Re: cyrus 2.5 imap idle/stuck connections (DOS like)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear Cyrus friends and Heiler Bensimon Bemerguy,

You could use your firewall to achieve this.

For ipfw:

${fwcmd} add pass tcp from any to ${ip_me} imap setup limit src-addr 10

You have to lookup the right syntax for your firewall.

Dit you check man imapd or man cyrus, maybe there is also an option for the daemon itself, but I would prefer the firewall. 



On 7 Mar 2019, at 14:53, Heiler Bemerguy via Info-cyrus <info-cyrus@xxxxxxxxxxxxxxxxxxxx> wrote:

Hail,

I've noticed an user with ~200 open connections to cyrus  imap port (143) and, because of him, no one else could login to the server.

I've noticed even with a single "telnet ip 143", the connection is accepted and never ever dropped, even while still unauthenticated.

How to stop that from happening?

cyrus.conf:
imap            cmd="imapd -U 30" listen="imap" prefork=6 maxchild=200


--
Atenciosamente,

Heiler Bensimon Bemerguy - CINBESA
Analista de Redes, Wi-Fi,
Virtualização e Serviços Internet
(55) 91 98151-4894

----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux