[
https://issues.apache.org/jira/browse/JAMES-679?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Stefano Bagnara resolved JAMES-679.
-----------------------------------
Reverted the sun specific change and applied the java standard solution
(Security.setProperty)
---
Now james uses a default 300 seconds expiration for the positive dns results
cache.
The expiration is tunable via system property -Dnetworkaddress.cache.ttl
Setting it to -1 will revert to the default "cache forever" JVM behaviour.
Setting it to 0 will remove caching at all.
Applied to trunk 4 days ago and backported to v2.3 (for 2.3.1) now.
---
Please note that the v2.3 branch dnsservice still uses InetAddress so this
configuration is really important, while in following branches (derived from
current trunk) we don't use InetAddress anymore and this is only a safety belt
for Mailets we host. Most people is not aware of this never-expired cache in
the JVM and we protect them from easy errors.
> Make sure our container use an expiration for cached dns data
> -------------------------------------------------------------
>
> Key: JAMES-679
> URL: https://issues.apache.org/jira/browse/JAMES-679
> Project: James
> Issue Type: Improvement
> Affects Versions: 2.3.0
> Reporter: Stefano Bagnara
> Assigned To: Stefano Bagnara
> Fix For: 2.3.1-dev
>
>
> Noel J. Bergman wrote:
> > Stefano Bagnara wrote:
> >> but it could happen (or maybe it already happen) that some third party
> >> library we use still make use of InetAddress "flawed" methods, and the
> >> above property would save us from the possible OutOfMemory because of
> >> the unbounded cache.
> >
> > Perhaps, but I would rather vet the code, and be more careful about what we
> > use. Now that we know one of the things to look for carefully, we can
> > avoid it. The better solution is to avoid the problem, not mask it.
> >
> > --- Noel
> I agree: we avoid it in trunk because of this.
> About the "not masking" I think that even if we solved it we should better
> add the property because our users could easily make our mistakes and use
> InetAddress in their mailets. The fact that DNSServer is not part of the
> mailet apis incentivate them to use InetAdress and not the James Server
> specific service.
> So I think we should really add the ttl property.
> Either "-Dsun.net.inetaddr.ttl=10" in the command line or
> java.security.Security.setProperty("networkaddress.cache.ttl" , "10");
> Should work.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
