pop3d proxy

Ken Murchison ken at oceana.com
Mon Mar 15 16:08:33 EST 2004 

Michael J Farina wrote:

> I have the backend server's hostname in /etc/hosts that should make the
> lookup fast and pop3test doesn't seem to take a password on the command line
> for rapid fire logins.

-w <passwd>

> I don't see how I could strace the pop3proxy. I would
> be glad to do so if you have any suggestions.



> ----- Original Message ----- 
> From: "Ken Murchison" <ken at oceana.com>
> To: "Michael J Farina" <mfarina at cvzoom.net>
> Cc: <info-cyrus at lists.andrew.cmu.edu>
> Sent: Monday, March 15, 2004 3:20 PM
> Subject: Re: pop3d proxy
> 
> 
> 
>>Michael J Farina wrote:
>>
>>
>>>I am still chasing this pop3 problem. I have now tried PLAIN+TLS for
> 
> proxy
> 
>>>authentication. I see the same issue of pop3 proxy being slow. With more
>>>investigation I see that I can open alot of connections on the frontend
>>>server but they don't see to get passed to the backend. I have tried
>>>starting master with a -l 1024 and in my cyrus.conf I have preforked 50
>>>pop3d and maxchild=-1. Nothing seems to make the connection counts
> 
> greater.
> 
>>>Could I be hitting some max connection per IP limit that I can't see
> 
> when I
> 
>>>connect directly to the backend?
>>
>>I still think this is network related.  Is it possible that DNS is slow?
>>  Can you strace/truss the process to see what it is doing?  What
>>happens if you use pop3test against the proxy, specifying the number of
>>logins with the -n option.
>>
>>
>>>
>>>----- Original Message ----- 
>>>From: "Michael J Farina" <mfarina at cvzoom.net>
>>>To: "Ken Murchison" <ken at oceana.com>
>>>Cc: <info-cyrus at lists.andrew.cmu.edu>
>>>Sent: Friday, March 12, 2004 1:13 PM
>>>Subject: Re: pop3d proxy
>>>
>>>
>>>
>>>
>>>>It seems that the delay is in the connection. I have played with the
>>>
>>>backlog
>>>
>>>
>>>>queue, the max child, and prefork settings without being able to make it
>>>
>>>any
>>>
>>>
>>>>faster. I am logging in a doing a list command. The mailboxes are all
>>>
>>>empty
>>>
>>>
>>>>so I am not thinking that once the connection is authed it is slow. It
> 
> is
> 
>>>>just getting the frontend to open enough connections to the backend. I
>>>
>>>can't
>>>
>>>
>>>>seem to nail down what the problem is. If I connect the stress test to
> 
> the
> 
>>>>backend it is very fast less than a second a connection. If I can
> 
> provide
> 
>>>>anymore info let me know. I am looking to have over 150,000 boxes they
> 
> are
> 
>>>>all pop now but I want to offer IMAP.
>>>>
>>>>--Mike
>>>>
>>>>
>>>>----- Original Message ----- 
>>>>From: "Ken Murchison" <ken at oceana.com>
>>>>To: "Michael J Farina" <mfarina at cvzoom.net>
>>>>Cc: <info-cyrus at lists.andrew.cmu.edu>
>>>>Sent: Friday, March 12, 2004 9:54 AM
>>>>Subject: Re: pop3d proxy
>>>>
>>>>
>>>>
>>>>
>>>>>Michael J Farina wrote:
>>>>>
>>>>>
>>>>>
>>>>>>Ken,
>>>>>>
>>>>>>   Is there a way to do PLAIN from the frontends to the backends? The
>>>>>>servers I am testing are on a isolated network no network traffic
>>>
>>>other
>>>
>>>
>>>>than
>>>>
>>>>
