[Mailman-Users] bots subscribing to lists via web forms to avoidmember-only restrictions
mark at msapiro.net
Sun Jan 6 22:02:19 CET 2008
Matt Domsch wrote:
>Several times this week I've received spam to my lists which are set
>to allow postings only by list members. Upon review, something
>(either bot or human, but I'm betting bot as they hit many lists at
>once) subscribed the spam sender email to the lists via the web form,
>sent the spam, then unsubscribed themselves.
What is subscribe_policy for these lists?
>The actual spam message was declared clean by both SpamAssassin and
>IronPort, so the filtering ahead of MM is quite helpful, but not perfect.
>Are there plans to enhance the web subscription form with a type of
>captcha, or other technique to discourage bots?
There is no current plan.
>Anyone else hit by this practice much?
I've never seen it on lists with subscribe_policy of either Confirm or
Approve. I don't allow open subscribe.
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users