[Dovecot] TIMO HELP! director ring wont stay connected
Kelsey Cummings
kgc at corp.sonic.net
Wed Sep 5 07:06:51 EEST 2012
On 9/4/2012 5:58 PM, Timo Sirainen wrote:
> On 3.9.2012, at 21.26, Kelsey Cummings wrote:
>
>> passdb {
>> args = proxy=y nopassword=y
>> driver = static
>> }
>
> I wonder if someone was doing a ton of logins for different usernames? This kind of setup where director doesn't verify the username can be attacked that way.
It doesn't look like there was a higher than normal number of failed
logins leading up to the connection issues. I'm going to write some
more stats collection tools to track state on the directors and see what
comes of it.
Can the director proxy validate the username via a unix pw lookup but
not check the password?
--
Kelsey Cummings - kgc at corp.sonic.net sonic.net, inc.
System Architect 2260 Apollo Way
707.522.1000 Santa Rosa, CA 95407
More information about the dovecot
mailing list