>>>>>>the mail servers. Any help would be appreciated. sasl_maximum_layer:0
>>>>
>>>>didn't
>>>>
>>>>
>>>>>>seem to change the pop3 proxy timing. The server are also dual 1.4s
>>>
>>>with
>>>
>>>
>>>>2
>>>>
>>>>
>>>>>>gigs of ram if that helps at all.
>>>>>
>>>>>You can do PLAIN, but the frontends will also need to use TLS, since
>>>>>PLAIN won't be advertised by the backends unless a security layer is in
>>>>>place.
>>>>>
>>>>>Are you saying that there is a delay for every command, or for every
>>>>>login?  Is your stress test only doing one command per login?
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>----- Original Message ----- 
>>>>>>From: "Ken Murchison" <ken at oceana.com>
>>>>>>To: "Michael J Farina" <mfarina at cvzoom.net>
>>>>>>Cc: <info-cyrus at lists.andrew.cmu.edu>
>>>>>>Sent: Thursday, March 11, 2004 4:58 PM
>>>>>>Subject: Re: pop3d proxy
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>>Michael J Farina wrote:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>I am setting up a cyrus imap murder for a large number of accounts.
>>>
>>>In
>>>
>>>
>>>>>>my
>>>>>>
>>>>>>
>>>>>>
>>>>>>>>stress testing I have noticed that the pop3 proxy has quite a delay.
>>>>>>
>>>>>>When I
>>>>>>
>>>>>>
>>>>>>
>>>>>>>>connect directly to a backend I can check mail at a very fast rate
>>>>
>>>>about
>>>>
>>>>
>>>>>>.5
>>>>>>
>>>>>>
>>>>>>
>>>>>>>>secs a mailbox. When I connect to the proxy the wait time increases
> 
> a
> 
>>>>>>ton to
>>>>>>
>>>>>>
>>>>>>
>>>>>>>>about 5 secs. I am thinking I must have a configuration problem. I
>>>
>>>will
>>>
>>>
>>>>>>>>include my imapd.conf and my cyrus.conf I am using cyrus 2.2.3.
>>>>>>>
>>>>>>>Once you authenticate and the mailbox is opened on the backend, the
>>>>>>>proxy just acts as a bitpipe between the client and backend, so there
>>>>>>>should be very little overhead.
>>>>>>>
>>>>>>>You *might* be seeing a slowdown because the frontend is
>>>
>>>authenticating
>>>
>>>
>>>>>>>to the backend using DIGEST-MD5 with a security layer or TLS+PLAIN.
>>>
>>>In
>>>
>>>
>>>>>>>either case you have encrypt/decrypt overhead.
>>>>>>>
>>>>>>>If using DIGEST-MD5, you could try setting sasl_maximum_layer:0 on
> 
> the
> 
>>>>>>>backend, which will prevent the security layer from being negotiated.
>>>>>>>
>>>>>>>Otherwise, the only other delay that I could think of would be
> 
> network
> 
>>>>>>>related.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>Frontend cyrus.conf
>>>>>>>>
>>>>>>>>START {
>>>>>>>>mboxlist      cmd="ctl_cyrusdb -r"
>>>>>>>>}
>>>>>>>>
>>>>>>>># UNIX sockets start with a slash and are put into /var/imap/sockets
>>>>>>>>SERVICES {
>>>>>>>># mupdate database service - must prefork atleast 1
>>>>>>>>mupdate       cmd="/usr/cyrus/bin/mupdate -m" listen=3905 prefork=1
>>>>>>>>
>>>>>>>># add or remove based on preferences
>>>>>>>>imap          cmd="proxyd" listen="imap" prefork=5
>>>>>>>>pop3          cmd="pop3proxyd" listen="pop3" prefork=5 maxchild=-1
>>>>>>>>sieve         cmd="timsieved" listen="sieve" prefork=0
>>>>>>>>
>>>>>>>>lmtp          cmd="lmtpproxyd" listen="/var/imap/socket/lmtp"
>>>>>>
>>>>>>prefork=0
>>>>>>
