Re: Cyrus tweaks (slow on roundcube)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Bron,

I found the issue. I've logged this with Kolab. Their plugins are initiating unneeded imap logins every time the user simply select a message. If you are interested, here's the bug report.

https://issues.kolab.org/show_bug.cgi?id=5219

Thanks for all your help!!!



On Mon, Sep 7, 2015 at 12:26 AM, Bron Gondwana <brong@xxxxxxxxxxx> wrote:
Yeah, so tls to localhost is dumb.  That's security theatre at its silliest.  Best to turn that off.

Here's some possibilities to make it not required:

imapd.conf:
allowplaintext: yes
sasl_mech_list: PLAIN LOGIN

There used to be a sasl layer thing we did too... "-p 1" in cyrus.conf for the imapd line that listens on localhost will tell sasl that you already have a protection layer.

Bron.


On Mon, Sep 7, 2015, at 12:15, signaldeveloper@xxxxxxxxx wrote:
> Hey Rudy!
>
> As far as entropy: Probably not, it's brand new. One user (me.. Testing) is playing on it. This is something I've never touched and know very little about, can you explain?
>
> And can you explain: Is saslauthd compiled against /dev/urandom?
>
> Thanks again guys..
>
> - Paul
>
>
>
>
> Sent from my iPhone
>
> > On Sep 6, 2015, at 9:50 PM, Rudy Gevaert <Rudy.Gevaert@xxxxxxxx> wrote:
> >
> >
> > Quoting signaldeveloper@xxxxxxxxx, Mon, 07 Sep 2015:
> >
> >> Hosts file is fine I checked that, thanks. Kolab uses 389 to
> >> authenticate for everything, so Cyrus is using LDAP as you can see
> >> above. I think the problem lies in the constant TLS logins into
> >> Cyrus for every click:
> >>
> >> imap[2281]: login: localhost [::1] johndoe@xxxxxxxxxx PLAIN+TLS User
> >> logged in
> >> SESSIONID=<es1.domain.com-2281-1441500890-1-15740725055571902363>
> >> Sep  5 20:54:51 es1 imap[2281]: USAGE johndoe@xxxxxxxxxx user:
> >> 0.009998 sys: 0.006999
> >>
> >>
> >> Again its only one user, on roundcube... I am afraid to put any more
> >> users on it. There doesn't seem to be much of performance tweaks
> >> with Cyrus around the web either...
> >
> > does your system have enough entropy?
> >
> > Is saslauthd compiled against /dev/urandom?
> >
> > Rudy
> >
> > --
> >  -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
> >  Rudy Gevaert                             e-mail: Rudy.Gevaert@xxxxxxxx
> >  Directie ICT, Afdeling Infrastructuur
> >  Groep Systemen                                      tel: +32 9 264 4750
> >  Universiteit Gent                                   fax: +32 9 264 4994
> >  Krijgslaan 281, gebouw S9, 9000 Gent, Belgie               www.UGent.be
> >  -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
> >
> >
> > ----
> > Cyrus Home Page: http://www.cyrusimap.org/
> > List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> > To Unsubscribe:
> > https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
> ----
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus


--
  Bron Gondwana
  brong@xxxxxxxxxxx

----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux