On Fri, 2006-08-04 at 08:54 +0200, Lionel Elie Mamane wrote: > > Please apply the attached patch which prevents extra subscription > > spam. > > How does it try to achieve that? Does it rate-throttle the > subscriptions attempts for a particular email? Does it allow for an > initial burst, for when a legitimate user has email interoperability > problems? Does it simply discard subscription requests if an unexpired > cookie exists for the same address?
On a per-list basis, it prevents the same email address from attempting to subscribe more than once. It does this by checking the request pickle and the confirmations pickle for the list and searching them for the email being submitted. If it finds that the email already has a pending-approval subscription or a to-be confirmed subscription, then it discards the subscription attempt and logs a message containing the list name, the email and the IP address the HTTP request was sent from. -- bye, pabs http://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
