Recently my pod received a couple hundred thousand comment retraction requests which caused Sidekiq retries queue filling up and excessive log usage. Together with some configuration oversights (such as no disk usage alerts set up) it brought the pod down.
While this is not a big deal for semi-personal pod this seems to be opening attack venue on just about any pod as someone can bring several rogue pods online and then craft multiple requests causing DoS.
Maybe rate limits could be introduced to make this less likely to happen? Perhaps a global limit which can be set conservatively low but then podmins can add exceptions for pods they know (e.g. well-known pods or just pods which have been hitting the limit and appear to be legitimate).