On 08/06/2018 11:08 AM, Jim Popovitch via Mailman-Users wrote: > On Mon, 2018-08-06 at 05:33 -0700, Mark Sapiro wrote: > >> Anyone can request a password reminder for any address from either >> the options or private archive login pages. > > > > What's your thoughts on adding reCAPTCHA to the 2nd half of the > listinfo page in order to mitigate some of that?
At this point I have no interest. I think most "other address" password requests are either inadvertence, curiosity, or malice on the part of humans. If and when I see evidence of massive robotic reminder requests, I may rethink this, but I note that the implementation of reCAPTCHA on the web subscribe form on all Mailman 2.1 @python.org lists didn't seem to make much of a dent in the bogus web subscribes we were seeing despite the fact that the form must first be retrieved by GET and then the POST can't come too soon thereafter. -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
