[cyrus 3.0] 20 delayed mailbox deleted limit?
Andre Felipe Machado
andremachado at techforce.com.br
Thu Jun 9 13:11:22 EDT 2016
Andrew Morgan <morgan at orst.edu> wrote ..
> On Thu, 9 Jun 2016, Andre Felipe Machado via Info-cyrus wrote:
>
> > Bron Gondwana via Info-cyrus <info-cyrus at lists.andrew.cmu.edu> wrote ..
> >> On Thu, Jun 9, 2016, at 03:02, Andre Felipe Machado via Info-cyrus wrote:
> >>> Hello,
> >>> At future release notes I read
> >>> "Under delete_mode: delayed, only the 20 most recently deleted mailboxes are
> >> kept for any given name."
> >>> https://cyrusimap.org/imap/release-notes/3.0/x/3.0.0-beta2.html
> >>> Is there any configuration parameter to increase this limit?
> >>> Why this limit is needed?
> >>
> >> denial of service / space wastage protection. There's no config option available
> >> right now. I could be convinced to change it.
> >>
> >> How would you suggest we protect against exploiting delayed delete to fill the
> >> server without going over quota? Maybe a new quota field for "total mailbox
> usage
> >> including deleted stuff" that can be set to a high enough value that no reasonable
> >> user will ever hit it?
> >>
> >> Bron.
> >>
> >> --
> >> Bron Gondwana
> >> brong at fastmail.fm
> >> ----
> >
> > Hello, Bron
> > I understand the problem.
> > But at a corporate scenario, it is a rare event, because of jobs at stake, tracked
> user accounts, antispam measures, etc.
> > It is more likely a "rogue" client, bug/misconfiguration on a smartphone causing
> such problems.
> > We stay with official debian repositories versions as long as we could, receiving
> security patches.
> > So, mantaining an unofficial patch will be a big problem.
> > The sysadmin configurable parameters will be a more elegant solution.
> > Having configurations at sysadmin control will mantain cyrus flexible for use
> at different usage scenarios.
> > For the DoS / waste space problems, the 2 quota limits configurations are more
> suitable than counting folders quantity.
> > What if each folder contains 1 TB deleted messages?
> > Maybe a reasonable default (10 times user quota?) for those not wanting to configure
> is good idea.
> > Even better to have also a way to control individual accounts total quotas, for
> those corporate accounts like "sales at foo.bar" that receive lots of legitimate
> emails and have to
> > delete them after processing.
> > We have zabbix monitoring space at our cyrus backends, and need unlimited or
> configurable delayed expunge limits for recovering messages and folders for years
> at corporate
> > scenario.
> > Thanks .
> > Andre Felipe
>
> Remember, this is a limit on the number of deleted *mailboxes* kept, not
> messages.
>
> Bron, this could impact Pine/Alpine users that frequently postpone
> messages. Pine creates a folder named "postponed-msgs" to store drafts.
> The folder is created when a draft is saved and deleted when all drafts
> have been deleted/sent.
>
> Here is my personal deleted folders list, right now:
>
> DELETED.user.morgan.postponed-msgs.5755CF0C 0 p2 morgan lrswipkxtecda
> DELETED.user.morgan.postponed-msgs.5755F446 0 p2 morgan lrswipkxtecda
> DELETED.user.morgan.postponed-msgs.5755F486 0 p2 morgan lrswipkxtecda
> DELETED.user.morgan.postponed-msgs.5755F4D1 0 p2 morgan lrswipkxtecda
> DELETED.user.morgan.postponed-msgs.5755F4E4 0 p2 morgan lrswipkxtecda
> DELETED.user.morgan.postponed-msgs.5755F50E 0 p2 morgan lrswipkxtecda
> DELETED.user.morgan.postponed-msgs.5755F65F 0 p2 morgan lrswipkxtecda
> DELETED.user.morgan.postponed-msgs.5755F844 0 p2 morgan lrswipkxtecda
> DELETED.user.morgan.postponed-msgs.5756ECFC 0 p2 morgan lrswipkxtecda
> DELETED.user.morgan.postponed-msgs.5756F602 0 p2 morgan lrswipkxtecda
> DELETED.user.morgan.postponed-msgs.575706F8 0 p2 morgan lrswipkxtecda
> DELETED.user.morgan.postponed-msgs.57585C5D 0 p2 morgan lrswipkxtecda
> DELETED.user.morgan.postponed-msgs.57587FE1 0 p2 morgan lrswipkxtecda
>
> We are removing deleted mailboxes after 7 days:
>
> delprune cmd="/usr/local/cyrus/bin/cyr_expire -E 1 -X 7 -D 7" at=0100
>
>
> I don't know if other IMAP clients have similar quirky behavior, but I
> could see myself running into this limit. However, I certainly don't care
> about recovering my old postponed-msgs mailboxes.
>
> Hmmm, is this a limit per-mailbox (user.morgan.postponed-msgs) or per-user
> (all mailboxes under user.morgan)?
>
> Thanks,
> Andy
Hello, Andrew
Yes, I am aware of being mailboxes limit. This causes it to be even less suitable for the intended DoS/waste space control than the 2 quotas idea and less yet at corporate
scenario. And there are the individual total quota idea to evaluate.
We observed that there are corporate users that organize their inboxes at extreme levels, containing dozens of folders, classified by project, by department, by date, by subject, by
sender, etc.
Sometimes their reorganize / delete many of them. Using zabbix, we even observe spikes on available space on quotas and on disk space after expire period. The 20 limit is a
non starter, simply too small.
Could someone point where is such code at
https://github.com/cyrusimap/cyrus-imapd ?
Regards.
Andre Felipe
More information about the Info-cyrus
mailing list