On 5/6/2010 11:36 AM, Anthony Papillion wrote:
...
Now, the TweetFree Network Servers maintain a network block list. So
every time the Relay Servers send a post, the Network Server checks to
make sure the client that the relay is posting for isn't blocked from
the network. If it is, it says no and the relay tells the client that
it couldn't post its message. The problem with this, of course, is
that you might have thousands of Relay Servers hitting the Network
Servers (as happened during the Iranian election) and each of those
requests have to be processed. That puts a bit of a load on the server
that I'd like to alleviate.
So my thought is to maintain a blacklist of client keys on the Network
Servers and have the Relay Servers download this list every few
minutes. Then, clients could be blocked at the RELAY level instead of
at the Network level and less load would be put on the Network Servers
(of which there are only about 10).
My problem is that I'm not sure how to protect this list. The list is
a simple text file that contains client keys. No identifying
information, but client keys nonetheless. If it's a .txt file then the
contents are viewable publicly which *could* pose a security risk in
highly volatile environments. If I name it with the .php extension,
it's handled like a PHP file and, thus, the text in it can't be read.
...
I would suggest mirroring the infrastructure of spam DNS Real-time
Blackhole lists. The technology has already been proven and you would
just be re purposing it for your own application. Rather than have the
relay servers download an entire list, have them query a pool of private
DNS Blacklist servers on demand and maybe even cache the data for a
period of time.
~Rolan
_______________________________________________
New York PHP Users Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
http://www.nyphp.org/Show-Participation
