(256/256 bits new) no authentication
May 15 13:06:20 mybox imap[8862]: badlogin: localhost [127.0.0.1] PLAIN 
[SASL(-13): user not found: Password verification failed]


Second question: why am I getting user not found?


Here's my imap.conf:

postmaster: postmaster
sendmail: /usr/sbin/sendmail
altnamespace: yes
unixhierarchysep: yes

configdirectory:/var/imap
partition-default:  /var/spool/imap

tls_ca_path:/etc/ssl/certs
tls_cert_file:  /etc/ssl/cyrus/server.crt
tls_key_file:   /etc/ssl/cyrus/server.key

hashimapspool:  yes
allowanonymouslogin:no
allowplaintext: yes

sasl_pwcheck_method:auxprop
sasl_mech_list: PLAIN




Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: cyradm auth question

2001-07-11 Thread corey 

And upon Wednesday of July 11, the illustrious Ken Murchison spake thusly...
 Cillian Sharkey wrote:
  [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
  
   Jul  9 23:36:35 shnarf imapd[4912]: badlogin:
   shnarf.axcelerant.com[192.168.240.66] PLAIN no mechanism available
  
  Currently, the PLAIN auth mechanism only becomes available when the session is
  encrypted (i.e. over SSL/TLS) - hence the error no mechanism available. The
  first password prompt above is from sasl.
  
  cyradm then falls back to the IMAP LOGIN method and it prompts for a password
  as below:
 
 Try removing (or commenting out) the following line in IMAP.pm (should
 be #195):
 
 $opts{-mechanism} .= 'PLAIN';
 
 This solves the problem described above.  I'm making sure that this
 doesn't screw something else up before I commit the fix to CVS.
 

  Excellent!  Works like a charm - thanks!

  I'll do some monitoring and general tweaking around as well, and
  let you know if I should happen to come across any ill side-affects
  resulting from the above fix.


Beers,

Corey

cyradm auth question

2001-07-10 Thread corey 


Cyrus IMAPD v. 2.0.15
Postfix MTA v. 20010228-pl03
pam_mysql
Linux 


This could probably be considered a Postfix issue - but I'm going
to try here first if nobody minds...  (c8=

Hopefully this is very simple:

When I log onto cyradm, the first prompt I recieve is:

'Please enter your password:'

...which never works ( I'm using pam_mysql for auth ), and subsequently
generates the following log:

Jul  9 23:36:35 shnarf imapd[4912]: badlogin: shnarf.axcelerant.com[192.168.240.66] 
PLAIN no mechanism available


... and *then* I get the 'IMAP Password:' prompt ( after a short but
annoying pause ), which works as it should, allowing me to begin my
cyradm session. 


SOOooo, can any of you kind folks out there perhaps throw me a clue?

I'd like to do whatever may be required ( whether via cyrus, or via
Postfix - I know there's got to be some postfix-cyrus user out there ),
in order to disable and completely 'nix that first prompt.  

The only possibly applicable params in my 'main.cf' postfix conf file
are the following:

pwcheck_method = PAM
smtpd_sasl_security_options = noanonymous, noplaintext

( I thought maybe 'noplaintext' would do tha trick -- but, no go. )


I really appreciate any and all suggestions!


Beers, and thanks -

Corey

Re: acerca de los métodos abstractos II

2000-11-16 Thread corey 

And upon Thursday of November 16, the illustrious Jorge A. Rodríguez Suárez. spake 
thusly...
 Hi friends:

 Anyone can tellme about some webmail server that i can install in my cyrus
 server to read my email from the web?


  Yep - check out WorldPilot - it'll give you Contacts, Calendaring,
  File Sharing, Todo and Notes, as well as Cyrus imap email integration.

  It uses Zope as it's back-end.  Very easy to set up and start using.

  http://www.worldpilot.com


Beers,

Corey

Re: Cyrus iimap/ldap account creation cgi script available

2000-11-06 Thread Corey 

And upon Monday of November 06, the illustrious The Hermit Hacker spake thusly...
 
 I don't believe so ... I'm using FreeBSD's jail environment to create a
 distinctive mail server per domain ... its own sendmail, its own cyrus
 master process, its own web server for IMP ... 


  That *is* pretty damned cool...


Cheers,

Corey