Re: cyrus chokes after few logins

Sebastian Hagedorn wrote: --On 14. Oktober 2006 16:38:05 +0200 "Martin G.H. Minkler" <[EMAIL PROTECTED]> wrote: It was the low entropy of /dev/random - after disallowing APOP everything is just fine. Apparently the default for APOP is _enabled_ - to turn it off it needs to be explicitly set to

Re: cyrus chokes after few logins

--On 14. Oktober 2006 16:38:05 +0200 "Martin G.H. Minkler" <[EMAIL PROTECTED]> wrote: Solved! Glad to hear it. It was the low entropy of /dev/random - after disallowing APOP everything is just fine. Apparently the default for APOP is _enabled_ - to turn it off it needs to be explicitly set

Re: cyrus chokes after few logins

On Sat, 14 Oct 2006, Martin G.H. Minkler wrote: Didn't find any documentation in the manpages for saslauthd oder imapd.conf. Also still looking for dox on the sasl_min/max_layers, grateful for any hints. Random googling turns up: SSF is represented by an integer with one of the following va

Re: cyrus chokes after few logins

Sebastian Hagedorn schrieb: Just checked again - if I was to enable APOP, how could I set the random source for sasl? You have to specify the source prior to compilation with "configure": --with-devrandom=PATH set the path to /dev/random [/dev/random] Any way to achieve the same effect wi

Re: cyrus chokes after few logins

Solved! It was the low entropy of /dev/random - after disallowing APOP everything is just fine. Apparently the default for APOP is _enabled_ - to turn it off it needs to be explicitly set to allowapop: no. Manpage doesn't state that either ~:-/ If I was to enable APOP, how could I set the ra

Re: cyrus chokes after few logins

--On 14. Oktober 2006 16:13:12 +0200 "Martin G.H. Minkler" <[EMAIL PROTECTED]> wrote: Sebastian Hagedorn schrieb: Either make SASL use /dev/urandom or disable APOP: allowapop: 0 Just checked again - if I was to enable APOP, how could I set the random source for sasl? You have to specify

Re: cyrus chokes after few logins

Sebastian Hagedorn schrieb: Either make SASL use /dev/urandom or disable APOP: allowapop: 0 Just checked again - if I was to enable APOP, how could I set the random source for sasl? Manpages for imapd.conf and saslauthd don't state anything; my postfix tls_random_source is of course alrea

Re: cyrus chokes after few logins

-- "Martin G.H. Minkler" <[EMAIL PROTECTED]> is rumored to have mumbled on 14. Oktober 2006 04:00:23 +0200 regarding Re: cyrus chokes after few logins: Sebastian Hagedorn wrote: Looking at the imapd.conf just now does make me wonder why sasl even allows pop3 plaintext logins

Re: cyrus chokes after few logins

Sebastian Hagedorn wrote: Looking at the imapd.conf just now does make me wonder why sasl even allows pop3 plaintext logins without TLS with sasl_minimum_layer set to 256... Probably "allowplaintext" overrides that. Good question - anybody know more? Which value do I set then to force TLS bu

Re: cyrus chokes after few logins

Hi, just a few educated guesses ... --On 14. Oktober 2006 00:17:15 +0200 "Martin G.H. Minkler" <[EMAIL PROTECTED]> wrote: Abstract: Cyrus or sasl choke after a few POP3 logins following quickly after one another despite high prefork values. I'm guessing lack of entropy for the APOP banner.

cyrus chokes after few logins

Alohá! First off: Sorry für crossposting this but I think it hast to do with both, cyrus and SASL. Second off: Beware, long post! (Although a good bit is just logs) :-) Abstract: Cyrus or sasl choke after a few POP3 logins following quickly after one another despite high prefork values. The