"Jason R. Mastaler" <[EMAIL PROTECTED]> writes: > I've gone ahead and implemented the auto-response rate limiting > algorithm discussed below. I have a few questions I'd like some > feedback on before I check it in. > > 1) Should this feature be turned on or off by default? I think on. > Better to be safe than sorry.
I think on, also. > 2) The pertinent configuration variable is called > ``MAX_AUTORESPONSES_PER_DAY'' which is pretty self-explanatory. What > is a good default value? Remember that this is a last-resort measure > to stop a broken auto-responder, so it should be high enough where no > legitimate cases trigger it. Also remember this limit is per-sender, > not total. How about 50/day? Too high? Too low? I'd go with something around 10, but see below. If a real person sends me 10 email messages in a row without confirming one, sending 40 more confirmations (assuming s/he keeps sending mail) probably won't make a confirmation response any more likely. [snip qmail-autoresponder algorithm...] > > The next question is whether it's acceptable for TMDA to just drop the > > auto-reply when the rate limit is exceeded. This will leave the > > sender no way to confirm that message (if indeed the message is > > legitimate, and not just part of a mail loop). Although perhaps if > > the rate limit is high enough, no legitimate case will get caught by > > this? What's a reasonable threshold? If, upon receipt of a single confirmation message, all messages for that sender are released, the need for a high threshold is reduced, it seems to me. The later messages, for which a confirmation wasn't sent, will still be successfully delivered. Tim _________________________________________________ tmda-workers mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-workers
