Difference between revisions of "Rate limiting"

From Halon, SMTP software for hosting providers
Jump to: navigation, search
(Created page with "Rate limiting is a crucial defense method against service misuse. In SP we have implemented a global rate controlling service <tt>rated</tt>. It handles rate limiting for all ...")
 
m
Line 1: Line 1:
Rate limiting is a crucial defense method against service misuse. In SP
+
Rate limiting is a crucial defense method against service misuse. We have implemented a global rate controlling service called <tt>rated</tt>. It
we have implemented a global rate controlling service <tt>rated</tt>. It
+
handles rate limiting for all processes, based on
handles rate limiting for all processes. Rate limiting is done based on
+
an "items per time interval" algorithm. Our implementation features a sliding rate
items per time interval. Our implementation features a sliding rate
+
limit (in contrast to leaking bucket; which has a fixed output rate
limit (in contrast to eg a leaking bucket which has a fixed output rate
 
 
regardless of exactly when the rate was exceeded).
 
regardless of exactly when the rate was exceeded).
  

Revision as of 10:48, 31 October 2013

Rate limiting is a crucial defense method against service misuse. We have implemented a global rate controlling service called rated. It handles rate limiting for all processes, based on an "items per time interval" algorithm. Our implementation features a sliding rate limit (in contrast to leaking bucket; which has a fixed output rate regardless of exactly when the rate was exceeded).

Implementation

Rate limits may be "hit" using the HSL rate() function. It returns true as long as the rate() call interval is less than it's rate limit. And false when exceeded. If the count parameter is zero, the current rate is returned instead.

if (rate("failed-login:saslusername"$saslusername060) >= 3) {
    
Reject("Too many login attempts, please try later (rate limit)");
}

// test login

rate("failed-login:saslusername"$saslusername360);
Reject(); 

Clustering

Rate limits may be synchronized in the cluster and will be done so if a HMAC-SHA1 key is specified on the system settings page. The protocol is based on UDP and uses port 13131. In terms of security it may be wise to only activate this feature on LAN as the HMAC-SHA1 only serves as a packet-authenticity firewall. And does not protect against reply-attacks nor that the fact that the protocol sent its rate hits in plain-text. It may be protected by other means such as a VPN tunnel or psychical security (DMZ).

Performance

The rate limits performance is roughly O(log N + log M) and lookups are currently implemented as a std::multimap (c++).