[Mailman-Users] Mailman Security

Brian Carpenter brian at emwd.com
Thu Jan 19 10:55:42 EST 2017

> I have a situation which is a little confusing on a server where I run
> Mailman. The subscription model is "confirm & approve"
> When I check the MTA's queue, I find hundreds of mail destined to certain
> addresses, and one address could have 10 or more same mail destined to it.
> I cleared the queue before checking the contents of these e-mails, but I
> assume they were those 'confirm your subscription' ones to these
> because I can see the addresses in in Mailman's subscribe logfile.
> Now this got me thinking: Once one has submitted a subscription request
> Mailman has dispatched the 'confirm' email, shouldn't mailman decline any
> further subscription requests from the same address if they decide to
> submit such, and as such shouldn't send any other confirm/verification
> requests as long as there is one still pending??
> I am talking about a situation leading to a subscribe logfile like the one
> at: http://bit.ly/2iFv5vi
> