2024-08-27: Throttling Protections#

Melissa Implementing Throttling Protections Advisory#

Melissa is implementing new throttling protections for all of our web service applications. In today’s increasingly digital environment, Melissa proactively looks for threats and weaknesses in our infrastructure to mitigate them before they become an issue for our clients.

Why are you implementing throttling?#

The purpose of throttling is to prevent one user from adversely impacting other users. With trillions of records processed, we have multiple situations that present a danger to the stability and usability of our servers. They include:

  • DDOS type attacks

  • Compromised accounts trying to overwhelm our system

  • Users flooding requests by accident or on purpose

Will I be affected?#

Our goal is to build in protection against unwanted and unexpected flood of traffic. We expect regular use of our services to not be affected by these throttling protections.

However, if it is possible for your system to send a large number of simultaneous records in a very short period of time, then throttling is a possibility.

How do I know I am being throttled?#

Throttled users will begin to see “429” errors appear in the response headers:

../../_images/advisory-20240827-throttling-protections-01.jpg

The throttling mechanism performs a check every second to ensure that you are currently not going over the allowed rate limits.

How should I prepare for this?#

Throttling is a common concept for many web services and most users should already have a plan in place if they use these types of web services. We recommend your application can handle the situation where an HTTP “429” error is returned:

  • If a “429” error is returned, please wait a second and re-send.

  • If a “429” error is returned multiple times, scale down the speed you are sending records to our services.

What is the maximum rate I can send records?#

Our throttling mechanism is designed to provide stability to our servers. Outside factors can affect our throttling numbers. As we increase capacity, our throttling rate increases to match. Additionally, we take into account the type of user you are (for example: An enterprise user vs. a low volume user) to determine if your usage rate is in line with expectations. Due to this, we cannot provide an exact number at which the throttling will happen.

Our general guidelines are:

Type of User

Allowed Throughput Rate

Yearly Max Volume

Pay as you go (Credit) user

~5 Records/Sec

~158 million

Self Service Subscription

~12 Records/Sec

~380 million

Standard Subscription

~50 Records/Sec

~1.5 billion

Enterprise Subscription

~100 Records/Sec

~3 billion

These numbers are subject to change. If you have any questions or concerns, please contact Tech Support at tech@melissa.com or call 1 (800) 800-6245 x4.

Thank you,

The Melissa Team