Thanks to a friend, it just a patch on imap.d where there is a hardcoded
sleep(3). Il left a usleep (100000)
It works better now. Php/imap client is trying three times before leaving..
LALOT Dominique a écrit :
Hello,
When there is a bad login, the answer is very long. I want to get if
faster even if it's worst for security purpose. I've tried to find an
answer about that question, buit nothing evident.
I'm using cyrus imap 2.2.12.
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN
allowplaintext: yes
usr/sbin/saslauthd -m /var/run/saslauthd -a pam -c -t 3600 -s 3000 -n 15
/etc/pam.d/imap
auth sufficient /lib/security/pam_cas.so
-simap://smtp-etumel.univ-mrs.fr -f/etc/pam_cas.conf
auth sufficient pam_ldap.so
auth required pam_unix.so nullok nodelay
account sufficient pam_ldap.so
account required pam_unix.so nodelay
time testsaslauthd -u fred -p pipo
0: NO "authentication failed"
real 0m0.056s
user 0m0.000s
sys 0m0.000s
It's quich enough. But under cyradm -> 5 secondes
I saw nothing valuable in imapd.conf. What can I do?
Thanks
Dom
--
Dominique LALOT
Ingénieur Système Réseau CISCAM Pole Réseau
Université de la Méditerranée http://annuaire.univ-mrs.fr/showuser.php?uid=lalot
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
