On Fri, 2006-08-04 at 09:28 +0200, Lionel Elie Mamane wrote: > >> How does it try to achieve that? > > > On a per-list basis, it prevents the same email address from > > attempting to subscribe more than once. It does this by checking the > > request pickle and the confirmations pickle for the list and > > searching them for the email being submitted. If it finds that the > > email already has a pending-approval subscription or a to-be > > confirmed subscription, then it discards the subscription attempt > > and logs a message containing the list name, the email and the IP > > address the HTTP request was sent from. > > What if a legitimate user doesn't get the first subscription > confirmation message, e.g. due to a transitory problem in his mail > system, a false positive of an anti-spam check, ...?
That is a problem, in which case, the confirmation will expire and eventually they will retry, hopefully getting the mail this time. The main reason this patch was developed was for lists that only require list admin approval, where the list admin was getting spammed with hundreds of "please approve [EMAIL PROTECTED]" messages. IIRC, there was evidence that on the confirmation lists, [EMAIL PROTECTED] was getting many many emails. -- bye, pabs http://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
