Re: [vchkpw] limiting frequency of pop access
At 08:23 PM 2/6/2005, you wrote: Does anyone know if there is a way to limit the frequency with which users pop in to check their email. We have a problem where hundreds of users are checking their email every minute and putting an excessive load on the server. We would like to refuse pop3 connections to a user unless ten minutes has passed. Thanks in advance for any help. it's not the solution you're looking for, but wouldn't it be better to send out a pop bulletin, asking customers to reduce the frequency with which they check for new mail? That's better than dealing with the tech support inquiries you'll get when customers start 'having trouble connecting to the pop server'. just imho Paul Theodoropoulos http://www.anastrophe.com http://www.smileglobal.com
Re: [vchkpw] limiting frequency of pop access
Jeff Koch wrote:
Does anyone know if there is a way to limit the frequency with which
users pop in to check their email. We have a problem where hundreds of
users are checking their email every minute and putting an excessive
load on the server. We would like to refuse pop3 connections to a user
unless ten minutes has passed.
Thanks in advance for any help.
There is support for something like that in the CVS version of vpopmail.
If you are using CDB, it is pretty well tested, and might be safe to
use. MySQL is lightly tested, and appears to work. No other back ends
have been tested.
If you don't want to take that chance, you can look at the following
patch to vchkpw.c for a way to install just that feature.
http://cvs.sourceforge.net/viewcvs.py/vpopmail/vpopmail/vchkpw.c?r1=1.13&r2=1.14
If you change the source file to look like the right column, leaving out
the #ifdef MIN_LOGIN_INTERVAL and associated #endifs it will add that
ability. in the if(), change '< MIN_LOGIN_INTERVAL' to the '< {number
of seconds}' you want to reject logins for. 600 seconds = 10 minutes,
so maybe use 580 so if they set their mail clients to 10 minutes they
are safe.
This patch is nasty... as long as they check email every minute, they
will NEVER receive it. They _must_ set their interval between checks to
be longer than the time limit you specify, or every check after the
first will fail. But then that is what you want them to do, right?
Be prepared for lots of panic stricken users, and maybe a lynch mob. :)
Eventually I want to put in a grace count which will allow someone to
short cycle a few times before the penalty goes into effect. If you are
expecting something important you can manually check say 5 to 10 times
within the normal interval, but repeated short attempts will trigger the
penalty delay.
[vchkpw] limiting frequency of pop access
Does anyone know if there is a way to limit the frequency with which users pop in to check their email. We have a problem where hundreds of users are checking their email every minute and putting an excessive load on the server. We would like to refuse pop3 connections to a user unless ten minutes has passed. Thanks in advance for any help. Best Regards, Jeff Koch
Re: [vchkpw] courier-imap roaming-users problem
Newer version of courier-imap will no longer be able to write the IPs into the relay table. This is because all authentication has now been moved out of courier (and sqwebmail) and into the courier-authlib package. As has always been the case, authdaemon doesn't support POP before SMTP. That's why I chose never to use authdaemon. Now that courier no longer supports POP before SMTP via the authvchkpw module, it's just one more good reason not to use courier-imap for POP3 services. Use qmails pop3d instead. That way POP users still get roaming access. IMAP users are users newer email clients that support SMTP AUTH and should be directed to use that instead. I have overcome this via the relay-ctrl package. My roaming users don't roam very often, but -do- (and are required to) use DDNS. Via their DDNS record, I can easily access their machine if need be...but I digress. I have written a -simple- perl cron that reverse queries their name/ip mapping, and updates the relay-ctrl directory of the allowed ip's that can relay. This way, I'm still using courier. (not that qmail-pop is bad, I've used it too...just have courier in this case) Just my approach. -Chris
