I was just hit with a subscription flood, along the lines of https://mail.python.org/pipermail/mailman-users/2014-May/076880.html https://bugs.launchpad.net/mailman/+bug/1082746
I've mitigated the current attack, but it's happened before and will happen again. I'm already using SUBSCRIBE_FORM_SECRET. I also saw Mark's patch in the thread above to disable subscriptions for a particular list, which is helpful. Still, trying to look ahead, I have two further questions: 1) The above mailman-users thread refers to using fail2ban. This sounds sensible. Does anyone have a a working fail2ban filter they can share for this? I'd rather not write one from scratch; my previous attempts at doing so have been rather uneven. (Not the easiest thing to search for, since fail2ban itself uses mailman for its mailing lists, it seems. I couldn't find anything, at any rate.) 2) At least in my cases, the floods try to subscribe the same address over and over (and over and ...). It occurs to me that mailman could silently discard a request to subscribe an address f...@bar.com if f...@bar.com already has a pending subscription -- that is, not sending out the confirmation request. Would this be doable? Mark, anyone? Although I realize that has downsides, for myself at least I'd prefer to minimize the backscatter pain for the random targeted addresses. Real people who are failing to subscribe can write the owner. Thanks in advance, Karl ------------------------------------------------------ Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
