Bron,
I found the issue. I've logged this with Kolab. Their plugins are initiating unneeded imap logins every time the user simply select a message. If you are interested, here's the bug report.
Thanks for all your help!!!
On Mon, Sep 7, 2015 at 12:26 AM, Bron Gondwana <brong@xxxxxxxxxxx> wrote:
Yeah, so tls to localhost is dumb. That's security theatre at its silliest. Best to turn that off.
Here's some possibilities to make it not required:
imapd.conf:
allowplaintext: yes
sasl_mech_list: PLAIN LOGIN
There used to be a sasl layer thing we did too... "-p 1" in cyrus.conf for the imapd line that listens on localhost will tell sasl that you already have a protection layer.
Bron.
--
On Mon, Sep 7, 2015, at 12:15, signaldeveloper@xxxxxxxxx wrote:
> Hey Rudy!
>
> As far as entropy: Probably not, it's brand new. One user (me.. Testing) is playing on it. This is something I've never touched and know very little about, can you explain?
>
> And can you explain: Is saslauthd compiled against /dev/urandom?
>
> Thanks again guys..
>
> - Paul
>
>
>
>
> Sent from my iPhone
>
> > On Sep 6, 2015, at 9:50 PM, Rudy Gevaert <Rudy.Gevaert@xxxxxxxx> wrote:
> >
> >
> > Quoting signaldeveloper@xxxxxxxxx, Mon, 07 Sep 2015:
> >
> >> Hosts file is fine I checked that, thanks. Kolab uses 389 to
> >> authenticate for everything, so Cyrus is using LDAP as you can see
> >> above. I think the problem lies in the constant TLS logins into
> >> Cyrus for every click:
> >>
> >> imap[2281]: login: localhost [::1] johndoe@xxxxxxxxxx PLAIN+TLS User
> >> logged in
> >> SESSIONID=<es1.domain.com-2281-1441500890-1-15740725055571902363>
> >> Sep 5 20:54:51 es1 imap[2281]: USAGE johndoe@xxxxxxxxxx user:
> >> 0.009998 sys: 0.006999
> >>
> >>
> >> Again its only one user, on roundcube... I am afraid to put any more
> >> users on it. There doesn't seem to be much of performance tweaks
> >> with Cyrus around the web either...
> >
> > does your system have enough entropy?
> >
> > Is saslauthd compiled against /dev/urandom?
> >
> > Rudy
> >
> > --
> > -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
> > Rudy Gevaert e-mail: Rudy.Gevaert@xxxxxxxx
> > Directie ICT, Afdeling Infrastructuur
> > Groep Systemen tel: +32 9 264 4750
> > Universiteit Gent fax: +32 9 264 4994
> > Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be
> > -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
> >
> >
> > ----
> > Cyrus Home Page: http://www.cyrusimap.org/
> > List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> > To Unsubscribe:
> > https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
> ----
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Bron Gondwana
brong@xxxxxxxxxxx
----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus