Jim wrote: > >I have confirmed that one user who received the duplicate confirmation did, >indeed, have a "subscribe" in the subject and the body. > >Is there a way to protect against that behavior by the -request process? I >would expect that process to detect that the requests were within the same >email message and send only one response. Is there a reason it doesn't behave >in that manner today?
It could be done, but it is tricky. As it is, CommandRunner just processes the subject and up to DEFAULT_MAIL_COMMANDS_MAX_LINES (default 25) body lines one at a time until it gets a non-command or error except non-commands or errors in the subject are OK. If it gets a subscribe command for a member, it's an error, but if subscribe requires confirmation or approval, the subscribed address won't be a member when the second request is processed. Note that it is perfectly valid to have multiple subscribe commands in one message as each command can request subscription of a different address. So, in order to avoid accepting a second subscribe request for the same address, we could look at all the pending subscriptions and see if we have one for this address, but even then we can't just ignore this request as it might be intentional (say the confirmation email from the prior request was lost) so we'd have to make a decision based on how recent the prior request was. It seems like a lot of effort for something that occurs infrequently and does no real harm. -- Mark Sapiro <[email protected]> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list [email protected] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
