Broker needs better resilience against DoS

Migrated from https://github.com/keroserene/snowflake/issues/25