By popular demand the issue is back......
Apr 18 08:45:07 srv1 dovecot: pop3-login: Aborted login: rip=127.0.0.1,
lip=127.0.0.1, secured
Apr 18 08:45:13 srv1 dovecot: pop3-login: Aborted login: user=<test>,
method=PLAIN, rip=81.18.67.70, lip=10.5.36.4
Apr 18 08:45:13 srv1 dovecot: pop3-login: Aborted login: user=<sales>,
method=PLAIN, rip=81.18.67.70, lip=10.5.36.4
Apr 18 08:45:13 srv1 dovecot: pop3-login: Aborted login: user=<root>,
method=PLAIN, rip=81.18.67.70, lip=10.5.36.4
Apr 18 08:45:15 srv1 dovecot: pop3-login: Aborted login: user=<contact>,
method=PLAIN, rip=81.18.67.70, lip=10.5.36.4
Apr 18 08:45:17 srv1 dovecot: pop3-login: Aborted login: user=<account>,
method=PLAIN, rip=81.18.67.70, lip=10.5.36.4
Apr 18 08:45:17 srv1 dovecot: pop3-login: Aborted login: user=<root>,
method=PLAIN, rip=81.18.67.70, lip=10.5.36.4
Apr 18 08:45:17 srv1 dovecot: pop3-login: Aborted login: user=<test>,
method=PLAIN, rip=81.18.67.70, lip=10.5.36.4
Apr 18 08:45:17 srv1 dovecot: pop3-login: Aborted login: user=<sales>,
method=PLAIN, rip=81.18.67.70, lip=10.5.36.4
Apr 18 08:45:17 srv1 dovecot: pop3-login: Aborted login: user=<support>,
method=PLAIN, rip=81.18.67.70, lip=10.5.36.4
Apr 18 08:45:19 srv1 dovecot: pop3-login: Aborted login:
user=<administrator>, method=PLAIN, rip=81.18.67.70, lip=
After a few bunch more of this the server stopped responding.
-----Original Message-----
From: Brian N. Smith [mailto:brian (at mark) nuonce.net]
Sent: Monday, April 16, 2007 6:05 PM
To: coba-e (at mark) bluequartz.org
Subject: [coba-e:09588] Re: Dovecot/POP3 Flood
> After, we only did the changes to dovecot.conf and with 100
> consecutive connections per sec we did not exhibit the same issue.
Are you saying that the configuration that I had recommended seams to have
cleared up the dovecot-auth bug/issue?
-Brian