limit tcp sessions opened by an IMAP client

LALOT Dominique dom.lalot at gmail.com
Tue Apr 14 10:53:25 EDT 2009


Look at this one:

[root at smtp ~]# host 82.240.88.126
126.88.240.82.in-addr.arpa domain name pointer
val13-2-82-240-88-126.fbx.proxad.net.
[root at smtp ~]# netstat -atpn | grep 82.240.88.126
tcp        0      0 139.124.132.126:993         82.240.88.126:60250
ESTABLISHED 9209/imapd
tcp        0      0 139.124.132.126:993         82.240.88.126:60229
ESTABLISHED 8824/imapd
tcp        0      0 139.124.132.126:993         82.240.88.126:60235
ESTABLISHED 8016/imapd
tcp        0      0 139.124.132.126:993         82.240.88.126:60234
ESTABLISHED 8570/imapd
tcp        0      0 139.124.132.126:993         82.240.88.126:60265
ESTABLISHED 10316/imapd
tcp        0      0 139.124.132.126:993         82.240.88.126:60180
ESTABLISHED 3795/imapd
tcp        0      0 139.124.132.126:993         82.240.88.126:60190
ESTABLISHED 5258/imapd
tcp        0      0 139.124.132.126:993         82.240.88.126:60167
ESTABLISHED 5882/imapd
tcp        0      0 139.124.132.126:993         82.240.88.126:60213
ESTABLISHED 6758/imapd
tcp        0      0 139.124.132.126:993         82.240.88.126:60219
ESTABLISHED 8421/imapd
tcp        0      0 139.124.132.126:993         82.240.88.126:60196
ESTABLISHED 7486/imapd
tcp        0      0 139.124.132.126:993         82.240.88.126:60206
ESTABLISHED 7520/imapd
tcp        0      0 139.124.132.126:993         82.240.88.126:63218
ESTABLISHED 6288/imapd
tcp        0      0 139.124.132.126:993         82.240.88.126:60158
ESTABLISHED 5504/imapd

I don't know how many processes we can have with a decent speed. For the
moment, it turns to be around 1000 processes, but I don't know the max whe
can stand.
So the idea of mayak can be  a solution. Filter with iptables

193.218.15.25 13
82.240.88.126 16
80.13.69.148 12

for the top, I got lines like this:
Apr 14 16:10:25 smtp imaps[13462]: login:
val13-2-82-240-88-126.fbx.proxad.net [82.240.88.126] xxxxx plaintext+TLS
User logged in
Apr 14 16:11:43 smtp imaps[13530]: login:
val13-2-82-240-88-126.fbx.proxad.net [82.240.88.126] xxxxx plaintext+TLS
User logged in
Apr 14 16:11:43 smtp imaps[31581]: login:
val13-2-82-240-88-126.fbx.proxad.net [82.240.88.126] xxxxx plaintext+TLS
User logged in
Apr 14 16:12:41 smtp imaps[13644]: login:
val13-2-82-240-88-126.fbx.proxad.net [82.240.88.126] xxxxx plaintext+TLS
User logged in
Apr 14 16:12:42 smtp imaps[13481]: login:
val13-2-82-240-88-126.fbx.proxad.net [82.240.88.126] xxxxx plaintext+TLS
User logged in
Apr 14 16:15:08 smtp imaps[14234]: login:
val13-2-82-240-88-126.fbx.proxad.net [82.240.88.126] xxxxx plaintext+TLS
User logged in
Apr 14 16:15:08 smtp imaps[29088]: login:
val13-2-82-240-88-126.fbx.proxad.net [82.240.88.126] xxxxx plaintext+TLS
User logged in
Apr 14 16:17:14 smtp imaps[14080]: login:
val13-2-82-240-88-126.fbx.proxad.net [82.240.88.126] xxxxx plaintext+TLS
User logged in
Apr 14 16:17:15 smtp imaps[14212]: login:
val13-2-82-240-88-126.fbx.proxad.net [82.240.88.126] xxxxx plaintext+TLS
User logged in

Checking mail a little bit too much.



2009/4/14 Joseph Brennan <brennan at columbia.edu>

>
> LALOT Dominique <dom.lalot at gmail.com> wrote:
>
> > Hello,
> >
> > I've looked at google before asking, but I didn't find something.
> > Some imap clients are using many tcp connexions. I would like to know if
> > there is a way to limit them?
>
>
> This could make the client fail and increase your helpdesk calls.  Do
> you mean more than five?
>
> Whatever you do should check both host and user, so that you don't cut
> off multiple users on a timeshare host or a firewall gateway.
>
>
> Joseph Brennan
> Lead Email Systems Engineer
> Columbia University Information Technology
>
>
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>



-- 
Dominique LALOT
Ingénieur Systèmes et Réseaux
http://annuaire.univmed.fr/showuser.php?uid=lalot
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20090414/39265d41/attachment-0001.html 


More information about the Info-cyrus mailing list