I was just hit with a subscription flood, along the lines of
I've mitigated the current attack, but it's happened before and will
happen again. I'm already using SUBSCRIBE_FORM_SECRET. I also saw Mark's
patch in the thread above to disable subscriptions for a particular
list, which is helpful.
Still, trying to look ahead, I have two further questions:
1) The above mailman-users thread refers to using fail2ban. This sounds
sensible. Does anyone have a a working fail2ban filter they can share
for this? I'd rather not write one from scratch; my previous attempts at
doing so have been rather uneven. (Not the easiest thing to search for,
since fail2ban itself uses mailman for its mailing lists, it seems. I
couldn't find anything, at any rate.)
2) At least in my cases, the floods try to subscribe the same address
over and over (and over and ...). It occurs to me that mailman could
silently discard a request to subscribe an address foo(a)bar.com if
foo(a)bar.com already has a pending subscription -- that is, not sending
out the confirmation request. Would this be doable? Mark, anyone?
Although I realize that has downsides, for myself at least I'd prefer to
minimize the backscatter pain for the random targeted addresses. Real
people who are failing to subscribe can write the owner.
Thanks in advance,
Hi I was wondering if someone can help with my issue. I am a client of EMWD - (RIP Brian). I recently switched to Office 365 platform and none of my posts are working.
Does anyone have any ideas of how I can resolve this?
Thanks in advance.
American Psychoanalytic Association
Hello, I have a feature request for MailMan. Would you please add to
the Privacy Options section, Membership Exposure, an option to show only
the member name, but keep their email address hidden from the member
list, that non-admin members may view? I'd like my members to see who,
by name, is on the list, but not divulge their email addresses./
Mark Sapiro informed the list that "You can do this, but only by
modifying the FormatUsers method in Mailman/HTMLFormatter.py."
Unfortunately, MailMan admins on shared hosting do not have direct
access to Mailman files. If this option were added to Membership
Exposure, we could set this option without necessity for direct file
access. Further, my hosting provider will not modify that file just for
me, as there are likely hundreds of other Mailman users, using the same
installation as I.
Hi, is it possible to show only the member name, but keep their email address hidden from the member list, that non-admin members may view? I'd like my members to see who, by name, is on the list, but not divulge their email addresses.
The hide flag on membership management hides everything.
I am looking for the install instructions for Mailman 2.1 to assist me in doing a new install of Mailman 2.1.34. When I go to https://www.gnu.org/software/mailman/ and click on documentation, the only choice is for Mailman Suite (3). There are no guides for Mailman 2. I also went to the wiki and there is a guide "How_to_Install_Mailman3_on_Debian10" but nothing that I could find on doing a new install for the current download of Mailman 2.1 on Debian 10. Is there a link somewhere that I am missing? It seems to me that I have seen one in the past.
This may be well documented yet but I cant find it.
In the mail sent to the invited user the subject is like :
which is not very self explanatory, and some people believe in some kind
of spam and ignore the invite.
Despite I browse the customizable files I cant find how to add some
friendly words the the Subject field.
Any chance to do it without digging into the code ?
GnuPg : 156520BBC8F5B1E3 Because privacy matters.
« Quand est-ce qu'on mange ? » AD (c) (tm)
I hope this email made it to the list. It has been crazy for a week.
My SPF/DKIM/DMARC passes in most cases except for mailing lists.
Recently, I observe that when I send emails to mailing lists, they get
stashed after Mailman receives them. I administer Mailman for an
organization, and this is what I am seeing:
The email from my VPS arrives at the organization's server and passes
authentication (including SPF/DKIM/DMARC checks) If the address is not
a mailing list, dovecot delivers the email to local/virtual accounts
without errors. It is all fine for regular destinations. If the address
belongs to a mailing list, Mailman receives the email and includes it
in the archives. Something goes wrong at this stage (i.e. when Mailman
begins to send copies to subscribers). The log records the following:
Jul 01 11:51:35 mail.organization.com opendkim: 40D84274532: no
signing table match for 'onyeibo(a)mydomain.com' Jul 01 11:51:35
mail.organization.com opendmarc: 40D84274532: mydomain.com fail
It appears the mail server hosting Mailman on the other end wants to
sign my email all over again before sending out copies to the list
subscribers. The signing fails for obvious reasons. The host cannot
possibly have signing keys for every subscribed domain on the list.
The result is that Mailman archives an email that subscribers never
Is any other list admin experiencing this? What do I do to get such
emails to the list subscribers? How about lists that I subscribed to
(the ones I do not administer?). Does the sender have any obligation
This phenomenon is crazy.
A subscriber to one of my lists who posts from gmail has been
made aware that some list subscribers do not get his postings
because of DKIM setup at gmail. See attached error message.
I understand that he can't do anything about the DKIM setup at
Can I as list admin do something in the list setup (Mailman
Also, how many subscribers are likely affected by his (or any
gmail user's) DKIM setup? That is, are most list subscribers
receiving his messages anyway, or is this problem preventing
e-mail from him going to most list subscribers?
Message was blocked due to DKIM ().
From:Anders Ericson *frilanders(a)gmail.com* <frilanders(a)gmail.com>
To: Biblioteknorge *biblioteknorge(a)kunnskapsallmenning.no*
Subject: Biblioteket som statussymbol. Lat ungdomen lese, for
Recipients Action Reason Delivery Status
<kristin.johanne.havstad(a)arendal.kommune.no> Blocked DKIM Not Delivered
Dette kan muligens skyldes at SPF record ikke er helt riktig:
SPF Alignment Domain not found in SPF
Med vennlig hilsen
*Odd Arvid Knudsen*
M: +47 488 92 398
I’m running mailman 2.x and I am getting ready to build a new server and migrate my lists to 3.x. For those of you who have done this already, do you have any recommended reading suggestions other than the official web page at