imap: only give AUTH=ANONYMOUS clients prefetch

Looking at IMAP traffic on public-inbox.org, it seems there is a
fair amount of traffic coming from malicious clients assuming
the IMAP server is compromised and searching for private
information.  Since AUTH=ANONYMOUS clients are more likely to
be legitimate clients looking for publicly-archived mail,
give them priority.

diff --git a/lib/PublicInbox/IMAP.pm b/lib/PublicInbox/IMAP.pm
index bed633e50789cccb8b1790e29b5d752e6c6ff455..4ef5252b56d02167eaf342bb77892e0f08824202 100644 (file)
--- a/lib/PublicInbox/IMAP.pm
+++ b/lib/PublicInbox/IMAP.pm
@@ -138,6 +138,7 @@ sub login_success ($$) {
 sub auth_challenge_ok ($) {
        my ($self) = @_;
        my $tag = delete($self->{-login_tag}) or return;
+       $self->{anon} = 1;
        login_success($self, $tag);
 }
 
@@ -588,10 +589,9 @@ sub fetch_blob_cb { # called by git->cat_async via ibx_async_cat
                $smsg->{blob} eq $oid or die "BUG: $smsg->{blob} != $oid";
        }
        my $pre;
-       if (!$self->{wbuf} && (my $nxt = $msgs->[0])) {
-               $pre = ibx_async_prefetch($ibx, $nxt->{blob},
+       ($self->{anon} && !$self->{wbuf} && $msgs->[0]) and
+               $pre = ibx_async_prefetch($ibx, $msgs->[0]->{blob},
                                        \&fetch_blob_cb, $fetch_arg);
-       }
        fetch_run_ops($self, $smsg, $bref, $ops, $partial);
        $pre ? $self->dflush : $self->requeue_once;
 }