[Mailman-Users] Distributed mass subscribe attack?

Andy Cravens acravens at uen.org
Tue Aug 22 12:18:57 EDT 2017

On Aug 18, 2017, at 8:36 AM, David Gibbs <david at midrange.com> wrote:

On 8/17/17 3:47 PM, Andy Cravens wrote:
> I forgot to mention I’m also working on a modsecurity rule to look at
> all POSTs and reject if they contain an email address with a + sign.

I'm interested in both your recaptcha mod & mod_security rule ... please
post (or contact me privately) when you make some progress.

If you're interested in my MM mod, let me know.

After reading the responses concerning the + symbol in email addresses I have decided not to block them.  What I did was to implement reCaptcha v1 using the instructions here: 


When I first looked at this I had made several bad assumptions.  I assumed you could not use the reCaptcha v2 keys with v1.  The new keys work fine with v1.  I had to apply the patch manually by editing the files and inserting the new code.  It wasn’t a big deal.   I still plan on looking at implementing v2 sometime this year if I can find some free time.  Also plan on creating the modsecurity rules mentioned earlier.  Another modsecurity rule I want to create is to watch for outgoing replies that indicate a failed login attempt and take action if conditions warrant.  I will post my rules when I have tested and verified they work.


More information about the Mailman-Users mailing list