You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by "Benoit Tellier (Jira)" <se...@james.apache.org> on 2022/01/11 03:54:00 UTC
[jira] [Commented] (JAMES-3700) Dead letter policy for the Pulsar MailQueue
[ https://issues.apache.org/jira/browse/JAMES-3700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17472440#comment-17472440 ]
Benoit Tellier commented on JAMES-3700:
---------------------------------------
https://github.com/apache/james-project/pull/836 proposes two additional tests regarding the expected dead-lettering behavior
> Dead letter policy for the Pulsar MailQueue
> -------------------------------------------
>
> Key: JAMES-3700
> URL: https://issues.apache.org/jira/browse/JAMES-3700
> Project: James Server
> Issue Type: Sub-task
> Components: pulsar, Queue
> Affects Versions: master
> Reporter: Benoit Tellier
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Currently the Pulsar MailQueue do not come up with a dead-letter policy.
> A bad JSON payload halts the processing.
> This makes the Pulsar MailQeue brittle:
> - The ability to inject a single message with a bad payload can cause an entire James cluster to come to a halt.
> - Could be seen as an attack vector
> - But also any changes to the underlying JSON schema for payloads is susceptible to cause major downtime.
> We should define a deadletter policy:
> - Given a number of failures delivery of the message would be abandonned
> - And moved to a dead-letter topic for later audit (prevent data loss)
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org