I'm loving Roundcube, installation and configuration is a breeze, and the interface is elegant. I just installed it today and plan to get some good use from it . I've also started poking at it to find any security issues I can. What's the preferred method for me to submit security bugs such as XSS? good stuff, Chris
On 2/15/07, Chris Weber chris@lookout.net wrote:
I'm loving Roundcube, installation and configuration is a breeze, and the interface is elegant. I just installed it today and plan to get some good use from it . I've also started poking at it to find any security issues I can. What's the preferred method for me to submit security bugs such as XSS?
Preffered way is probably to setup a ticket and alert the list - just in case. You are also welcome to send patches. :-)
Cheers,
Till Klampaeckel e: mailto:klimpong@gmail.com p: +491704018676 l: http://beta.plazes.com/whereis/till
Want to know what's up in Berlin?
I setup a ticket for this bug. I'll work on a patch if someone doesn't beat me to it :)
-----Original Message----- From: till [mailto:klimpong@gmail.com] Sent: Friday, February 16, 2007 6:50 AM To: Chris Weber Cc: dev@lists.roundcube.net Subject: Re: security bugs
On 2/15/07, Chris Weber chris@lookout.net wrote:
I'm loving Roundcube, installation and configuration is a breeze, and the interface is elegant. I just installed it today and plan to get some good use from it . I've also started poking at it to find any security issues I can. What's the preferred method for me to submit security bugs such as XSS?
Preffered way is probably to setup a ticket and alert the list - just in case. You are also welcome to send patches. :-)
Cheers,
Till Klampaeckel e: mailto:klimpong@gmail.com p: +491704018676 l: http://beta.plazes.com/whereis/till
Want to know what's up in Berlin?
Is this the ticket you're referring to? If so, it has already been patched in the trunk.
http://trac.roundcube.net/trac.cgi/ticket/1484254
On 2/16/07, Chris Weber chris@lookout.net wrote:
I setup a ticket for this bug. I'll work on a patch if someone doesn't beat me to it :)
-----Original Message----- From: till [mailto:klimpong@gmail.com] Sent: Friday, February 16, 2007 6:50 AM To: Chris Weber Cc: dev@lists.roundcube.net Subject: Re: security bugs
On 2/15/07, Chris Weber chris@lookout.net wrote:
I'm loving Roundcube, installation and configuration is a breeze, and the interface is elegant. I just installed it today and plan to get some good use from it . I've also started poking at it to find any security issues I can. What's the preferred method for me to submit security bugs such as XSS?
Preffered way is probably to setup a ticket and alert the list - just in case. You are also welcome to send patches. :-)
Cheers,
Till Klampaeckel e: mailto:klimpong@gmail.com p: +491704018676 l: http://beta.plazes.com/whereis/till
Want to know what's up in Berlin?
Hello,
I'm an administrator of a popular website. I run a free email system. I use Roundcube as Webclient. The mail works on DBMAIL system. Unfortunately, I encountered a problem.
The email's been running for two months now. 30 000 users registered during the period and mailboxes consume 30 GB space. But, suddenly, there is a problem with Roundcube connecting to DBMAIL IMAP.
The messages are being opened very slow when connected to Roundcube (3-4 seconds/message). The comprehensive analysis has been done, but the problem hasn't been found. Server load is 0. Server logs show that Roundcube takes information from DBMAIL base and IMAP very quickly, but we don't know what it does for the next 3-4 seconds.
I tried to connect Roundcube to the other mail system, that's not usings DBMAIL, and everything worked fine, even though that system is more loaded. Also, I tried to connect to DBMAIL using SquirrelMail 1.5 and everything worked fine. We tried other WebMail clients and everything worked fine as well.
So my conclusion would be, that the problem is a DBMAIL and Roundcube compatibility issue.
Maybe someone has any ideas on solving the problem? I need to get this fixed in a couple of days and I don't want to go on a diffrent WebMail client.
I will appreciate any help and advices!
