2024-08-27: Throttling Protections#

Melissa Implementing Throttling Protections Advisory#

Melissa is implementing new throttling protections for all of our web service applications. In today’s increasingly digital environment, Melissa proactively looks for threats and weaknesses in our infrastructure to mitigate them before they become an issue for our clients.

Why are you implementing throttling?#

The purpose of throttling is to prevent one user from adversely impacting other users. With trillions of records processed, we have multiple situations that present a danger to the stability and usability of our servers. They include:

  • DDOS type attacks

  • Compromised accounts trying to overwhelm our system

  • Users flooding requests by accident or on purpose

Will I be affected?#

Our goal is to build in protection against unwanted and unexpected flood of traffic. We expect regular use of our services to not be affected by these throttling protections.

However, if it is possible for your system to send a large number of simultaneous records in a very short period of time, then throttling is a possibility.

How do I know I am being throttled?#

Throttled users will begin to see “429” errors appear in the response headers:

../../_images/advisory-20240827-throttling-protections-01.jpg

The throttling mechanism performs a check every second to ensure that you are currently not going over the allowed rate limits.

How should I prepare for this?#

Throttling is a common concept for many web services and most users should already have a plan in place if they use these types of web services. We recommend your application can handle the situation where an HTTP “429” error is returned:

  • If a “429” error is returned, please wait a second and re-send.

  • If a “429” error is returned multiple times, scale down the speed you are sending records to our services.

For more in-depth recommendations, we recommend reviewing Best Practices: Handling for Web Service Throttling.

What is the maximum rate I can send records?#

Our throttling mechanism is designed to provide stability to our servers. Outside factors can affect our throttling numbers. As we increase capacity, our throttling rate increases to match. Additionally, we take into account the type of user you are (for example: An enterprise user vs. a low volume user) to determine if your usage rate is in line with expectations. Due to this, we cannot provide an exact number at which the throttling will happen.

Our general guidelines are:

Type of User

Allowed Throughput Rate

Yearly Max Volume

Pay as you go (Credit) user

~5 Records/Sec

~158 million

Self Service Subscription

~12 Records/Sec

~380 million

Business Subscription

~50 Records/Sec

~1.5 billion

Enterprise Subscription

~100 Records/Sec

~3 billion

These numbers are subject to change. If you anticipate the need for more than ~100 records per second (3 billion records per year), please contact your sales representative to make arrangements.

When will throttling take effect?#

We will start rolling out throttling on the week of January 13th, 2025. We expect that almost all of our customers would not notice any effects. In the case where you are submitting a high volume in a short time period, please contact Melissa so that we can make sure your service experience remains smooth and effective.

This advisory page will continue to have the latest information about Throttling.

If you have any questions or concerns, please contact Tech Support at tech@melissa.com or call 1 (800) 800-6245 x4.

Thank you,

The Melissa Team