[Tools-discuss] Re: Too aggressive rate limiting for mailinglist web archives inhibits normal use

Robert Sparks <rjsparks@nostrum.com> Fri, 30 August 2024 16:35 UTC

Return-Path: <rjsparks@nostrum.com>
X-Original-To: tools-discuss@ietfa.amsl.com
Delivered-To: tools-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36012C14F6AA for <tools-discuss@ietfa.amsl.com>; Fri, 30 Aug 2024 09:35:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.088
X-Spam-Level:
X-Spam-Status: No, score=-2.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nostrum.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LHIAquA-ULlv for <tools-discuss@ietfa.amsl.com>; Fri, 30 Aug 2024 09:35:15 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 94F21C14F5E0 for <tools-discuss@ietf.org>; Fri, 30 Aug 2024 09:35:15 -0700 (PDT)
Received: from [192.168.1.102] ([47.186.48.51]) (authenticated bits=0) by nostrum.com (8.18.1/8.18.1) with ESMTPSA id 47UGZDhN024147 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Fri, 30 Aug 2024 11:35:14 -0500 (CDT) (envelope-from rjsparks@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1725035714; bh=fHQWK8ghNsVJPU1ZObBLk9f/RSxc5OCYm0PHTqEwxuA=; h=Date:Subject:From:To:References:In-Reply-To; b=PgCIzo+FhRS4J71HgcHZ4l5vuDzZqrez2lLHZNc4oqlOZasB72m7Og8xK6bDPcN/o jkHh+oORrrCQjRYiKrHbb3ctQVGg6DSppDYdjCAF87dDzBTp37w7jgfPkXUSXh5ffA Re3nvUImtJf7C71s89hpTkNGK/riQm7rS+f/rT9A=
X-Authentication-Warning: raven.nostrum.com: Host [47.186.48.51] claimed to be [192.168.1.102]
Message-ID: <7b123c23-d53a-4d02-8726-d572d6667a07@nostrum.com>
Date: Fri, 30 Aug 2024 11:35:08 -0500
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
From: Robert Sparks <rjsparks@nostrum.com>
To: Erik Auerswald <auerswal@unix-ag.uni-kl.de>, tools-discuss@ietf.org
References: <20240830161528.GA31792@unix-ag.uni-kl.de> <9c9f9ed5-a6b3-4c78-9ec2-a5448b1793a1@nostrum.com>
Content-Language: en-US
Autocrypt: addr=rjsparks@nostrum.com; keydata= xsDNBFx4PQwBDADIIJqFKIeYNmVR3iH8YnNqwApV+ci83VqFaPg0UXZAZ1utH/2O2LOLJKmV Ol11+lOSfH4OJgpARt37PWbqfG2TzzGfEucRBPMAV8TEDmzKL+7/OUMLEoPeexgxz6ADxK2Q ACKKzHhF30y4fx2fn9rYZrCvYHV9HDKcfFotNLna0U6P6wu70L0mT2hcjQgZ7+8HSZCpK2XG PTya1mEiMklH6+UHfcTLoAxd3chQiseRi19/TQZZCD3LuuaGFWyTIeF9ZNWV9yL0HQeb/XMs tmZnObSSHSUbZwn5PR9Uf+3iW7jdG5JuXBvNbDpAHfLyPXRqxErM/nCLrbwGB6AgNSKFCwkL lb3uxsGFWcOt6sedrjixoVUO2k4zQWVnCUCwFHGrgIxUK24dI8oqydGPctXAKj5VqoCVJBv6 4JxSpiR+V8fl3A8gksBUnuIMLNlRjB5RAgZaSUpaOkXsWUBA8Z75wQWoIzkJIeMm29w2l1kB B9kGMdyiXGr2JV8VQZ4lAscAEQEAAc0kUm9iZXJ0IFNwYXJrcyA8cmpzcGFya3NAbm9zdHJ1 bS5jb20+wsEUBBMBCAA+FiEEGNywdGDCHUYBwWN3bipqV3X5ExgFAmXhDnYCGwMFCQ0rmNQF CwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQbipqV3X5ExiEpwwAknrYjNHDI2l50IC1lpQB SnmCLvuu4pEESpRaBx1Te7vZBHr740dMbKQv/ZYYekw/NfFfoq2Ptguz5BXHwtyx3hKKjBUA U/rP62bl+x77yTJ0+I5k2hJ1p1DWNqXHWK3SEM0IUvjWpMGlfXPu7iVYCBGPKBDglQ4GWpzU HmSAX/8Zww6+ZbrXM0VgA+hLSHivyHextX4mJwoLRcuY99ecvkdWwFnKoDlEsKozdv9NW+QT h1rFvAtXf2ZCGwIveAMJPbHbRY3uFVp+oMvBbP7m5teffB8Ki5kuO1Y1Wqd9UPhiVDZmUuyC PXymQErskbOB6DcNSSFH7ZHuLM4V+zyziYWTT6foBv0ynA+a3Ofxo+rKPVHLybZlO9bQcI0Q TIE8yT0oqd3kWMaMIyrKZURVUpzcDgRnx6ujckLLyAC1H8L0tuntPwZOo5PAq3P7SUiWlc0L 5HbA0L//BE6eeWn6U3xOgaJNF2+YRVICNtWpXcR3Mr4k1uXW4JkE7lyoufbnzsDNBFx4PQwB DAC03e1kk41e9Z9FuVW8UKWIkVUBeH3gfJMsb94d/c0cqBMRw5rulSY7+U76rw4AXo792LZn ydjDfoL0GQxGqkrZh397Sn9P/sLCb5I+wC14251nkmh5tmU2sQqCk+g9nykcE/NJft/zFkeb HHCKAosK6glO+W0YPHc/k7nXt/fLz7dMRpFpmqFXWjeN2VtwKr9znMg9+iX6XfgAJPMdDNH8 fn30Cp5TIsn5WCI70+JztgvfjFhD15Eb3rtDdOfOydjGCV2ZVxfM8ECmc8Z3DrThyiC2M3uo 2Y50rs6MH+TmVCtpHkISnH7B+80Vy2SC60K9l2xgCaezN1SlkQy3ZpprzcDrNTI8FcJa/UUM ayMGvSDGEGuHZRaNUyXP3jQ8oss+067axmNr5vgjpf01kmE1RJtiGEDWmCr8u1SbVQjdax6C pDqq3RKoX2ZVGLtkdDYZbsqSq4TgmFukoijWRbLxsFBdeEgruTViWRw4PKZav0piLxrhHUGI m6F6JFngapUAEQEAAcLA/AQYAQgAJhYhBBjcsHRgwh1GAcFjd24qald1+RMYBQJl4Q52AhsM BQkNK5jUAAoJEG4qald1+RMYaCML/jp+3W9OedMRVk5XQ3Urxu7g09qaeAfBAArLlE7F13Xt WuGUN7JwZ8hZt8Rsx1+Uz/Zq2TIPjl8PmgIqCSkuvZrxacr+drYARtO00Af71qHVoh4gZTae iOwEuOGhhtCVI3vvKLMDv1ex0scvD4rJTsIk/zqEDCJNDVOf09Szj0CW0vJOYxrIV0sG/UoM 7Ui5/eB4tlN5AFIXuTJzo6BzaUAJVut74Ss2i93qwtwjGw44iEqPVhqKMCDYuB9+bm13ft+H Vr7viRZobd+60NTWrfZhkpmzhb4Qiib9qXhrUoa2EXqVOIy+LMQoiwjF9/iK+5FSA18c52FP ODkDgkica826W9AnBasS6gXQr0bO1BCJu84Fp2RQcjB4IFP+sKVoN3EZTByyUKK4NnSLF3lJ /G+vQhisnuJS+e+emZ8UxZBOK8upAhrhHJj0Wju2W0uTQTxlBME0/uNsvA/KaudLNhlQiUYN 7Fl3rswvQk/iD+utnQdWJbRgIsqesNXbQCOimQ==
In-Reply-To: <9c9f9ed5-a6b3-4c78-9ec2-a5448b1793a1@nostrum.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Message-ID-Hash: BA4GTZKMYYYMBIL7AFRMNQNBTIKW4OYK
X-Message-ID-Hash: BA4GTZKMYYYMBIL7AFRMNQNBTIKW4OYK
X-MailFrom: rjsparks@nostrum.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tools-discuss.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Tools-discuss] Re: Too aggressive rate limiting for mailinglist web archives inhibits normal use
List-Id: IETF Tools Discussion <tools-discuss.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tools-discuss/zeTeD0PLKX_1sFbgRCa6hmWV_jM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tools-discuss>
List-Help: <mailto:tools-discuss-request@ietf.org?subject=help>
List-Owner: <mailto:tools-discuss-owner@ietf.org>
List-Post: <mailto:tools-discuss@ietf.org>
List-Subscribe: <mailto:tools-discuss-join@ietf.org>
List-Unsubscribe: <mailto:tools-discuss-leave@ietf.org>