>>>>>>
>>>>>>
>>>>>>>>}
>>>>>>>>
>>>>>>>>EVENTS {
>>>>>>>>checkpoint    cmd="ctl_cyrusdb -c" period=5
>>>>>>>>}
>>>>>>>>
>>>>>>>>Frontend imapd.conf
>>>>>>>>
>>>>>>>>configdirectory: /var/imap
>>>>>>>>partition-default: /tmp
>>>>>>>>admins: cyrus
>>>>>>>>sasl_pwcheck_method: saslauthd
>>>>>>>>allowplaintext: 1
>>>>>>>>mupdate_admin: murder
>>>>>>>>mupdate_server: frontend
>>>>>>>>mupdate_password: murder pass
>>>>>>>>proxy_authname: proxy
>>>>>>>>proxy_password: proxy pass
>>>>>>>>unixhierarchysep: 1
>>>>>>>>sasl_mech_list: PLAIN
>>>>>>>>
>>>>>>>>
>>>>>>>>Backend cyrus.conf
>>>>>>>>
>>>>>>>>START {
>>>>>>>>recover       cmd="ctl_cyrusdb -r"
>>>>>>>>mupdatepush   cmd="ctl_mboxlist -m"
>>>>>>>>}
>>>>>>>>
>>>>>>>># UNIX sockets start with a slash and are put into /var/imap/sockets
>>>>>>>>SERVICES {
>>>>>>>># add or remove based on preferences
>>>>>>>>imap          cmd="imapd" listen="imap" prefork=5
>>>>>>>>pop3          cmd="pop3d" listen="pop3" prefork=0  maxchild=-1
>>>>>>>>
>>>>>>>># at least one LMTP is required for delivery
>>>>>>>>lmtp          cmd="lmtpd" listen="lmtp" prefork=2
>>>>>>>>
>>>>>>>>}
>>>>>>>>EVENTS {
>>>>>>>># this is required
>>>>>>>>checkpoint    cmd="ctl_cyrusdb -c" period=5
>>>>>>>>}
>>>>>>>>
>>>>>>>>Backend imapd.conf
>>>>>>>>
>>>>>>>>configdirectory: /var/imap
>>>>>>>>partition-default: /var/spool/imap
>>>>>>>>admins: cyrus
>>>>>>>>mupdate_server: frontend
>>>>>>>>mupdate_authname: murder
>>>>>>>>mupdate_password: murder pass
>>>>>>>>
>>>>>>>>allowplaintext: yes
>>>>>>>>sasl_pwcheck_method: saslauthd
>>>>>>>>sasl_mech_list: PLAIN DIGEST-MD5
>>>>>>>>proxyservers: proxy
>>>>>>>>unixhierarchysep: 1
>>>>>>>>defaultacl: anyone rsd
>>>>>>>>
>>>>>>>>
>>>>>>>>---
>>>>>>>>Home Page: http://asg.web.cmu.edu/cyrus
>>>>>>>>Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
>>>>>>>>List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>-- 
>>>>>>>Kenneth Murchison     Oceana Matrix Ltd.
>>>>>>>Software Engineer     21 Princeton Place
>>>>>>>716-662-8973 x26      Orchard Park, NY 14127
>>>>>>>--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>>---
>>>>>>Home Page: http://asg.web.cmu.edu/cyrus
>>>>>>Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
>>>>>>List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>>>>>
>>>>>
>>>>>
>>>>>-- 
>>>>>Kenneth Murchison     Oceana Matrix Ltd.
>>>>>Software Engineer     21 Princeton Place
>>>>>716-662-8973 x26      Orchard Park, NY 14127
>>>>>--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp
>>>>>---
>>>>>Home Page: http://asg.web.cmu.edu/cyrus
>>>>>Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
>>>>>List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>
>>-- 
>>Kenneth Murchison     Oceana Matrix Ltd.
>>Software Engineer     21 Princeton Place
>>716-662-8973 x26      Orchard Park, NY 14127
>>--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp
>>---
>>Home Page: http://asg.web.cmu.edu/cyrus
>>Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
>>List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>
>>
>>
>>
> 
> 


-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list