[Mailman-Users] Handling bogus subscribe requests

Perry E. Metzger perry at piermont.com
Sat Jan 16 19:51:05 EST 2016


On Sat, 16 Jan 2016 19:02:58 -0500 "Perry E. Metzger"
<perry at piermont.com> wrote:
> On Thu, 14 Jan 2016 08:55:21 -0600 "Gibbs, David"
> <david at midrange.com> wrote:
> > On 1/12/2016 11:54 AM, Mark Sapiro wrote:
> > 
> > > There are threads on this in the archives of this list. See
> > > threads containing the posts
> > > <https://mail.python.org/pipermail/mailman-users/2015-September/079829.html>
> > 
> > I can confirm that the technique used in this post work great.
> 
> I have direct evidence that the asshats are now using "+" strings
> after the main address that are not strictly numeric. They seem to
> have responded to the simple ways of stopping them.
> 
> What's a good technique at this point to slow them down besides
> regexps? I'm stuck on 2.1.18 at the moment as a debian user.

Oh, and by the way, the documentation for SUBSCRIBE_FORM_SECRET (such
as it is) does not mention that it needs to be set to a string. I
only figured that out when setting it to True and 1 both failed
spectacularly and reading the traceback.

Perry
-- 
Perry E. Metzger		perry at piermont.com


More information about the Mailman-Users mailing list