[Mailman-Users] Spam to "-request" address generating backscatter spam

Mark Sapiro mark at msapiro.net
Thu Dec 22 18:43:39 EST 2016

On 12/22/2016 01:53 PM, Jim Popovitch wrote:
> I know the GLOBAL_BAN_LIST is for email addrs, but what would it take
> to implement the same (or some field validation logic) for the
> "fullname" field of the subscription page.   I'm still seeing a ton of
> subscribe spam attempts, and the fullname field is consistently not a
> text name.
>>From nginx log:
> ...sales at apexgolfcarts.com&fullname=58562fbb70e22...
> ...ellenv3 at hotmail.com&fullname=5856315b5b695...
> ...scottpickup2000 at gmail.com&fullname=5856372a4e2f1...
> ...vanessae at live.com&fullname=58563aa6664bf...
> ...meagan at meaganlucyphoto.con&fullname=58563ab925ac7...
> ...saramardambey at gmail.com&fullname=58564566dc31b...
> ...dotthomas717 at yahoo.com&fullname=5856456df0b96...
> ...scottpickup2000 at gmail.com&fullname=58564b85ccf98...

If you only want to target user subscribes and not things like admin
mass subscribes and invitations, you could modify Mailman/MailList.py in
the AddMember() method around line 894

        pattern = self.GetBannedPattern(email)

change that to

        pattern = (self.GetBannedPattern(email) or

Then you could add patterns like, e.g., '^[0-9af]{10,}' to the
GLOBAL_BAN_LIST to match those real names.

Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list