Karl Berry writes:
I'm surprised Mark hasn't chimed in, maybe he's out on a boat catching
salmon. Don't know when he'll be back, so here's what little I can
say.
> 1) The above mailman-users thread refers to using fail2ban.
The set in
I was just hit with a subscription flood, along the lines of
https://mail.python.org/pipermail/mailman-users/2014-May/076880.html
https://bugs.launchpad.net/mailman/+bug/1082746
I've mitigated the current attack, but it's happened before and will
happen again. I'm already using
Thanks.
Running the patch I got:
patching file /path/to/mailman/Mailman/Cgi/subscribe.py
patch unexpectedly ends in middle of line
Hunk #1 succeeded at 53 with fuzz 1 (offset -1 lines).
(with the actual path in there)
When trying to run a subscription I got the We hit a bug error.
Error log
On 05/14/2014 08:20 AM, Bill Christensen wrote:
Thanks.
Running the patch I got:
patching file /path/to/mailman/Mailman/Cgi/subscribe.py
patch unexpectedly ends in middle of line
Hunk #1 succeeded at 53 with fuzz 1 (offset -1 lines).
(with the actual path in there)
The patch got
On 5/14/14 10:35 AM, Mark Sapiro wrote:
Sorry, that's my mistake. It should be if listname == 'problem_list':
i.e., ==, not =.
Comparing subscribe.py with subscribe.py.bak, it appears that it's in there
as written.
I was wondering about that.
Thanks. Now the problem_list is disallowed from
I've got a problem with one of my lists where it's being flooded with
spurious subscription requests... from the same address...
Perhaps obvious, and perhaps in the FAQ Mark linked, but this sounds like a job
for ipfw to me.
I regularly get spambot subscription requests, and they go right in
On 05/14/2014 10:42 AM, Bill Christensen wrote:
The problem_list gets we hit a bug, but since I've taken the
subscription form off the listinfo page the only ones who will get that
are the spammers.
It shouldn't get that. There is still something wrong with the patch or
its application. If
Here you go:
admin(38814): [- Traceback --]
admin(38814): Traceback (most recent call last):
admin(38814): File /opt/local/share/mailman/
scripts/driver, line 112, in run_main
admin(38814): main()
admin(38814): File /opt/local/share/mailman/Mailman/Cgi/subscribe.py,
line 63, in
On 05/14/2014 07:58 PM, Bill Christensen wrote:
Here you go:
admin(38814): [- Traceback --]
admin(38814): Traceback (most recent call last):
admin(38814): File /opt/local/share/mailman/
scripts/driver, line 112, in run_main
admin(38814): main()
admin(38814): File
That did the trick.
Thanks again.
On Wed, May 14, 2014 at 11:39 PM, Mark Sapiro m...@msapiro.net wrote:
On 05/14/2014 07:58 PM, Bill Christensen wrote:
Here you go:
admin(38814): [- Traceback --]
admin(38814): Traceback (most recent call last):
admin(38814): File
I finally got a chance to look over the logs today; this is a widely
distributed attack, so address blocking is probably futile.
Sorry to be dense, but how do I apply that patch?
Thanks
On Fri, May 9, 2014 at 3:19 PM, Mark Sapiro m...@msapiro.net wrote:
On 05/09/2014 12:12 PM, Bill
At Tue, 13 May 2014 14:54:26 -0500 Bill Christensen
billc_li...@greenbuilder.com wrote:
I finally got a chance to look over the logs today; this is a widely
distributed attack, so address blocking is probably futile.
How widely? It *could* be a /16 subnet (eg distributed over 2^^16
Very wide. Vietnam, China, New York, France just at a quick look.
I'm looking into fail2ban now. Thanks to those of you who have mentioned
it.
On Tue, May 13, 2014 at 3:12 PM, Robert Heller hel...@deepsoft.com wrote:
At Tue, 13 May 2014 14:54:26 -0500 Bill Christensen
On 05/13/2014 12:54 PM, Bill Christensen wrote:
Sorry to be dense, but how do I apply that patch?
1)Save the patch to a file.
2)Edit the file with an editor that won't change indentation or wrap or
fill lines, i.e. a text editor, not a word processor, and change
problem_list in the line
+
On 5/8/14 12:02 PM, Mark Sapiro wrote:
On 05/08/2014 09:31 AM, Bill Christensen wrote:
Question 1: Is it possible to reverse the order of approval and
confirmation when requiring both? The admin then can reject all those
with duplicates, only allowing the (presumably real) single subscription
On 05/09/2014 10:46 AM, Bill Christensen wrote:
I temporarily removed the signup form from the listinfo page in hopes of
stemming the tide, and replaced it with a request to use the site's
contact form so that we can manually add interested subscribers. I
purposely don't have a subscribe
Mark Sapiro writes:
They probably aren't using the subscribe form on the listinfo page but
rather posting the data directly to the subscribe CGI. Try moving
mailman's cgi-bin/subscribe aside to totally disable web subscribe.
Yeah, this seems like a different attack from the last one I
On 5/9/14 1:25 PM, Mark Sapiro wrote:
On 05/09/2014 10:46 AM, Bill Christensen wrote:
I temporarily removed the signup form from the listinfo page in hopes of
stemming the tide, and replaced it with a request to use the site's
contact form so that we can manually add interested subscribers. I
At Fri, 09 May 2014 14:12:57 -0500 Bill Christensen
billc_li...@greenbuilder.com wrote:
On 5/9/14 1:25 PM, Mark Sapiro wrote:
On 05/09/2014 10:46 AM, Bill Christensen wrote:
I temporarily removed the signup form from the listinfo page in hopes of
stemming the tide, and replaced it with
At Fri, 09 May 2014 12:46:42 -0500 Bill Christensen
billc_li...@greenbuilder.com wrote:
On 5/8/14 12:02 PM, Mark Sapiro wrote:
On 05/08/2014 09:31 AM, Bill Christensen wrote:
Question 1: Is it possible to reverse the order of approval and
confirmation when requiring both? The admin
On 05/09/2014 12:12 PM, Bill Christensen wrote:
Is there a way that I can just have it affect this one problematic
list? If I change the name of cgi-bin/subscribe and any references to
it (at least until the next update), do you think that will make a
difference?
It seems to me the
Hi all,
I've got a problem with one of my lists where it's being flooded with
spurious subscription requests.
The list was set to require subscription confirmation; the innocent
victims whose addresses were used for the subscription requests started
complaining, as they'd get anywhere from
On 05/08/2014 09:31 AM, Bill Christensen wrote:
Question 1: Is it possible to reverse the order of approval and
confirmation when requiring both? The admin then can reject all those
with duplicates, only allowing the (presumably real) single subscription
requests to send out a confirmation
On Thu, May 08, 2014 at 11:31:14AM -0500, Bill Christensen wrote:
I've got a problem with one of my lists where it's being flooded
with spurious subscription requests.
[…]
About 12 hrs ago I switched it to require Admin approval. 500+
subscription requests - mostly in batches of 5-10 from
24 matches
Mail list logo