pop3d proxy
Ken Murchison
ken at oceana.com
Fri Mar 12 09:54:28 EST 2004
Michael J Farina wrote:
> Ken,
>
> Is there a way to do PLAIN from the frontends to the backends? The
> servers I am testing are on a isolated network no network traffic other than
> the mail servers. Any help would be appreciated. sasl_maximum_layer:0 didn't
> seem to change the pop3 proxy timing. The server are also dual 1.4s with 2
> gigs of ram if that helps at all.
You can do PLAIN, but the frontends will also need to use TLS, since
PLAIN won't be advertised by the backends unless a security layer is in
place.
Are you saying that there is a delay for every command, or for every
login? Is your stress test only doing one command per login?
>
> ----- Original Message -----
> From: "Ken Murchison" <ken at oceana.com>
> To: "Michael J Farina" <mfarina at cvzoom.net>
> Cc: <info-cyrus at lists.andrew.cmu.edu>
> Sent: Thursday, March 11, 2004 4:58 PM
> Subject: Re: pop3d proxy
>
>
>
>>Michael J Farina wrote:
>>
>>
>>>I am setting up a cyrus imap murder for a large number of accounts. In
>
> my
>
>>>stress testing I have noticed that the pop3 proxy has quite a delay.
>
> When I
>
>>>connect directly to a backend I can check mail at a very fast rate about
>
> .5
>
>>>secs a mailbox. When I connect to the proxy the wait time increases a
>
> ton to
>
>>>about 5 secs. I am thinking I must have a configuration problem. I will
>>>include my imapd.conf and my cyrus.conf I am using cyrus 2.2.3.
>>
>>Once you authenticate and the mailbox is opened on the backend, the
>>proxy just acts as a bitpipe between the client and backend, so there
>>should be very little overhead.
>>
>>You *might* be seeing a slowdown because the frontend is authenticating
>>to the backend using DIGEST-MD5 with a security layer or TLS+PLAIN. In
>>either case you have encrypt/decrypt overhead.
>>
>>If using DIGEST-MD5, you could try setting sasl_maximum_layer:0 on the
>>backend, which will prevent the security layer from being negotiated.
>>
>>Otherwise, the only other delay that I could think of would be network
>>related.
>>
>>
>>
>>>Frontend cyrus.conf
>>>
>>>START {
>>> mboxlist cmd="ctl_cyrusdb -r"
>>>}
>>>
>>># UNIX sockets start with a slash and are put into /var/imap/sockets
>>>SERVICES {
>>> # mupdate database service - must prefork atleast 1
>>> mupdate cmd="/usr/cyrus/bin/mupdate -m" listen=3905 prefork=1
>>>
>>> # add or remove based on preferences
>>> imap cmd="proxyd" listen="imap" prefork=5
>>> pop3 cmd="pop3proxyd" listen="pop3" prefork=5 maxchild=-1
>>> sieve cmd="timsieved" listen="sieve" prefork=0
>>>
>>> lmtp cmd="lmtpproxyd" listen="/var/imap/socket/lmtp"
>
> prefork=0
>
>>>}
>>>
>>>EVENTS {
>>> checkpoint cmd="ctl_cyrusdb -c" period=5
>>>}
>>>
>>>Frontend imapd.conf
>>>
>>>configdirectory: /var/imap
>>>partition-default: /tmp
>>>admins: cyrus
>>>sasl_pwcheck_method: saslauthd
>>>allowplaintext: 1
>>>mupdate_admin: murder
>>>mupdate_server: frontend
>>>mupdate_password: murder pass
>>>proxy_authname: proxy
>>>proxy_password: proxy pass
>>>unixhierarchysep: 1
>>>sasl_mech_list: PLAIN
>>>
>>>
>>>Backend cyrus.conf
>>>
>>>START {
>>> recover cmd="ctl_cyrusdb -r"
>>> mupdatepush cmd="ctl_mboxlist -m"
>>>}
>>>
>>># UNIX sockets start with a slash and are put into /var/imap/sockets
>>>SERVICES {
>>> # add or remove based on preferences
>>> imap cmd="imapd" listen="imap" prefork=5
>>> pop3 cmd="pop3d" listen="pop3" prefork=0 maxchild=-1
>>>
>>> # at least one LMTP is required for delivery
>>> lmtp cmd="lmtpd" listen="lmtp" prefork=2
>>>
>>>}
>>>EVENTS {
>>> # this is required
>>> checkpoint cmd="ctl_cyrusdb -c" period=5
>>>}
>>>
>>>Backend imapd.conf
>>>
>>>configdirectory: /var/imap
>>>partition-default: /var/spool/imap
>>>admins: cyrus
>>>mupdate_server: frontend
>>>mupdate_authname: murder
>>>mupdate_password: murder pass
>>>
>>>allowplaintext: yes
>>>sasl_pwcheck_method: saslauthd
>>>sasl_mech_list: PLAIN DIGEST-MD5
>>>proxyservers: proxy
>>>unixhierarchysep: 1
>>>defaultacl: anyone rsd
>>>
>>>
>>>---
>>>Home Page: http://asg.web.cmu.edu/cyrus
>>>Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
>>>List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>>
>>
>>
>>--
>>Kenneth Murchison Oceana Matrix Ltd.
>>Software Engineer 21 Princeton Place
>>716-662-8973 x26 Orchard Park, NY 14127
>>--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
>>
>>
>
>
> ---
> Home Page: http://asg.web.cmu.edu/cyrus
> Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list