On 5.9.2012, at 3.58, Timo Sirainen wrote:
On 3.9.2012, at 21.26, Kelsey Cummings wrote:
passdb { args = proxy=y nopassword=y driver = static }
I wonder if someone was doing a ton of logins for different usernames? This kind of setup where director doesn't verify the username can be attacked that way.
Although the extra users should be freed from the memory after 15 minutes.
Hmm. Once Dovecot supports moving existing connections from one backend server to another without the client noticing anything, the director could be simplified by using consistent hashing and when the number of backends changes, the director could start moving connections to their proper backends. During this move new connections would be handled by 1) if old backend = new backend just forward the connection there or 2) if they're different, request immediate move for that user's existing connections and wait for it to be finished before letting new connections finish. Or alternatively if the user isn't just being moved at that time, forward the connection to the old server and let it be part of the later move.
The main difference here is that directors wouldn't need to keep any track of user -> backend associations. The moving period could still be a bit tricky to handle well, especially since the situation can change again while a previous move is still going on.