Hello all, I have a issue where I am getting a high amount of subscriptions on mailman using the web form.
I found that a option had been added to mailman (SUBSCRIBE_FORM_SECRET). I have added this to my configuration but am still getting large amount of spam subscriptions. The addresses all tend to be in similar format, user+al...@gmail.com (e.g. knuckles9048+51770...@gmail.com). For experiment, I blocked email subscriptions to a mailing, to see if the requests are coming from mail or web form. knuckles9048+51770...@gmail.com Tue Sep 1 14:14:50 2015 knuckles9048+14145...@gmail.com Tue Sep 1 23:06:45 2015 Also 2 for another list (different users). So, now we know that web form is the attack vector. What can I do to get this under control? I am running postfix + spamd. Thanks! Ben ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
