> [..] > Alf, thanks, and thumbs up. It is not so much of a fault of OpenBSD as > it is on courier-imap and thunderbird. > I did have to restart Thunderbird to make mailnews.tcptimeout actually > use 600 seconds, which is sick otherwise. But after some 2.5 minutes it > had nicely found the string in 'Entire Message', and otherwise behaved: > no forking, no too high load. > It is a nice DoS-combo, what courier-imap in conjunction with > Thunderbird offer here, and one doesn't even need local access. Just any > remote Thunderbird client will do, and we can't prevent the user from > drag&drop some tens of thousands of messages into a folder. Or, even > easier, reduce mailnews.tcptimeout, and we get one new process per one > second. Sick.
This is not a DoS, just a configuration issue. Have you tried changing the class to something else than daemon? > [..] >> Use smaller inboxes >> Get more iron:) >> > > Sorry, no. We need to do better than allowing an easy DoS. The lever > must not be iron or size, it needs to be predictable and always > reasonable behaviour of the softwares. read above. f.-
