On Thu, 2002-04-18 at 01:08, Chad wrote: > I'd thoroughly > enjoy finding a way to throttle the James Bond crew > from banging on qpopper with a dozen or more ID�s more > than once every 5 minutes or so...
This leads me to question whether the block should be on user ID or on IP address. The latter does have the disadvantage that it would unfairly block multiple users behind a NAT'd address. Also, I believe someone suggested that the throttle shouldn't kick in on the first violation. Ideally, the throttle should be dynamic, kicking in after bursts but not on a few isolated violations, allowing one to manually check frequently a few times, or re-check immediately after an unexpected connection drop. So the system needs a bit of hysteresis, which requires some memory of the last few intervals.
