Bron Gondwana via Info-cyrus <info-cyrus@lists.andrew.cmu.edu> wrote .. > On Thu, Jun 9, 2016, at 03:02, Andre Felipe Machado via Info-cyrus wrote: > > Hello, > > At future release notes I read > > "Under delete_mode: delayed, only the 20 most recently deleted mailboxes are > kept for any given name." > > https://cyrusimap.org/imap/release-notes/3.0/x/3.0.0-beta2.html > > Is there any configuration parameter to increase this limit? > > Why this limit is needed? > > denial of service / space wastage protection. There's no config option > available > right now. I could be convinced to change it. > > How would you suggest we protect against exploiting delayed delete to fill the > server without going over quota? Maybe a new quota field for "total mailbox > usage > including deleted stuff" that can be set to a high enough value that no > reasonable > user will ever hit it? > > Bron. > > -- > Bron Gondwana > br...@fastmail.fm > ----
Hello, Bron I understand the problem. But at a corporate scenario, it is a rare event, because of jobs at stake, tracked user accounts, antispam measures, etc. It is more likely a "rogue" client, bug/misconfiguration on a smartphone causing such problems. We stay with official debian repositories versions as long as we could, receiving security patches. So, mantaining an unofficial patch will be a big problem. The sysadmin configurable parameters will be a more elegant solution. Having configurations at sysadmin control will mantain cyrus flexible for use at different usage scenarios. For the DoS / waste space problems, the 2 quota limits configurations are more suitable than counting folders quantity. What if each folder contains 1 TB deleted messages? Maybe a reasonable default (10 times user quota?) for those not wanting to configure is good idea. Even better to have also a way to control individual accounts total quotas, for those corporate accounts like "sa...@foo.bar" that receive lots of legitimate emails and have to delete them after processing. We have zabbix monitoring space at our cyrus backends, and need unlimited or configurable delayed expunge limits for recovering messages and folders for years at corporate scenario. Thanks . Andre Felipe
---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
