[Mailman-Developers] Feature request
Mon, 14 May 2001 18:05:27 -0700
Looking at it now, it's surprising that this hasn't happened sooner: SF's
mailman was abused with someone creating a bogus project with a mailing list
which was then used to subscribe about 10,000 people and then spam them into
The best/worst part is how people made it a lot worse by complaining to the
list itself and spamming one another after that:
Anyway, I patched admin.py to just disallow admin web subscribes altogether.
In order of preference, for a future mailman version, it'd be nice if
- Have a config.db entry: allow web subscribes, that can only be changed by
the mailman owner (i.e. master password, not list password)
- Easier: have a sitewide mm_cfg.py variable to allow/disallow web
subscribes by the list admin
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/ | Finger firstname.lastname@example.org for PGP key