cyrus 2.5 imap idle/stuck connections (DOS like)
Willem Offermans
Willem at Offermans.Rompen.nl
Thu Mar 7 09:25:55 EST 2019
Dear Cyrus friends and Heiler Bensimon Bemerguy,
You could use your firewall to achieve this.
For ipfw:
${fwcmd} add pass tcp from any to ${ip_me} imap setup limit src-addr 10
You have to lookup the right syntax for your firewall.
Dit you check man imapd or man cyrus, maybe there is also an option for the daemon itself, but I would prefer the firewall.
Wiel Offermans
Willem at Offermans.Rompen.nl
> On 7 Mar 2019, at 14:53, Heiler Bemerguy via Info-cyrus <info-cyrus at lists.andrew.cmu.edu> wrote:
>
> Hail,
>
> I've noticed an user with ~200 open connections to cyrus imap port (143) and, because of him, no one else could login to the server.
>
> I've noticed even with a single "telnet ip 143", the connection is accepted and never ever dropped, even while still unauthenticated.
>
> How to stop that from happening?
>
> cyrus.conf:
> imap cmd="imapd -U 30" listen="imap" prefork=6 maxchild=200
>
>
> --
> Atenciosamente,
>
> Heiler Bensimon Bemerguy - CINBESA
> Analista de Redes, Wi-Fi,
> Virtualização e Serviços Internet
> (55) 91 98151-4894
>
> ----
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20190307/22918878/attachment-0001.html>
More information about the Info-cyrus
mailing list