cyrus chokes after few logins
Sebastian Hagedorn
Hagedorn at uni-koeln.de
Fri Oct 13 20:13:39 EDT 2006
Hi,
just a few educated guesses ...
--On 14. Oktober 2006 00:17:15 +0200 "Martin G.H. Minkler"
<minkler at artegic.de> wrote:
> Abstract:
> Cyrus or sasl choke after a few POP3 logins following quickly after one
> another despite high prefork values.
I'm guessing lack of entropy for the APOP banner.
> interesting bits from imapd.conf:
>
> popminpoll: 1
> duplicatesuppression: yes
> hashimapspool: true
> allowplaintext: yes
> sasl_mech_list: PLAIN LOGIN
> sasl_minimum_layer: 256
> sasl_maximum_layer: 256
> sasl_pwcheck_method: auxprop
> sasl_auxprop_plugin: sasldb
> sasl_auto_transition: no
>
> Looking at the imapd.conf just now does make me wonder why sasl even
> allows pop3 plaintext logins without TLS with sasl_minimum_layer set to
> 256...
Probably "allowplaintext" overrides that.
Either make SASL use /dev/urandom or disable APOP:
allowapop: 0
--
.:.Sebastian Hagedorn - RZKR-R1 (Gebäude 52), Zimmer 18.:.
Zentrum für angewandte Informatik - Universitätsweiter Service RRZK
.:.Universität zu Köln / Cologne University - Tel. +49-221-478-5587.:.
.:.:.:.Skype: shagedorn.:.:.:.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : https://lists.andrew.cmu.edu/mailman/private/cyrus-sasl/attachments/20061014/3639325b/attachment.bin
More information about the Cyrus-sasl
mailing list