[cyrus 3.0] 20 delayed mailbox deleted limit?

Andrew Morgan morgan at orst.edu
Thu Jun 9 12:27:59 EDT 2016 

On Thu, 9 Jun 2016, Andre Felipe Machado via Info-cyrus wrote:

> Bron Gondwana via Info-cyrus <info-cyrus at lists.andrew.cmu.edu> wrote ..
>> On Thu, Jun 9, 2016, at 03:02, Andre Felipe Machado via Info-cyrus wrote:
>>> Hello,
>>> At future release notes I read
>>> "Under delete_mode: delayed, only the 20 most recently deleted mailboxes are
>> kept for any given name."
>>> https://cyrusimap.org/imap/release-notes/3.0/x/3.0.0-beta2.html
>>> Is there any configuration parameter to increase this limit?
>>> Why this limit is needed?
>>
>> denial of service / space wastage protection.  There's no config option available
>> right now.  I could be convinced to change it.
>>
>> How would you suggest we protect against exploiting delayed delete to fill the
>> server without going over quota?  Maybe a new quota field for "total mailbox usage
>> including deleted stuff" that can be set to a high enough value that no reasonable
>> user will ever hit it?
>>
>> Bron.
>>
>> --
>>   Bron Gondwana
>>   brong at fastmail.fm
>> ----
>
> Hello, Bron
> I understand the problem.
> But at a corporate scenario, it is a rare event, because of jobs at stake, tracked user accounts,  antispam measures, etc.
> It is more likely a "rogue" client,  bug/misconfiguration on a smartphone causing such problems.
> We stay with official debian repositories versions as long as we could, receiving security patches.
> So, mantaining an unofficial patch will be a big problem.
> The sysadmin configurable parameters will be a more elegant solution.
> Having configurations at sysadmin control will mantain cyrus flexible for use at different usage scenarios.
> For the DoS / waste space problems, the 2 quota limits configurations are more suitable than counting folders quantity.
> What if each folder contains 1 TB deleted messages?
> Maybe a reasonable default (10 times user quota?) for those not wanting to configure is good idea.
> Even better to have also a way to control individual accounts total quotas, for those corporate accounts like "sales at foo.bar" that  receive lots of legitimate emails and have to
> delete them after processing.
> We have zabbix monitoring space at our cyrus backends, and need unlimited  or configurable delayed expunge limits for recovering messages and folders for years at corporate
> scenario.
> Thanks .
> Andre Felipe

Remember, this is a limit on the number of deleted *mailboxes* kept, not 
messages.

Bron, this could impact Pine/Alpine users that frequently postpone 
messages.  Pine creates a folder named "postponed-msgs" to store drafts. 
The folder is created when a draft is saved and deleted when all drafts 
have been deleted/sent.

Here is my personal deleted folders list, right now:

DELETED.user.morgan.postponed-msgs.5755CF0C     0 p2 morgan     lrswipkxtecda
DELETED.user.morgan.postponed-msgs.5755F446     0 p2 morgan     lrswipkxtecda
DELETED.user.morgan.postponed-msgs.5755F486     0 p2 morgan     lrswipkxtecda
DELETED.user.morgan.postponed-msgs.5755F4D1     0 p2 morgan     lrswipkxtecda
DELETED.user.morgan.postponed-msgs.5755F4E4     0 p2 morgan     lrswipkxtecda
DELETED.user.morgan.postponed-msgs.5755F50E     0 p2 morgan     lrswipkxtecda
DELETED.user.morgan.postponed-msgs.5755F65F     0 p2 morgan     lrswipkxtecda
DELETED.user.morgan.postponed-msgs.5755F844     0 p2 morgan     lrswipkxtecda
DELETED.user.morgan.postponed-msgs.5756ECFC     0 p2 morgan     lrswipkxtecda
DELETED.user.morgan.postponed-msgs.5756F602     0 p2 morgan     lrswipkxtecda
DELETED.user.morgan.postponed-msgs.575706F8     0 p2 morgan     lrswipkxtecda
DELETED.user.morgan.postponed-msgs.57585C5D     0 p2 morgan     lrswipkxtecda
DELETED.user.morgan.postponed-msgs.57587FE1     0 p2 morgan     lrswipkxtecda

We are removing deleted mailboxes after 7 days:

delprune      cmd="/usr/local/cyrus/bin/cyr_expire -E 1 -X 7 -D 7" at=0100


I don't know if other IMAP clients have similar quirky behavior, but I 
could see myself running into this limit.  However, I certainly don't care 
about recovering my old postponed-msgs mailboxes.

Hmmm, is this a limit per-mailbox (user.morgan.postponed-msgs) or per-user 
(all mailboxes under user.morgan)?

Thanks,
 	Andy

More information about the Info-cyrus mailing list