pop3d proxy

Ken Murchison ken at oceana.com
Fri Mar 12 09:54:28 EST 2004 

Michael J Farina wrote:

> Ken,
> 
>     Is there a way to do PLAIN from the frontends to the backends? The
> servers I am testing are on a isolated network no network traffic other than
> the mail servers. Any help would be appreciated. sasl_maximum_layer:0 didn't
> seem to change the pop3 proxy timing. The server are also dual 1.4s with 2
> gigs of ram if that helps at all.

You can do PLAIN, but the frontends will also need to use TLS, since 
PLAIN won't be advertised by the backends unless a security layer is in 
place.

Are you saying that there is a delay for every command, or for every 
login?  Is your stress test only doing one command per login?


> 
> ----- Original Message ----- 
> From: "Ken Murchison" <ken at oceana.com>
> To: "Michael J Farina" <mfarina at cvzoom.net>
> Cc: <info-cyrus at lists.andrew.cmu.edu>
> Sent: Thursday, March 11, 2004 4:58 PM
> Subject: Re: pop3d proxy
> 
> 
> 
>>Michael J Farina wrote:
>>
>>
>>>I am setting up a cyrus imap murder for a large number of accounts. In
> 
> my
> 
>>>stress testing I have noticed that the pop3 proxy has quite a delay.
> 
> When I
> 
>>>connect directly to a backend I can check mail at a very fast rate about
> 
> .5
> 
>>>secs a mailbox. When I connect to the proxy the wait time increases a
> 
> ton to
> 
>>>about 5 secs. I am thinking I must have a configuration problem. I will
>>>include my imapd.conf and my cyrus.conf I am using cyrus 2.2.3.
>>
>>Once you authenticate and the mailbox is opened on the backend, the
>>proxy just acts as a bitpipe between the client and backend, so there
>>should be very little overhead.
>>
>>You *might* be seeing a slowdown because the frontend is authenticating
>>to the backend using DIGEST-MD5 with a security layer or TLS+PLAIN.  In
>>either case you have encrypt/decrypt overhead.
>>
>>If using DIGEST-MD5, you could try setting sasl_maximum_layer:0 on the
>>backend, which will prevent the security layer from being negotiated.
>>
>>Otherwise, the only other delay that I could think of would be network
>>related.
>>
>>
>>
>>>Frontend cyrus.conf
>>>
>>>START {
>>>  mboxlist      cmd="ctl_cyrusdb -r"
>>>}
>>>
>>># UNIX sockets start with a slash and are put into /var/imap/sockets
>>>SERVICES {
>>>  # mupdate database service - must prefork atleast 1
>>>  mupdate       cmd="/usr/cyrus/bin/mupdate -m" listen=3905 prefork=1
>>>
>>>  # add or remove based on preferences
>>>  imap          cmd="proxyd" listen="imap" prefork=5
>>>  pop3          cmd="pop3proxyd" listen="pop3" prefork=5 maxchild=-1
>>>  sieve         cmd="timsieved" listen="sieve" prefork=0
>>>
>>>  lmtp          cmd="lmtpproxyd" listen="/var/imap/socket/lmtp"
> 
> prefork=0
> 
>>>}
>>>
>>>EVENTS {
>>>  checkpoint    cmd="ctl_cyrusdb -c" period=5
>>>}
>>>
>>>Frontend imapd.conf
>>>
>>>configdirectory: /var/imap
>>>partition-default: /tmp
>>>admins: cyrus
>>>sasl_pwcheck_method: saslauthd
>>>allowplaintext: 1
>>>mupdate_admin: murder
>>>mupdate_server: frontend
>>>mupdate_password: murder pass
>>>proxy_authname: proxy
>>>proxy_password: proxy pass
>>>unixhierarchysep: 1
>>>sasl_mech_list: PLAIN
>>>
>>>
>>>Backend cyrus.conf
>>>
>>>START {
>>>  recover       cmd="ctl_cyrusdb -r"
>>>  mupdatepush   cmd="ctl_mboxlist -m"
>>>}
>>>
>>># UNIX sockets start with a slash and are put into /var/imap/sockets
>>>SERVICES {
>>>  # add or remove based on preferences
>>>  imap          cmd="imapd" listen="imap" prefork=5
>>>  pop3          cmd="pop3d" listen="pop3" prefork=0  maxchild=-1
>>>
>>>  # at least one LMTP is required for delivery
>>>  lmtp          cmd="lmtpd" listen="lmtp" prefork=2
>>>
>>>}
>>>EVENTS {
>>>  # this is required
>>>  checkpoint    cmd="ctl_cyrusdb -c" period=5
>>>}
>>>
>>>Backend imapd.conf
>>>
>>>configdirectory: /var/imap
>>>partition-default: /var/spool/imap
>>>admins: cyrus
>>>mupdate_server: frontend
>>>mupdate_authname: murder
>>>mupdate_password: murder pass
>>>
>>>allowplaintext: yes
>>>sasl_pwcheck_method: saslauthd
>>>sasl_mech_list: PLAIN DIGEST-MD5
>>>proxyservers: proxy
>>>unixhierarchysep: 1
>>>defaultacl: anyone rsd
>>>
>>>
>>>---
>>>Home Page: http://asg.web.cmu.edu/cyrus
>>>Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
>>>List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>>
>>
>>
>>-- 
>>Kenneth Murchison     Oceana Matrix Ltd.
>>Software Engineer     21 Princeton Place
>>716-662-8973 x26      Orchard Park, NY 14127
>>--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp
>>
>>
> 
> 
> ---
> Home Page: http://asg.web.cmu.edu/cyrus
> Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
> 


-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list