For the past few months my mailman (2) installation with a dozen lists on it has been convinced to email bomb various random people out there from the list-bounces@ address. I have daily cron jobs that clean this junk out of my postfix queue, as most destinations rate limit me. It's not helping my email reputation at all :-( At first I thought that this was some kind of email amplication attack. After some puzzling, I realized that these were subscribe attempts coming in through the web interface. Sigh. An upgrade to mailman 3 has been in the works for awhile, but it's one of those things best done on a really rainy November when there is nothing else you can do.

Are there easy ways to add a CAPTCHA to these old mailman 2 pages?