While we're discussing e-mail...

Jeff Bone jbone at deepfile.com
Thu Apr 24 11:13:04 PDT 2003

(I'm sure the irony of my thinking about this problem will not be lost 
on folks here...)

So how can you stop the typical overpost argmageddon you see on mailing 
lists, like, uh, this one?  ;-) :-)  How do you stop what are 
effectively attention-oriented denial-of-service attacks, whether 
intentional or (as is the case w/ most such things on this list) 

There's an idea I've been thinking about for a while called "post 
throttling."  Basically, it works like this.  Each person that sends a 
message to a mailing list (though it doesn't have to be a mailing list, 
it could just be a single person's mailbox) has an associated variable 
/ sliding time window and post allowance, maintained by the mail server 
that receives mail for the recipient.  The first post by a person 
within a certain timeframes goes immediately to the list / mailbox;  
the second post within the timeframe is held for a short time before 
being released;  the third held for a longer time;  and so forth.  As 
the time window progresses without posts from the sender, the holding 
time for new post eases back down to zero.  You could also have an 
upper threshold beyond which the sender is effectively blacklisted 
until some human (recipient, list owner, etc.) takes action to 
un-blacklist them.



More information about the FoRK mailing list