baknu
commented
2 years ago Open gthess opened 5 years ago
baknu
commented
2 years ago baknu
commented
2 years ago It might also help to slow down the rate when a domain is retested within a given timeframe (e.g. 5 minutes).
mxsasha
commented
2 years ago It might also help to slow down the rate when a domain is retested within a given timeframe (e.g. 5 minutes).
I did see we already do some caching for repeat scans for the same mail server, which makes sense as many domains use the same small set of servers and we don't need to retest for every domain.
baknu
commented
2 years ago I did see we already do some caching for repeat scans for the same mail server, which makes sense as many domains use the same small set of servers and we don't need to retest for every domain.
Yes, that's right (see also #171). I am sure we use MX result caching on batch. However, I am not sure if we also use that on the single scan version. Furthermore, MX result caching can still be improved (see #670).
mxsasha
commented
1 year ago However, I am not sure if we also use that on the single scan version. Furthermore, MX result caching can still be improved (see #670).
I checked, we do.
mxsasha
commented
1 year ago Moving this off 1.8 for now, but to summarise, there are three fundamental approaches:
bwbroersma
commented
6 months ago Related:
After new TLS implementation, recheck if there are more/less rate limit problems.
For the STARTTLS test some mailservers use strict ratelimits on the number and the rate of connections used when testing.
The current tests are run in series to avoid the limit on concurrent connections. However stricter limits on the rate of connections were observed at roughly 2 allowed connections per minute. The only way to circumvent that in the future is to try the different STARTTLS tests with a pool of IP addresses.