[ https://issues.apache.org/jira/browse/JAMES-3700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17514538#comment-17514538 ]
Benoit Tellier commented on JAMES-3700: --------------------------------------- Hi, We *could* define schemas. We *must* have a dead letter policy, and not crash the consumer on poisoned messages. Note that schemas also don't guaranty that consumer won't crash on a given message. Having schemas in place still require us to handle errors and set up dead-lettering. Note that Jean warned "The schema way is really neat but I feel a small word of warning is required.". Please review his comment, concerns are clearly well expressed. For the time being I would not necessarily try to set schema up but rather implement error handling + dead lettering. > Dead letter policy for the Pulsar MailQueue > ------------------------------------------- > > Key: JAMES-3700 > URL: https://issues.apache.org/jira/browse/JAMES-3700 > Project: James Server > Issue Type: Sub-task > Components: pulsar, Queue > Affects Versions: master > Reporter: Benoit Tellier > Priority: Major > Time Spent: 1h 20m > Remaining Estimate: 0h > > Currently the Pulsar MailQueue do not come up with a dead-letter policy. > A bad JSON payload halts the processing. > This makes the Pulsar MailQeue brittle: > - The ability to inject a single message with a bad payload can cause an > entire James cluster to come to a halt. > - Could be seen as an attack vector > - But also any changes to the underlying JSON schema for payloads is > susceptible to cause major downtime. > We should define a deadletter policy: > - Given a number of failures delivery of the message would be abandonned > - And moved to a dead-letter topic for later audit (prevent data loss) -- This message was sent by Atlassian Jira (v8.20.1#820001) --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org