similar to: SYN flooding / pipe() failed: Too many open files

Hello, the dovecot-example.conf states: # Authentication cache size in kilobytes. 0 means it's disabled. # Note that bsdauth, PAM and vpopmail require cache_key to be set for caching # to be used. #auth_cache_size = 0 # Time to live in seconds for cached data. After this many seconds the cached # record is no longer used, *except* if the main database lookup returns # internal failure. We

Hello, dovecot-1.0.3 on Fedora 6 works perfect in general but sometimes the system becomes unresponsive and the log file shows tons of messages like this: ... imap-login: Disconnected: Shutting down: 127.0.0.1, secured ... pop3-login: Disconnected: Shutting down: aa.bb.cc.dd Restarting dovecot helps, but what's behind? What can I do to prevent this? dovecot -n output: #

Hello *, since the upgrade to version 1.0.5 (from 1.0.3) I observe lines of the form imap(XXXXXXXX): Connection closed: Broken pipe in the logfile, which I've never seen before. What's behind? Should I care about? Regards ______________________________________________________________ Frank Elsner / c/o Technische Universitaet Berlin |

Hello *, I'm running dovecot 1.0.10 on a Fedora 6 with this configuration # 1.0.10: /usr/local/dovecot/etc/dovecot.conf base_dir: /var/run/dovecot/ protocols: imap imaps pop3 pop3s ssl_cert_file: /usr/local/dovecot/etc/mailbox.pem ssl_key_file: /usr/local/dovecot/etc/mailbox.key disable_plaintext_auth: no login_dir: /var/run/dovecot//login login_executable(default):

Convert plugin seems to have no effect with dovecot-1.0.rc26 and my settings. When a user log, maildir creation is successful, but no mbox conversion occur. New incoming mails are dropped into maildir, but I cant access those in Mbox file. I set the following in dovecot.con as describe on wiki. mail_location: maildir:/var/mail/Maildir/%u convert_mail: mbox:/var/mail:INBOX=/var/mail/%u Any

Hi *Problem *- I'm running Icecast in a VM container on OpenVZ. Syslog on the hardware node (HN) shows these error messages: Jan 23 18:43:05 HN kernel: [27469893.430615] possible SYN flooding on port 8000. Sending cookies. Jan 23 21:37:40 HN kernel: [27480362.817944] possible SYN flooding on port 8000. Sending cookies. Jan 23 23:43:50 HN kernel: [27487929.582025] possible SYN flooding on

On 07/20/2018 03:56 AM, Leon Fauster via CentOS wrote: > Hi folks, > > I have here a database node running > > # rpm -qa | grep mysql-server > mysql55-mysql-server-5.5.52-1.el6.x86_64 > > on > > # virt-what > vmware > > > that seems to have a connection problem: > > # dmesg |grep SYN |tail -5 > possible SYN flooding on port 3306. Sending cookies.

On a Linux Server running tincd I noticed the following log message in /var/log/messages kernel: possible SYN flooding on port 655. Sending cookies. I found this on the web: If SYN cookies are enabled, then the kernel doesn't track half open connections at all. Instead it knows from the sequence number in the following ACK datagram that the ACK very probably follows a SYN and a SYN-ACK.

I have just finished a patch to linux 2.0.29 that provides the SYN cookies protection against SYN flood attacks. You can grab it from my home page at: http://www.dna.lth.se/~erics/software/tcp-syncookies-patch-1.gz You can also follow the pointers from my home page (see the signature) to get a very short blurb about this patch. Quick synopsys: This implements the SYN cookie defense against SYN

Anyone seen this problem? server Apr 16 14:34:28 nas1 kernel: [7506182.154332] TCP: TCP: Possible SYN flooding on port 49156. Sending cookies. Check SNMP counters. Apr 16 14:34:31 nas1 kernel: [7506185.142589] TCP: TCP: Possible SYN flooding on port 49157. Sending cookies. Check SNMP counters. Apr 16 14:34:53 nas1 kernel: [7506207.126193] TCP: TCP: Possible SYN flooding on port 49159. Sending

