[Kolab-devel] [issue599] IMAPD causes too many LDAP connections (scalability/DOS problem)
Martin Konold
kolab-issues at intevation.de
Fri Jan 7 13:16:41 CET 2005
New submission from Martin Konold <martin.konold at erfrakon.de>:
Outlook will then stress the server a lot, and a "netstat" command will show
the
number of LDAP connexions are increasing A LOT (every synchronisation or
send/receive action will result in 9 or 10 new connexions for each folder).
After doing this several times, Cyrus will reject all new connexions, while the
number of LDAP opened connexion has reached ~ 500 ou 600 ! OpenLDAP says "Too
much connexions"
Those connexion will be released only after at least one minute, and during
this
time the imap server will be totally unreachable.
It can also be reproduced with Evolution, only by atempting to connect tothe
server without giving any password. Each time the connexion fails, there is 4
or 5 new LDAP entries with the "netstat" command.
It take more times, but it's also possible to make the server unreachable.
The only way I've found to avoid this behaviour is to modyfy the imapd.conf
file, and by comment the LDAP part :
# support for lookup of mailbox name from local LDAP server
ldap_uri: ldap://127.0.0.1:389
ldap_base: dc=atolcd,dc=com
ldap_bind_dn: cn=nobody,cn=internal,dc=atolcd,dc=com
ldap_password: 7RQzdA4im9p3lbE+py9cMw/xbQqXVVvQHXZyCZ1w
ldap_time_limit: 15
virtdomains: ldap
and by replacing by
virtdomains: userid
Of course, it seems mainly related to the way some client manages IMAP, but I'm
not sure this is not a source of problems in term of scalability.
----------
assignedto: martin
messages: 3417
nosy: bernhard, martin
priority: urgent
status: in-progress
title: IMAPD causes too many LDAP connections (scalability/DOS problem)
topic: server
________________________________________________
Kolab issue tracker <kolab-issues at intevation.de>
<https://intevation.de/roundup/kolab/issue599>
________________________________________________
More information about the devel
mailing list