On 7/9/22 3:19 AM, Karl Semich wrote:
Hi,
I'm experiencing mailbombing via spoofed unsubscription and subscription requests from mailman lists. Mostly unsubscription requests from a mailman 2.1 list.
As long as unsubscription requires approval, there's not much you can do about this. You can set Privacy options... -> Subscription rules -> private_roster to 'List admin only' so the mail bombers can't get member addresses to attempt unsubscription, but that's about it.
I have a mental disability and the mailbombing is confusing and taxing to me.
Is there any configuration option I can ask the list administrator to enable, to require my password to be provided before the confirmations are sent to me?
No, there is no such configuration option.
If this configuration option does not exist yet, could anybody advise what sourcefiles would need modification so as to contribute it as a feature addition?
Probably the HoldSubscription and HoldUnsubscription methods in Mailman/ListAdmin.py, but Mailman 2.1 is end of life and no new features are being implemented.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan