[Mailman-Users] How to deal with these spam submissions?
Mark Sapiro
mark at msapiro.net
Mon Jan 5 23:09:27 CET 2015
On 01/05/2015 10:35 AM, Tracey McCartney wrote:
> I run a list at fair_housing@(my domain here).
>
>
>
> Over the last few days, I've received some spammy non-member submissions
> from these e-mail addresses:
>
>
>
> fair_housingbnqq at maxcom.net.mx
>
> fair_housinghjhn at woohoo.ro
>
> fair_housingrjs at fourlads.com
>
> fair_housingrprs at pepempilhadeiras.com.br
> <mailto:fair_housingrprs at pepempilhadeiras.com.br>
>
>
>
> So clearly these aren't totally random - they have bot-generated addresses
> based on the address of my list. I would like to add these and e-mail
> addresses like them to my sender filter to be discarded upon receipt.
If these are subscription requests, adding something to Sender filters
won't help. You want Privacy options... -> Subscription rules ->
ban_list to prevent addresses from subscribing. A regex like
^fair_housing.*
or more simply just
^fair_housing
will prevent any email address beginning with 'fair_housing' from
subscribing to the list. You could also add the same regexp to Privacy
options... -> Sender filters -> discard_these_nonmembers to prevent such
addresses from posting if your list otherwise accepts non-member posts.
Also, if these are bots requesting subscription via the web and your
Mailman version is >= 2.1.16 and you have access, see the section about
SUBSCRIBE_FORM_SECRET in Defaults.py for information on a mitigation for
this attack. To use it, you would set
SUBSCRIBE_FORM_SECRET = 'some string of your choice'
in mm_cfg.py.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list