I received three unsubscribe confirmations over night. I did not initiate
these. The source IP's resolve to India and Sri Lanka. Is it just me or is
this happening to other subscribers?
-- Gary Kalbfleisch
-- Director of Technology Support Services
-- Shoreline Community College
-- (206)
* Kalbfleisch, Gary ga...@shoreline.edu:
I received three unsubscribe confirmations over night. I did not
initiate these. The source IP's resolve to India and Sri Lanka. Is it
just me or is this happening to other subscribers?
Not to me, but we're also seeing subscription requests
] Automated Subscription Bots Inundating List
Owners With Subscription Requests
On Thu, 2012-10-18 at 23:53 +, Kalbfleisch, Gary wrote:
I am running 2.1.9 because that is the latest version available from
Redhat as a package.
It's relatively simple to install Mailman from the source
wrote:
On Mon, 2012-10-29 at 21:04 +, Kalbfleisch, Gary wrote:
I like to stick with packages when possible because it makes
maintenance much easier.
As do I. There are times, however, when mission-critical packages in a
distribution are outdated, or absent, or broken and building from
Note that for the majority of what I have seen in this attack it is the return
email messages that the exploiters desire. I have seen some subscriptions
actually get through but I have not seen them exploited in any way other than
to add to the flood of emails to the subscriber. I have
Am I understanding correctly that the list itself is a member of the list?
Sounds like an email loop to me. What are you trying to do?
-- Gary Kalbfleisch
-- Director of Technology Support Services
-- Shoreline Community College
-- (206) 546-5813
-- (206) 546-6943 Fax
Hi Stephen,
Thank you for your reply. My responses are below
-Original Message-
From: Stephen J. Turnbull [mailto:step...@xemacs.org]
Sent: Friday, October 19, 2012 9:20 PM
To: Kalbfleisch, Gary
Cc: mailman-users@python.org
Subject: [Mailman-Users] Automated Subscription Bots
I personally don't care for CAPTCHA but it exists for a reason. If anyone can
suggest a better solution I would love to here it. Right now Mailman is being
exploited to email bomb individuals and DOS email systems. This cannot
continue.
Gary Kalbfleisch
Sent from my iPod
On Oct 22,
For the past couple days my Mailman server has been hammered with automated
subscription requests. I've always seen a few here and there but nothing like
this. Thousands of them, exploiting the web interface and replying to
confirmation email messages. Many of our lists were open
