[Mailman-Users] Subscription flood

Bill Christensen billc_lists at greenbuilder.com
Tue May 13 21:54:26 CEST 2014

I finally got a chance to look over the logs today; this is a widely
distributed attack, so address blocking is probably futile.

Sorry to be dense, but how do I apply that patch?


On Fri, May 9, 2014 at 3:19 PM, Mark Sapiro <mark at msapiro.net> wrote:

> On 05/09/2014 12:12 PM, Bill Christensen wrote:
> >
> > Is there a way that I can just have it affect this one problematic
> > list?  If I change the name of cgi-bin/subscribe and any references to
> > it (at least until the next update), do you think that will make a
> > difference?
> It seems to me the easiest way to do this is to apply the attached patch
> to Mailman/Cgi/subscribe.py. Change problem_list to the actual list name
> and if you don't want the logging, remove the syslog line.
> But as others have suggested, look at your web server logs (or the
> subscribe confirmation emails) to get the IP address(es) that are
> submitting them. If they all come from a single IP or netblock, block
> that with iptables or whatever firewall you have.
> --
> Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives:
> http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe:
> https://mail.python.org/mailman/options/mailman-users/billc_lists%40greenbuilder.com

More information about the Mailman-Users mailing list