Resilience refers to the Merce Broadside system's ability to continue functioning and delivering results in the face of partial failure of some components or external obstacles with remote mail servers. Availability refers to the measures built into the system to minimise chances of system failure.
RBL monitoring and alerting. Merce Broadside actively monitors a list of Internet-based black-lists and alerts administrators if any of its own IP addresses are detected in any black list. These black lists identify email-sending servers which are either insecure or have been detected to be sending objectionable messages like spam, malware, etc. By monitoring these black lists actively, Merce Broadside ensures that its own capacity to send out messages is never compromised. Human intervention is often required to remove a black-list entry for an IP address, but in the meantime, Merce Broadside disables the offending transmitter and reroutes traffic through other transmitters, thus minimising impact on transmitting effectiveness.
Resilience against remote server malfunction. Merce Broadside guards against slow or misbehaving remote servers by streaming messages out in multiple independent parallel queues. This is often necessary because a single misbehaving remote server can result in thousands of messages piling up in the Merce Broadside queues. By streaming data out in parallel queues, one or two queues slowing down will not affect overall throughput.
Automatic IP address exposure spreading. Merce Broadside automatically distributes its mail transmission across many public IP addresses, thereby mitigating the threat from any one IP address being accidentally black-listed. Each transmitter in a Merce Broadside system has a unique IP address, and the load distribution across transmitters results in the outgoing traffic emanating from a set of IP addresses. This reduces chances of rate throttling at the recipient end, reduces likelihood of black-listing of a specific IP address affecting the overall mail flow, and increases overall reliability. A Merce Broadside installation can operate with more than 1,000 transmitter processes with their respective IP addresses.
Resilience against DoS attacks. Merce Broadside uses a variety of techniques to block DoS attacks from the Internet, including rate throttling, spam filtering, source reputation checks, etc. These DoS attacks become likely because the Merce Broadside system is the designated mail exchange server for the domains from which it sends out email, in order to receive and process bounce messages. The sophisticated spam filters implemented within Merce Broadside borrow technology from our renowned Merce MailGate perimeter message security product, and this technology blocks more than 80% spams without the need for content inspection. This conserves bandwidth in the face of a spam assault and minimises chances of a processing power overload.
Real-time health monitoring. Merce Broadside comes with a built-in instance of Merce Insight which monitors generic as well as Broadside-specific health parameters in real time. Broadside-specific health parameters include the health of the transmitters, the depths of the outbound mail queues, and the throughput of each component of the system. The essence of a high performance system like Merce Broadside is the elimination of bottlenecks and maintenance of a low-latency email flow pipe. Real-time health monitoring ensures this.
Rate throttling for incoming messages. Incoming messages to the Merce Broadside auto-responder applications are rate-throttled to ensure protection against DoS attacks. This is one of the measures used to protect against any rogue counterparty which attempts to overload an auto-responder application by constant transmission of requests to it. The processing of an auto-responder request has overheads which, if incurred in a malicious context, can degrade system performance. The rate throttling layer chokes out the requests before they can add to the Merce Broadside processing load.
DKIM (DomainKey) support. Merce Broadside implements DKIM standards (RFC 4871, 5016) for outgoing messages to enhance credibility and minimise the danger of forged emails. This mechanism signs outgoing messages which leave Merce Broadside, thus helping to assert the authenticity of the contents. Many applications of Merce Broadside involve sending content (bank account statements, etc.) whose authenticity is critical. DKIM helps to add a level of credibility in such situations, and also assists in reducing blockage by spam filters.
