Re: Rate Limiting in Dada Mail

From: "Justin J justin@PROTECTED [Dada Mail Developers]" <dadadev@PROTECTED>

In-Reply-To: (no subject)

Date: June 14th 2016

On Jun 13, 2016, at 8:34 PM, Yehuda Katz yehuda+dada@ymkatz net [Dada Mail Developers] dadadev@PROTECTED wrote:

Ten requests in a minute should definitely be enough - as long as it isn't counting assets, only main page access My only currently running Dada instance is 5 1 1 and it looks like that does load the assets through the cgi

No, no assets, Dada Mail hasn't served its own images, etc in quite a few versions now ;)

What it does count is specific functions, so requesting a subscription through the subscription form would be a specific function that could be counted, but viewing the membership screen in the list control panel would not

That means, you won't be kicked out of the list control panel, just by using it with heavy hands But trying to submit the subscription form 1,000 times in a second would not work after the (say) 10th time This is great, as people are expressing their concerns over bots filling out the subscription form with bogus addresses, and those addresses bouncing back Third party email services like SES are counting this against their own users because of the policies on bounce rates In the dev version I'm working on, I've basically rate limited every public form accessible without a session login (and some that do), so: subscriptions, confirmations, forward to a friend form, the various profile functions, logging into the list control panel, etc

‹ Re: Rate Limiting in Dada Mail

Index

v9.4.0 Beta 1 Released ›

Email Address

You're OK with using your email address as your primary contact for this email discussion list; messages will be sent on your behalf

Unsubscribe at Anytime | Privacy Policy

This mailing list is a public mailing list - anyone may join or leave, at any time.
This mailing list is a group discussion list (unmoderated)
Start a new thread, email: dadadev@dadamailproject.com

This is the developer discussion mailing list for Dada Mail.

If you are just looking for support Dada Mail, consult the message boards at:

https://forum.dadamailproject.com

Documentation for Dada Mail:

https://dadamailproject.com/d

Specifically, see the Error FAQ:

https://dadamailproject.com/d/FAQ-errors.pod.html

To post to this list, send a message to:

mailto:dadadev@dadamailproject.com

All subscribers of this list may post to the list itself.

Topics that are welcome:

Constructive critiques on the program (I like, "x", but, "y" needs some work - here's an idea on how to make this better...)
Bug/Error reports
Bug fixes
Request For Comments on any changes to the program
Help customizing Dada Mail for your own needs
Patches
Language Translations
Support Documentation/Doc editing, FAQ's, etc.
Discussion of any changes that you would like to be committed to the next version of Dada Mail -

Dada Mail is on Github:

https://github.com/justingit/dada-mail/

If you would like to fork, branch, send over PRs, open up issues, etc.

Privacy Policy:

This Privacy Policy is for this mailing list, and this mailing list only.

Email addresses collection through this mailing list are used explicitly to work within this email discussion list.

We only collect email addresses through our Closed-Loop Opt-In system.

We don't use your email address for any other purpose.

We won't be sharing your email address with any other entity.

Unsubscription can be done at any time. Please contact us at: justin@dadamailproject.com for any help regarding your subscription, including removal from the mailing list.

All mailing list messages sent from us will include a subscription removal link, which will allow you to remove yourself from this mailing list automatically, and permanently.

All consent to use your email address for any other purpose stated at the time of the mailing list subscription will also be revoked upon mailing list removal.