Re: Mail Data termination
2011-08-21 21:18:31
Murray S. Kucherawy wrote:
And if you somehow have so many open connections from clients that
you can't accept any more and another connection tries to arrive,
select the one that's been idle the longest, close it down
(releasing resources), and accept the new one. Or just generally
trim your idle timeout down.
Is there a loading limit in your arsenal against DoS attacks? Is
there such a thing as resource limits even for a Modern OS? And is it
reasonable for the CS client to pass the cost burden on the receiver
to solve what is only a client problem?
If the sender doesn't like closing and opening connections, then surely
it's just as beneficial for the sender to wait 10 seconds before
starting to send a message, then if another message to the same
destination arrives within that 10 seconds, it can batch them up without
adding unnecessary load to the receiver.
That's exactly how the connection cache works in some instances, depending
on whether or not the sender is configured to make an immediate delivery
attempt, or just wait for a queue run.
Thats better than a Connection Hogging design. They should wait the 5
seconds themselves and don't push its problem to receivers.
I'm really surprised there's so much sudden consternation about
this feature given how many MTAs have it, and the fact that
it's been around for well over a decade. Somehow, in that time,
the sky hasn't fallen.
It took a long time for people to see the SKY is fallen with pollution
and constant abuse before action is taken.
The effects has been marginal by keeping small holding time but it has
already reduced higher potential throughput with average sessions
times between 4-7 and mostly like explains why some systems see false
positives in DoS Attacks.
Connection Hogging is not an cooperative engineering design that only
serves the client only, not the receiver and new SMTP ideas will
emerge to get back fast session transactions such as a SERVER instant
drop after the ONE transaction is complete. Let them connect again if
they wish to send another message.
--
Sincerely
Hector Santos
http://www.santronics.com
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: Mail Data termination, (continued)
- RE: Mail Data termination, Murray S. Kucherawy
- Re: Mail Data termination, Peter J. Holzer
- Re: Mail Data termination, Hector Santos
- Re: Mail Data termination, Peter J. Holzer
- Re: Mail Data termination, Peter J. Holzer
- Re: Mail Data termination, Hector Santos
- Re: Mail Data termination,
Hector Santos <=
- RE: Mail Data termination, Murray S. Kucherawy
- Re: Mail Data termination, Hector Santos
- Re: Mail Data termination, Paul Smith
- Re: Mail Data termination, Hector Santos
- RE: Mail Data termination, Murray S. Kucherawy
- RE: Mail Data termination, ned+ietf-smtp
- Re: Mail Data termination, Arnt Gulbrandsen
- Re: Mail Data termination, Hector Santos
- Re: Mail Data termination, Arnt Gulbrandsen
- Re: Mail Data termination, Hector Santos
|
|
|