Unexpected unsubscription confirmation emails
At least one member of our list has received an unexpected email from the list server requesting confirmation of unsubscription. It looks to me like someone has filled in this member's address on the unsubscription form on their behalf in an attempt to remove them from the list.
Is there any way for us to monitor these attempts?
Peter Shute
Sent from my iPad
On Mon, 17 Sep 2018 00:44:40 +1000 Peter Shute <pshute@nuw.org.au> wrote:
At least one member of our list has received an unexpected email from the list server requesting confirmation of unsubscription. It looks to me like someone has filled in this member's address on the unsubscription form on their behalf in an attempt to remove them from the list.
Is there any way for us to monitor these attempts?
Short answer is it should be in your webserver log if it came via the web interface.
-- Dmitri Maziuk <dmaziuk@bmrb.wisc.edu>
Thanks. We'll have to ask the admin for those. We're on cpanel, and I don't think we've got access ourselves.
On 17 September 2018 at 02:31, Dmitri Maziuk via Mailman-Users <mailman-users@python.org> wrote:
On Mon, 17 Sep 2018 00:44:40 +1000 Peter Shute <pshute@nuw.org.au> wrote:
At least one member of our list has received an unexpected email from the list server requesting confirmation of unsubscription. It looks to me like someone has filled in this member's address on the unsubscription form on their behalf in an attempt to remove them from the list.
Is there any way for us to monitor these attempts?
Short answer is it should be in your webserver log if it came via the web interface.
-- Dmitri Maziuk <dmaziuk@bmrb.wisc.edu>
Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/pshute%40nuw.org.au
On 09/16/2018 07:44 AM, Peter Shute wrote:
At least one member of our list has received an unexpected email from the list server requesting confirmation of unsubscription. It looks to me like someone has filled in this member's address on the unsubscription form on their behalf in an attempt to remove them from the list.
Or, if you have a personalized unsubscribe link in a list footer like this list does, the list member replied to or forwarded a list post without removing the quoted footer and a recipient clicked it maliciously, inadvertently or thinking she was unsubscribing herself.
Is there any way for us to monitor these attempts?
You could analyze your web server logs looking for POSTs to the list's options page, however that won't show you the POST data so won't be too useful.
Alternatively, you could modify the ConfirmUnsubscription method in Mailman/MailList.py to log the event in addition to sending the confirmation email, or perhaps more simply, change the lines
msg = Message.UserNotification(
addr, self.GetRequestEmail(cookie),
text=text, lang=lang)
in that method to
msg = Message.UserNotification(
[addr, 'other@example.com'], self.GetRequestEmail(cookie),
text=text, lang=lang)
to effectively Bcc: all such notices to other@example.com.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Peter Shute writes:
At least one member of our list has received an unexpected email from the list server requesting confirmation of unsubscription. It looks to me like someone has filled in this member's address on the unsubscription form on their behalf in an attempt to remove them from the list.
If it was the web form, there will be traces in the webserver log. As Mark points out, the POST data won't be there, but you may be able to correlate the webserver log with the origination time on the message received by the user.
There are other possibilities. The stock RFC 2369 headers provide a mailto link, for one. Somebody would have to use that deliberately, though. It's also possible personalize the list with an unsubscribe link, as this one does. Like this:
https://mail.python.org/mailman/options/mailman-users/pobox%40example.com
A similar link is usually to be found in the List-Unsubscribe header in received posts. The common parts of the two would make a good grep target in the webserver's log. (Often the footer link is customized to include the subscribed mailbox, while the List-Unsubscribe link goes to the listinfo page, or vice versa.)
If so, it is a common occurance that people either forward the mail or reply to it without trimming. In many MUAs the link will be quoted, but live, and people either accidentally click the link or intentionally click the link expecting to unsubscribe themselves.
Either way, if this is an isolated incident, I wouldn't worry about it, since it does occur reasonably frequently by accident.
Steve
On 17 September 2018 at 08:48, Mark Sapiro <mark@msapiro.net> wrote:
Or, if you have a personalized unsubscribe link in a list footer like this list does, the list member replied to or forwarded a list post without removing the quoted footer and a recipient clicked it maliciously, inadvertently or thinking she was unsubscribing herself.
No, it's not customised. I feel they must have followed the generic link and entered someone else's address. It might have been some kind of accident, but it coincides with a period where one member might well have wanted this particular address off the list. Only one unsubscription attempt was reported by members, but I'd like to check if there were more that were ignored.
You could analyze your web server logs looking for POSTs to the list's options page, however that won't show you the POST data so won't be too useful.
So that would let us see which ip address submitted the form, but not what was on the form? As you can see, I still haven't got around to finding out how to access the logs, and probably won't!
Alternatively, you could modify the ConfirmUnsubscription method in Mailman/MailList.py to log the event in addition to sending the confirmation email, or perhaps more simply, change the lines
We don't have that kind of access.
participants (4)
-
Dmitri Maziuk
-
Mark Sapiro
-
Peter Shute
-
Stephen J. Turnbull