Details

    • Sub-task
    • Status: Open
    • Major
    • Resolution: Unresolved
    • master
    • None
    • pulsar, Queue
    • None

    Description

      Currently the Pulsar MailQueue do not come up with a dead-letter policy.

      A bad JSON payload halts the processing.

      This makes the Pulsar MailQeue brittle:

      • The ability to inject a single message with a bad payload can cause an entire James cluster to come to a halt.
      • Could be seen as an attack vector
      • But also any changes to the underlying JSON schema for payloads is susceptible to cause major downtime.

      We should define a deadletter policy:

      • Given a number of failures delivery of the message would be abandonned
      • And moved to a dead-letter topic for later audit (prevent data loss)

      Attachments

        Activity

          People

            Unassigned Unassigned
            btellier Benoit Tellier
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 2h 10m
                2h 10m