Re: Protection against POP or IMAP Denial of Service (DOS)
On Wed, 21 May 2008 07:13:10 +0200, Christiaan den Besten [EMAIL PROTECTED] said: Bron, What does the authentication for nginx for you, since it can't query for example a ldap directly ( at least, not the last time I checked )? The epoll will scale, but wondering what is the most 'light' method to do the actual authentication .. Perl, it's the swiss cheese^H^H^H^H^H^Harmy knife of tools. Specifically, we have this funky little thing that's increasingly inaccurately named saslperld. It's just forking Net::Server derivative that listens to unix sockets. It currently talks the following protocols: * lookup * mux * nginx * perdimap * perdpop * vfs Ok - so we don't use either of the perdition ones any more, they should probably get removed in the cleanup I'm planning to do later this week (while working on one time password, openid, other goodies). lookup is a simple key value protocol allowing usernames to be resolved to our internal userids. It's used by log analysis tools. mux is the saslauthd protocol. Some sort of packed struct format from memory. nginx is the nginx http authentication protocol vfs is also very badly named. It's the protocol that I originally wrote for handling our vfs interfaces (DAV FTP) but has since expanded to be used by our web interface and every other bit of code that wants to check user authentication details, because the protocol is so easy to use from our perl libraries. The overhead of unix sockets really is very low, and being separate processes means any epoll thingy (looking a DJabberd soon hopefully) can chat to it asynchronously without having to do its own thread pool. It also listens on a UDP port for broadcast cache expiry events and caches user details to reduce database traffic for protocols with frequent short-lived logins. Bron. -- Bron Gondwana [EMAIL PROTECTED] Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Hyphens in folder names break LIST
On Tue, 20 May 2008, Matthew Hodgson wrote: If I create a hierarchy of folders such as: test test.SPAM test-foo and try to list the folder hierarchy with something like: 11 LIST test% I get broken output, where test is listed twice - the second time with a \Noselect flag: The problem is that '-' sorts before '.' in ASCII. Try: improved_mboxlist_sort: 1 (You will need to dump and then restore the mboxlist). -- David Carter Email: [EMAIL PROTECTED] University Computing Service,Phone: (01223) 334502 New Museums Site, Pembroke Street, Fax: (01223) 334679 Cambridge UK. CB2 3QH. Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Help with bulletin board functionality
--On Tuesday, May 20, 2008 10:44 +0200 Mark Clarke [EMAIL PROTECTED] wrote: We are experimenting with using cyrus imap bulletin boards. Our imap server hosts several domains and we figured out how to create bulletin board folders for the different domains, in cyradm, by going cm [EMAIL PROTECTED]. There are probably issues related to the domain hosting that I never had to deal with. But I can answer some of this. 1) How to post to the bulletin board? I have read about using a syntax like [EMAIL PROTECTED] At first the smtp server was refusing to deliver to this address until we added it to the allowed virtual domain addresses. (We are using postfix for smtp). Now the message gets to cyrus but we get a 500 error about the mailbox not existing or not having sufficient rights to post. I have given myself all rights to the mailbox. The permission needed is anyone p. Depending on how your system is set up, cyrus may have no way to verify who is sending mail, and would need to see that anyone has the p permission. This is no different than for any mailbox. All inboxes have an implicit anyone p. 2)How do you delete an entry from the bulletin board folder? Since I had all rights I deleted a test mail I got into the folder by dragging and dropping it in evolution. On my machine the folder is empty. On other users who has lr rights to the mailbox the mail is still showing. How do I delete it from everyones view? The same way you delete from any mailbox. Someone with the d permission can mark it deleted, and then expunge. I cannot think of any way to duplicate what you describe. It sounds like evolution is showing you something different from what is on the server, which would be pretty bad. Maybe you could check by reading with a different client, or from a different computer, using your own account, or even better, learn how to type imap commands from telnet so you can get a view without a client. Joseph Brennan Lead Email Systems Engineer Columbia University Information Technology Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