Also, if you log in, it makes it easier for us to separate your traffic 
from the bots.

RjS

On 8/30/24 11:29 AM, Robert Sparks wrote:
> Thanks Erik -
>
> We're tuning to deal with a _massive_ botnet attack on mailarchive 
> that's well enough constructed to be difficult to separate from 
> traffic like yours. We'll adjust.
>
> RjS
>
> On 8/30/24 11:15 AM, Erik Auerswald wrote:
>> Hi,
>>
>> I have been reading IETF mailing lists via the web archive for quite 
>> some
>> time now.  Since today, I experience problems created by too restrictive
>> rate limiting.  Skimming over the subjects of the emails from the last
>> few days of a list with a spurt of activity triggers the rate limit.
>>
>> This skimming uses the keyboard, i.e., I press cursor down to look at
>> the next email subject.  This automatically loads the email body as 
>> well,
>> even if I do not intend to read it.  Using the mouse to hit the 
>> invisible
>> scroll bar of the small (only 4 messages) window is quite hard for me
>> and thus not an acceptable UI.  Using the keyboard for navigation seems
>> to be the intended UI for actual use by most.
>>
>> The rate limiting shows as an addition of many "Show header" links in
>> the body of the selected email on every key press.  Only a reload of
>> the web page provides the actual error message:
>>
>>       Error 1015
>>       You are being rate limited
>>
>>       What happened?
>>       The owner of this website (mailarchive.ietf.org) has banned you
>>       temporarily from accessing this website.
>>
>>       [...]
>>
>>       [...] Performance & security by Cloudflare
>>
>> Please consider increasing the rate limit to allow normal interactive 
>> use.
>>
>> Please also consider reporting the actual rate limit and the duration
>> of the ban as part of the error message.
>>
>> Please also consider reporting the error message during normal 
>> interactive
>> use of the web page instead of only after reloading the page.
>>
>> Thanks,
>> Erik
>>
>> -----------------------------------------------
>> Tools-discuss mailing list -- tools-discuss@ietf.org
>> To unsubscribe send an email to tools-discuss-leave@ietf.org
>> https://mailarchive.ietf.org/arch/browse/tools-discuss/
>
> -----------------------------------------------
> Tools-discuss mailing list -- tools-discuss@ietf.org
> To unsubscribe send an email to tools-discuss-leave@ietf.org
> https://mailarchive.ietf.org/arch/browse/tools-discuss/