[Mailman-Users] Subscription flood

Stephen J. Turnbull stephen at xemacs.org
Fri May 9 21:10:53 CEST 2014

Mark Sapiro writes:

 > They probably aren't using the subscribe form on the listinfo page but
 > rather posting the data directly to the subscribe CGI. Try moving
 > mailman's cgi-bin/subscribe aside to totally disable web subscribe.

Yeah, this seems like a different attack from the last one I heard
about (a CGI on a 3rd party site that would sign the victim up for
about 400 *different* MLs), but that one also hit the subscribe URL

How hard would it be to use security-by-obscurity, ie, to just move
the subscribe URL to a different location and change the links on the
subscribe pages?

More information about the Mailman-Users mailing list