On Wed, 13 Jun 2018 07:22:20 -0400 Richard Hipp <d...@sqlite.org> wrote:
> Unfortunately, I'm going to need to shut down this mailing list due to > robot harassment. I am working to come up with a fix or an > alternative now. Your suggestions are welcomed. > > This mailing list has operated for many years using GNU MailMan. > Unfortunately, that software is not able to cope with modern robot > spammers, even with the latest updates. And the source code for > MailMan is sufficiently opaque that I am unable to work on it. > > The most recent problem is that robots are visiting the subscription > page and entering innocent user's email addresses and names. This > causes a confirmation email to be sent to that user. If it were just > single confirmation email that the user could ignore, that would be > fine. But apparently MailMan sends one email for each subscription > request. The robots have figured this out and are putting in hundreds > of subscription requests for the same individual, apparently to harass > them. > > I have already suspended new subscriptions. Existing subscribers will > be able to continue using this list until I come up with a replacement > (or a fix to the current problem) but no new subscribers will be > accepted. > Hello, Sounds like a nasty problem, sorry to hear. The usual algorithm and way of dealing with this is to throttle the nasty one's while degrading slightly the service for legitimate subscribers. I have in mind spamd from OpenBSD when I am giving this example here. Sounds like the code of MailMan is difficult to change is this the repo: https://savannah.gnu.org/cvs/?group=mailman How many pieces of the infrastructure are under your control? What is the pattern of undesired activity. If you can log the request for registration and pick out the addresses you can block further emails from being send, put a max etc.. If you control a firewall the only way to really control stuff you can block throttle the access for the offending IP's or networks while the problem appears. Such things are best dealt with initially by collecting data and modifying the middle layer control algorithm or its meta data until you have a good average. I am not someone who deals with this problem on a daily basis so please take this with a grain of salt. I think the issue here is that mailman talks to your mail server and then it is actually you sending the emails to the victims. Depending on the mail server you may be able to limit the requests, block them completely or parse or classify them as spam. The best solution if you are not able to modify mailman and don't wish to mess with mail servers is to write a capture service that speaks only the basics of the mail protocol and can count the number of to headers with the same address per second, minute whatever and only after that validation forward it to the legitimate mail sending server. There must be a place where you configure your mail server in mailman just plop your capture service there and the mail server can be configured or will not care if the mail takes another hop before arriving at 25. There are certainly thousand ways to do this but since you're running MailMan I assume you wish a clean and simple solution ... heck look at SQLite ... so I think the capture one might be the best no matter what the mailman like package and mail server. You are in control ultimately. HTH, Regards, George _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
