On 05/09/2014 12:12 PM, Bill Christensen wrote:
>
> Is there a way that I can just have it affect this one problematic
> list? If I change the name of cgi-bin/subscribe and any references to
> it (at least until the next update), do you think that will make a
> difference?
It seems to me the easiest way to do this is to apply the attached patch
to Mailman/Cgi/subscribe.py. Change problem_list to the actual list name
and if you don't want the logging, remove the syslog line.
But as others have suggested, look at your web server logs (or the
subscribe confirmation emails) to get the IP address(es) that are
submitting them. If they all come from a single IP or netblock, block
that with iptables or whatever firewall you have.
--
Mark Sapiro <m...@msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
--- subscribe.py 2014-05-09 12:30:58.295498380 -0700
+++ subscribex.py 2014-05-09 13:03:34.567535107 -0700
@@ -54,6 +54,15 @@
return
listname = parts[0].lower()
+ if listname = 'problem_list':
+ safelistname = Utils.websafe(listname)
+ doc.AddItem(Header(2, _("Error")))
+ doc.AddItem(Bold(_('Web subscribe not allowed
<em>%(safelistname)s</em>')))
+ # Send this with a 403 status.
+ print 'Status: 403 Forbidden'
+ print doc.Format()
+ syslog('vette', 'subscribe: Forbidden list "%s": %s\n', listname, e)
+ return
try:
mlist = MailList.MailList(listname, lock=0)
except Errors.MMListError, e:
------------------------------------------------------
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
