[Mailman-Users] Somebody could not subscribe to pypy-dev at python.org
Stephen J. Turnbull
stephen at xemacs.org
Thu Apr 23 06:13:27 CEST 2015
Laura Creighton writes:
> become all the more common in the future. Is insisting that the IP
> addresses match serving a useful purpose?
Yes. Differing request origins is the characteristic signature of a
CSRF attack. I suppose the site could resolve the IP to a domain,
but that would slow things down significantly.
> Should we have a more informative error message?
More information about the Mailman-Users