cyrus pop3 question

Corey corey_s at qwest.net
Wed Apr 16 16:53:06 EDT 2008


On Wednesday 16 April 2008 01:44:50 pm Andrew Morgan wrote:
> On Wed, 16 Apr 2008, Corey wrote:
> > I just had an experience where my server was getting slammed with
> > thousands of concurrent pop3 requests. This went on for over an hour
> > before it finally ceased, at which point I was able to start cyrus again.
> >
> > Anyhow, what are some mechanisms to prevent this in the future?
> >
> > In the mean time, I'd like to know whether I can configure cyrus/pop3 to
> > listen only on a specific interface rather than on all interfaces on the
> > server, and if so - where do I configure that option?
>
> You can modify cyrus.conf to bind a service entry to a particular IP
> address, like so:
>
>    imap  cmd="imapd" listen="11.22.33.44:imap" prefork=1 maxchild=100
>
> I don't think Cyrus has any mechanisms built-in to prevent a
> denial-of-service attack like you describe.  You can limit the impact on
> your machine by specifying a maxchild setting for your pop3 service.
>


Thank you -- very helpfull!


Cheers,

Corey



More information about the Info-cyrus mailing list