Cyrus IMAP Presentation
Rob Siemborski
rjs3 at andrew.cmu.edu
Tue Sep 17 09:51:24 EDT 2002
On Mon, 16 Sep 2002 adam at morrison-ind.com wrote:
> >(Slide 11)
> >Technically, you can have administrative accounts other than
> >"cyrus". And you can change the access right required to delete folders
> >with the deleteright flag.
>
> True, but again a little deeper than I want to go. It has to fit in 45
> minutes. :)
Yeah, I wasn't sure how much detail you wanted ;)
> > - SASLdb is not the only way of storing shared secrets, and there are
> > other mechanisms that can use them (SRP, OTP)
>
> Right, but seems more fitting for a presentation on SASL itself.
Yes. But this can often be a source of confusion (especially with
confusion between sasldb and auxprop), but again, more detail than you
probably need.
> >(Slide 16)
> >- "-n 5" is probably low for a reasonably high traffic site.
>
> I've got about 200 users, if there should be more threads will authentication
> fail or just be really slow?
Authentication will start to fail (atleast when using unix domain
sockets), because the saslauthd listen queue will fill up. I don't
believe the doors IPC mechanism has this problem, since it allocates
threads dynamicly (though you need to be on Solaris).
Though, with only 200 users I doubt you have much to worry about unless
they all decide to log in at once, in which case you'll crush the machine
just fork()ing that much. A good guess for the number of threads you want
is about 1.5 x the average number of connections you see in a second,
which errs slightly on the high side.
-Rob
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
Research Systems Programmer * /usr/contributed Gatekeeper
More information about the Info-cyrus
mailing list