[Mailman-Users] bots subscribing to lists via web forms to avoidmember-only restrictions

Jeffrey Goldberg jeffrey at goldmark.org
Mon Jan 7 00:21:23 CET 2008

On Jan 6, 2008, at 3:02 PM, Mark Sapiro wrote:

> I've never seen it on lists with subscribe_policy of either Confirm or
> Approve. I don't allow open subscribe.

Years ago (2000?) I did see this happen with one or twice with lists  
with a Confirm policy.  These were majordomo lists, but still the  
email confirmation was required.  I do not know whether the spammer  
automated the confirmation process.

What I have seen more often (though still rarely) is spammers forging  
addresses of list members.  Again, that was also a long time ago and I  
don't know whether those were just coincidences (address would have  
been harvest near each other and spammers then liked to forge From  
addresses that were possibly associated with recipients) or really  
targeting the list.

On the whole, I have found these things so rare that it hasn't been a  
real problem.  However, in principle lists could easily be targeted,  
so it is worth considering captchas.



Jeffrey Goldberg                        http://www.goldmark.org/jeff/

More information about the Mailman-Users mailing list