[Mailman-Users] high amount of spam subscriptions

Benjamin Copeland ben.copeland at linaro.org
Wed Sep 2 15:43:13 CEST 2015

Hello all,

I have a issue where I am getting a high amount of subscriptions on
mailman using the web form.

I found that a option had been added to mailman
(SUBSCRIBE_FORM_SECRET). I have added this to my configuration but am
still getting large amount of spam subscriptions.

The addresses all tend to be in similar format, user+alias at gmail.com
(e.g. knuckles9048+51770730 at gmail.com).

For experiment, I blocked email subscriptions to a mailing, to see if
the requests are coming from mail or web form.

knuckles9048+51770730 at gmail.com Tue Sep 1 14:14:50 2015
knuckles9048+14145395 at gmail.com Tue Sep 1 23:06:45 2015

Also 2 for another list (different users). So, now we know that web
form is the attack vector.

What can I do to get this under control?

I am running postfix + spamd.



More information about the Mailman-Users mailing list