Hello everyone, v9.4.0 Beta 1 is out.
Download and Install:
http://dadamailproject.com/support/documentation-9_4_0-beta1/install_dada_mail.pod.html
(Pro Dada versions are available)
This version has the new Rate Limiting feature built in. Seems to work really well! Now that it’s a part of the app, seems a little naked to run without it. Rate Limiting is currently enabled by default, and also has settings that can be customized in the installer. I’d love to get some more real-world feedback in seeing if the feature is working at all/as intended. I’m running it myself and seems to work well. It’s one of those, “Behind the scenes” features though, so nothing out of the ordinary seems to be different, unless something is terribly wrong!
Here’s what you need to know:
Rate Limiting
When enabled, rate limiting keeps track of the requests of certain features in Dada Mail – features like trying to log into the list control panel, or subscribing to a mailing list. Dada Mail keeps track of these requests by IP Address and can be configured to have a maximum amount of requests per timeframe. If more than the maximum amount of requests are made within the timeframe, the rate limit is said to be exceeded, and further requests will be denied.
This feature is especially important in any feature that involves filling out a form, then having that feature send out an email, like a subscription confirmation. Potentially nefarious bots may be filling out your subscription form quite blindly, with various bogus email addresses, causing all this unneeded email to be sent, then bounced back. If you’re using a third party email sending service, like Amazon SES, this out of control behavior could potentially lead to problems with you not following their Terms of Service.
Although rate limiting in Dada Mail was first implemented for the above scenario, it’s used in many other places:
• Running the Cronjob Schedule
• Subscription by the classic subscription form
• Subscription via the RESTful API
• Subscription and Unsubscription Confirmation via the token URL (or any URL with a token in it)
• Logging in and out
• Encrypting a password
• Requesting to download a file attachment
• Profile activation/registering/resetting password/login and out
• Accessing the list control panel login screen
Enable Rate Limiting
Check this option to enable Rate Limiting. Enabled by default
Timeframe (in minutes):
Timeframe is the amount of time a number of requests for a certain feature/function can be made
Max Hits
Max Hits are the amount of requests for a certain feature/function that may be done in the Timeframe set above.
If more requests than the Max Hits happens within the Timeframe, the feature/function will be inaccessible, until the number of requests is below the Max Hits threshold. Any other feature mentioned will still be available to the user, and any other users of the app will not be affected (unless of course they’re being tied to that same IP Address)
Config Variable:
$RATE_LIMITING .
That’s it! Give it a try,