Loading ...
Sorry, an error occurred while loading the content.

Re: SMTP-SASL auth failure caching.

Expand Messages
  • Keean Schupke
    Found what I think is a mistake in the documentation. dict_del in util/dict_open.c is documented as returning non-zero on success. This seems to be wrong,
    Message 1 of 77 , Dec 1, 2007
    • 0 Attachment
      Found what I think is a mistake in the documentation. "dict_del" in
      "util/dict_open.c" is documented as returning non-zero on success.
      This seems to be wrong, it returns greater than zero if the key does
      not exist, zero if the key does exist and is deleted okay, and less
      than zero on any other error.

      Regards,
      Keean Schupke, Fry-IT Ltd.

      On 30/11/2007, Wietse Venema <wietse@...> wrote:
      > Victor Duchovni:
      > > On Fri, Nov 30, 2007 at 06:36:49PM +0000, Keean Schupke wrote:
      > >
      > > > Okay, a question about the verify service.
      > > >
      > > > If I do this, it seems that there will be all sorts of strange
      > > > interactions with the normal verify service. You may have conflicting
      > > > goals...
      > >
      > > No, none at all. The verify(8) service is just a database.
      >
      > I would not use verify(8), because that solves a different problem:
      >
      > did a probe for a specific email address get bounced or deferred?
      >
      > The problem at hand is this:
      >
      > did x allow me to log in with this particular username?
      >
      > But that is the less important issue.
      >
      > The reason for a dedicated daemon is that the typical UNIX DB/DBM
      > library is not suitable for concurrent updates by multiple processes.
      > This is why Postfix has tlsmgr(8) for TLS cache management, and
      > verify(8) for address verification management.
      >
      > Now, this dedicated daemon could be competely outside of Postfix,
      > if the client side of the protocol is simple enough.
      >
      > Wietse
      >
    • Victor Duchovni
      ... Yes, that s the idea. Also CPUs have historically gotten faster year-by-year. Moore s law is looking a bit more feeble lately, we are getting the
      Message 77 of 77 , Dec 4, 2007
      • 0 Attachment
        On Tue, Dec 04, 2007 at 09:04:19PM +0000, Keean Schupke wrote:

        > How about we make the key iterations a config variable, and let the
        > user make the balance between speed and security?

        Yes, that's the idea. Also CPUs have historically gotten faster
        year-by-year. Moore's law is looking a bit more feeble lately, we are
        getting the feature-size scaling (more cores per die) but the clock-rate
        seems to have stalled for a bit.

        Finally, the table will not be in the chroot jail, proxymap/proxywrite
        won't be chrooted even when other processes are. So some "postfix"
        processes will have less access to the table than others.

        Anyway this is all coverging to something sensible. The question for
        the smtp(8) side is whether making the password hash the key is the
        best choice. We could make "nexthop user" the key, and stick the
        password hash in the result. That way deletion will actually work.

        Otherwise, new passwords will be set before the fail map entry expires,
        and the table entry becomes orphaned.

        If this change is made, the entry is valid only if not expired, and the
        password hash matches. Looks a lot an /etc/shadow entry with a user name
        and PKCS#5 v2 password hash, only it perversely records invalid passwords!

        --
        Viktor.

        Disclaimer: off-list followups get on-list replies or get ignored.
        Please do not ignore the "Reply-To" header.

        To unsubscribe from the postfix-users list, visit
        http://www.postfix.org/lists.html or click the link below:
        <mailto:majordomo@...?body=unsubscribe%20postfix-users>

        If my response solves your problem, the best way to thank me is to not
        send an "it worked, thanks" follow-up. If you must respond, please put
        "It worked, thanks" in the "Subject" so I can delete these quickly.
      Your message has been successfully submitted and would be delivered to recipients shortly.