Blacklisted s2s domain still consumes outbound available threads

Description

While Openfire will properly block blacklisted domains from establishing outbound s2s connections, this block happens after a thread has been allocated. So when naughty folks attempt to send lots of packets to a blacklisted domain, <theory> Openfire can exhaust its available pool of outbound threads and cause valid traffic to hang awaiting resources to become available</theory>.

This theory appears to be happening on open_chat as when we notice MUC latencies, the server is logging lots of blocked s2s connections at the time.

Environment

None
Fixed

Assignee

Dave Cridland

Reporter

Daryl Herzmann

Labels

None

Expected Effort

None

Ignite Forum URL

None

Components

Fix versions

Affects versions

Priority

Major
Configure