[Mailman-Users] Subscription flood
billc_lists at greenbuilder.com
Tue May 13 21:54:26 CEST 2014
I finally got a chance to look over the logs today; this is a widely
distributed attack, so address blocking is probably futile.
Sorry to be dense, but how do I apply that patch?
On Fri, May 9, 2014 at 3:19 PM, Mark Sapiro <mark at msapiro.net> wrote:
> On 05/09/2014 12:12 PM, Bill Christensen wrote:
> > Is there a way that I can just have it affect this one problematic
> > list? If I change the name of cgi-bin/subscribe and any references to
> > it (at least until the next update), do you think that will make a
> > difference?
> It seems to me the easiest way to do this is to apply the attached patch
> to Mailman/Cgi/subscribe.py. Change problem_list to the actual list name
> and if you don't want the logging, remove the syslog line.
> But as others have suggested, look at your web server logs (or the
> subscribe confirmation emails) to get the IP address(es) that are
> submitting them. If they all come from a single IP or netblock, block
> that with iptables or whatever firewall you have.
> Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
> San Francisco Bay Area, California better use your sense - B. Dylan
> Mailman-Users mailing list Mailman-Users at python.org
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives:
More information about the Mailman-Users