[Tools-discuss] Re: Too aggressive rate limiting for mailinglist web archives inhibits normal use

Erik Auerswald <auerswal@unix-ag.uni-kl.de> Fri, 30 August 2024 19:36 UTC

Return-Path: <auerswal@unix-ag.uni-kl.de>
X-Original-To: tools-discuss@ietfa.amsl.com
Delivered-To: tools-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EA9AC13AE2C for <tools-discuss@ietfa.amsl.com>; Fri, 30 Aug 2024 12:36:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xILvKMFwv-_w for <tools-discuss@ietfa.amsl.com>; Fri, 30 Aug 2024 12:36:55 -0700 (PDT)
Received: from mailgw1.uni-kl.de (mailgw1.uni-kl.de [IPv6:2001:638:208:120::220]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E564DC1522B9 for <tools-discuss@ietf.org>; Fri, 30 Aug 2024 12:36:54 -0700 (PDT)
Received: from sushi.unix-ag.uni-kl.de (sushi.unix-ag.uni-kl.de [IPv6:2001:638:208:ef34:0:ff:fe00:65]) by mailgw1.uni-kl.de (8.14.4/8.14.4/Debian-8+deb8u2) with ESMTP id 47UJbLvQ186163 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 30 Aug 2024 21:37:21 +0200
Received: from sushi.unix-ag.uni-kl.de (ip6-localhost [IPv6:::1]) by sushi.unix-ag.uni-kl.de (8.14.4/8.14.4/Debian-4+deb7u1) with ESMTP id 47UJaneS023963 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 30 Aug 2024 21:36:50 +0200
Received: (from auerswal@localhost) by sushi.unix-ag.uni-kl.de (8.14.4/8.14.4/Submit) id 47UJanQq023962; Fri, 30 Aug 2024 21:36:49 +0200
Date: Fri, 30 Aug 2024 21:36:49 +0200
From: Erik Auerswald <auerswal@unix-ag.uni-kl.de>
To: Robert Sparks <rjsparks@nostrum.com>
Message-ID: <20240830193649.GA21354@unix-ag.uni-kl.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <e0daef5a-ff53-4731-88d3-dd78ea7d3bba@nostrum.com> <7b123c23-d53a-4d02-8726-d572d6667a07@nostrum.com> <9c9f9ed5-a6b3-4c78-9ec2-a5448b1793a1@nostrum.com>
Author: Erik Auerswald <auerswal@unix-ag.uni-kl.de>
Message-ID-Hash: WDTOO2AGXNULE4EJTSHKEXAXU7CPXQ5W
X-Message-ID-Hash: WDTOO2AGXNULE4EJTSHKEXAXU7CPXQ5W
X-MailFrom: auerswal@unix-ag.uni-kl.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tools-discuss.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: tools-discuss@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Tools-discuss] Re: Too aggressive rate limiting for mailinglist web archives inhibits normal use
List-Id: IETF Tools Discussion <tools-discuss.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tools-discuss/AMH_Flpt87F3VAR_mYGJV1vWE1g>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tools-discuss>
List-Help: <mailto:tools-discuss-request@ietf.org?subject=help>
List-Owner: <mailto:tools-discuss-owner@ietf.org>
List-Post: <mailto:tools-discuss@ietf.org>
List-Subscribe: <mailto:tools-discuss-join@ietf.org>
List-Unsubscribe: <mailto:tools-discuss-leave@ietf.org>

Hi Robert,

On Fri, Aug 30, 2024 at 11:29:58AM -0500, Robert Sparks wrote:
> Thanks Erik -
> 
> We're tuning to deal with a _massive_ botnet attack on mailarchive
> that's well enough constructed to be difficult to separate from
> traffic like yours. We'll adjust.

Thanks!

On Fri, Aug 30, 2024 at 11:35:08AM -0500, Robert Sparks wrote:
> Also, if you log in, it makes it easier for us to separate your
> traffic from the bots.

I do not have a datatracker account.

On Fri, Aug 30, 2024 at 11:34:06AM -0500, Robert Sparks wrote:
> On 8/30/24 11:15 AM, Erik Auerswald wrote:
> >This skimming uses the keyboard, i.e., I press cursor down to look at
> >the next email subject.  This automatically loads the email body as
> >well, even if I do not intend to read it.  Using the mouse to hit the
> >invisible scroll bar of the small (only 4 messages) window is quite
> >hard for me and thus not an acceptable UI.  Using the keyboard for
> >navigation seems to be the intended UI for actual use by most.
> 
> if you have a scroll wheel on your mouse (or can scroll with a
> trackpad) it will trigger the next pageload.

Yes, but that does not work well with the (default¹) size of four
messages in the list, because a single "click" of the mouse wheel scrolls
a bit more than 2 messages.  The scrolling speed in the frame showing
the email body is too fast for my taste, too, but I see more lines and
thus have to do less scrolling per reading.

I usually go through the message list quickly until I reach the day I
last read IETF email.  Using cursor keys selects each message in turn
and creates quite a few requests, which has triggered the rate limit.

Having found the respective day, I start from the oldest email of that
day and take a quick look at the start of the text to find the first
I have not yet seen.  Again, that does create some requests in a short
time window.

Since the email body frame often does not update as quickly as the
selected line in the headers list, I do not immediatly realize that
something is wrong when the temporary ban happens, especially since this
does not create the error message display.

All this is just intended as information that might help you tune the
rate limiting.

Thanks,
Erik

¹ Andrew G. Malis sent a helpful comment regarding this, I'll write an
  answer shortly.