We have succesfully relied upon the x_duplicate_window value being
passed to block users who attempt to submit multiple transactions in a
short amount of time. This worked well for several years, until recently
when the value seems to now be ignored....