[Mailman-Users] Migrating a list to a new email address
Bill Christensen
billc_lists at greenbuilder.com
Sun May 24 03:10:49 CEST 2015
Mark's fix:
If your Mailman is at
least 2.1.16, all you need to do is set
SUBSCRIBE_FORM_SECRET = 'Some string unique to your site"
in mm_cfg.py, and that attack will no longer work.
Is working fine. But thanks for the alternative suggestions. I've got a
copy of fail2ban ready to install but just haven't had time to configure it
yet.
On Wed, May 20, 2015 at 9:07 AM, Adam McGreggor <adam-mailman at amyl.org.uk>
wrote:
> On Wed, May 20, 2015 at 02:38:01PM +0100, David Osborne wrote:
> > On 15/05/15 05:32, Bill Christensen wrote:
> > >I long ago routed real users to an alternative signup, but the spam
> > >keeps coming, unrelenting, and are now anywhere between 1k and 10k per
> day.
> >
> > One of our lists was spammed in a similar way. The approach I took
> > was to configure Apache to allow requests to /mailman/subscribe only
> > when the referring page was on our server:
>
> I've used mod_security/fail2ban in the past, both work as well as
> might be expected.
>
> […]
>
> > This message and any attachment are intended solely for the addressee
> > and may contain confidential information. If you have received this
> > message in error, please send it back to me, and immediately delete
> > it.
>
> Hum.
>
>
> --
> "Celebrity can be malign in that it becomes a form of idolatry, and
> people live their lives vicariously through the rich and famous rather
> than attending to their own lives."
> -- John Sentamu
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives:
> http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe:
> https://mail.python.org/mailman/options/mailman-users/billc_lists%40greenbuilder.com
>
More information about the Mailman-Users
mailing list