Running Mailman 2.1.15 on CentOS 7. 

In the last week or so I started getting bogus subscription attempts. 
The attempts are seen in /var/log/httpd/ssl_access.log:
> 66.78.5.8 - - [27/May/2021:22:46:06 -1000] "POST  /mailman//subscribe/mailman 
> HTTP/1.1" 200 1171 "-" "axios/0.19.2"
> 67.203.60.115 - - [27/May/2021:22:51:15 -1000] "POST 
> /mailman//subscribe/mylist HTTP/1.1" 200 1164 "-" "axios/0.19.2"
> 173.46.92.221 - - [27/May/2021:22:51:15 -1000] "POST /mailman//subscribe/ott 
> HTTP/1.1" 200 1143 "-" "axios/0.19.2"
> 185.206.222.31 - - [27/May/2021:22:51:15 -1000] "POST 
> /mailman//subscribe/sundayjammers HTTP/1.1" 200 1213 "-" "axios/0.19.2"
> 185.206.222.85 - - [27/May/2021:22:51:36 -1000] "POST /mailman//subscribe/ott 
> HTTP/1.1" 200 1143 "-" "axios/0.19.2"
> 67.207.184.138 - - [27/May/2021:22:51:37 -1000] "POST 
> /mailman//subscribe/cdh_board HTTP/1.1" 200 1185 "-" "axios/0.19.2"
> 173.211.37.87 - - [27/May/2021:22:51:37 -1000] "POST /mailman//subscribe/test 
> HTTP/1.1" 200 1150 "-" "axios/0.19.2"

My attempt to block these does not appear to be working.  Suggestions
please?

> RewriteEngine on
> RewriteCond %{REQUEST_METHOD} POST
> RewriteCond "%{HTTP_USER_AGENT}" "^axios"
> RewriteRule ^/mailman//subscribe/ - [F]
------------------------------------------------------
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
    https://mail.python.org/archives/list/mailman-users@python.org/

Reply via email to