Povilas
if you could send us more info like maybe the proccess snippet of the imap server of a user using rc so we can see the commands and responses that it is issues
also what version of rc are you running?
flamasteris wrote:
Hello,
I'm an administrator of a popular website. I run a free email system. I use Roundcube as Webclient. The mail works on DBMAIL system. Unfortunately, I encountered a problem.
The email's been running for two months now. 30 000 users registered during the period and mailboxes consume 30 GB space. But, suddenly, there is a problem with Roundcube connecting to DBMAIL IMAP.
The messages are being opened very slow when connected to Roundcube (3-4 seconds/message). The comprehensive analysis has been done, but the problem hasn't been found. Server load is 0. Server logs show that Roundcube takes information from DBMAIL base and IMAP very quickly, but we don't know what it does for the next 3-4 seconds.
I tried to connect Roundcube to the other mail system, that's not usings DBMAIL, and everything worked fine, even though that system is more loaded. Also, I tried to connect to DBMAIL using SquirrelMail 1.5 and everything worked fine. We tried other WebMail clients and everything worked fine as well.
So my conclusion would be, that the problem is a DBMAIL and Roundcube compatibility issue.
Maybe someone has any ideas on solving the problem? I need to get this fixed in a couple of days and I don't want to go on a diffrent WebMail client.
I will appreciate any help and advices!
Povilas
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete this material from any computer.
In accordance with industry regulations, all messages are retained and are subject to monitoring.
This message has been scanned for viruses and dangerous content and is believed to be clean.
Securities offered through Cantella & Co., Inc., Member NASD/SIPC. Home Office: 2 Oliver Street, 11th Floor, Boston, MA 02109 Telephone: (617)521-8630
Hi,
Form our experience with DBMAIL the imap deamon tends to get very
sluggish when there are large loads on it and mail boxes are large.
We decided to move away from DBMAIL and move back to a flat file exim
solution with a super fast san device we had 3 times as much data as
you have in your Mail database.
Hope this helps. It was also a fearly painless migration from DBMAIL
back to exim.
viperKiwi
On 22/02/2007, at 7:44 AM, Chris Richardson wrote:
if you could send us more info like maybe the proccess snippet of
the imap server of a user using rc so we can see the commands and
responses that it is issues also what version of rc are you running?flamasteris wrote:
Hello,
I'm an administrator of a popular website. I run a free email
system. I use Roundcube as Webclient. The mail works on DBMAIL
system. Unfortunately, I encountered a problem.The email's been running for two months now. 30 000 users
registered during the period and mailboxes consume 30 GB space.
But, suddenly, there is a problem with Roundcube connecting to
DBMAIL IMAP.The messages are being opened very slow when connected to
Roundcube (3-4 seconds/message). The comprehensive analysis has
been done, but the problem hasn't been found. Server load is 0.
Server logs show that Roundcube takes information from DBMAIL base
and IMAP very quickly, but we don't know what it does for the next
3-4 seconds.I tried to connect Roundcube to the other mail system, that's not
usings DBMAIL, and everything worked fine, even though that system
is more loaded. Also, I tried to connect to DBMAIL using
SquirrelMail 1.5 and everything worked fine. We tried other
WebMail clients and everything worked fine as well.So my conclusion would be, that the problem is a DBMAIL and
Roundcube compatibility issue.Maybe someone has any ideas on solving the problem? I need to get
this fixed in a couple of days and I don't want to go on a
diffrent WebMail client.I will appreciate any help and advices!
Povilas
The information transmitted is intended only for the person or
entity to which it is addressed and may contain confidential and/or
privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this
information by persons or entities other than the intended recipient is
prohibited. If you received this in error, please contact the sender and delete
this material from any computer.In accordance with industry regulations, all messages are retained
and are subject to monitoring. This message has been scanned for viruses and dangerous content and
is believed to be clean. Securities offered through Cantella & Co., Inc., Member NASD/SIPC.
Home Office: 2 Oliver Street, 11th Floor, Boston, MA 02109 Telephone: (617)521-8630
--------------030404000502000406060906--
-
Adam Grelck -
Chris Richardson -
Chris Weber -
flamasteris -
Mike Hill -
till