Hi folks, I have here a database node running # rpm -qa | grep mysql-server mysql55-mysql-server-5.5.52-1.el6.x86_64 on # virt-what vmware that seems to have a connection problem: # dmesg |grep SYN |tail -5 possible SYN flooding on port 3306. Sending cookies. possible SYN flooding on port 3306. Sending cookies. possible SYN flooding on port 3306. Sending cookies. possible SYN flooding on

> Am 20.07.2018 um 18:52 schrieb Nataraj <incoming-centos at rjl.com>: > > On 07/20/2018 03:56 AM, Leon Fauster via CentOS wrote: >> Hi folks, >> >> I have here a database node running >> >> # rpm -qa | grep mysql-server >> mysql55-mysql-server-5.5.52-1.el6.x86_64 >> >> on >> >> # virt-what >> vmware >>

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= CERT(sm) Advisory CA-96.21 Original issue date: September 19, 1996 Last revised: -- Topic: TCP SYN Flooding and IP Spoofing Attacks - ----------------------------------------------------------------------------- *** This advisory supersedes CA-95:01. *** Two

Hi *, running dovecot 1.2.alpha1 I find the following messages in the log: Sep 10 01:28:38 seymour dovecot: IMAP(steffen,192.168.28.31): fchown(/home/Mail/steffen/subscriptions.lock) failed: Operation not permitted Sep 10 01:28:38 seymour dovecot: IMAP(steffen,192.168.28.31): file_dotlock_open() failed with subscription file /home/Mail/steffen/subscriptions: Operation not permitted Sep 10

On Tue, 12 Nov 2019 00:17:28 +0100 Frank Elsner via dovecot wrote: > On Mon, 11 Nov 2019 23:47:27 +0100 Frank Elsner via dovecot wrote: [ ... ] > I narrowed the probelem down to the warnings > > Warning: service auth { client_limit=128 } is lower than required under max. load (768) > Warning: service anvil { client_limit=256 } is lower than required under max. load (643) These

Happy Xmas, when using a post-login procedure the "verbose_proctitle = yes" has no effect. If it is feature then please explain else please fix the bug fi --Frank Elsner

Hi all, I want to use maildir++ quota with dovecot but when starting I get: > service dovecot start Starting IMAP-Service (dovecot 1.1.7) ILoading modules from directory: /usr/dovecot/lib/dovecot/imap IModule loaded: /usr/dovecot/lib/dovecot/imap/lib10_quota_plugin.so IModule loaded: /usr/dovecot/lib/dovecot/imap/lib11_imap_quota_plugin.so IModule loaded:

Hi to both adressed mailing lists, I followed the instructions in http://wiki2.dovecot.org/HowTo/EximAndDovecotSASL exim.conf: | plain: | driver = dovecot | public_name = PLAIN | server_socket = /var/run/dovecot/auth-client | server_set_id = $auth1 | | login: | driver = dovecot | public_name = LOGIN | server_socket = /var/run/dovecot/auth-client |

Hi, I try to compile dovecot -2.2.24 on Fedora 31 and get the following error: iostream-openssl.c: In function ?openssl_iostream_verify_client_cert?: iostream-openssl.c:118:37: error: dereferencing pointer to incomplete type ?X509_STORE_CTX? {aka ?struct x509_store_ctx_st?} 118 | subject = X509_get_subject_name(ctx->current_cert); | ^~ make[3]: ***

Perhaps someone will help me on this :- I have read a lot of examples of syn flood protect on the INPUT chain. That I have no question at all. I wonder if it make sense to perform syn flood protection at the FORWARD chain ? If packets are originated from a LAN worm, and are not targetted at the firewall itself, but rather at hosts in the internet, will it cause problem with the firewall itself,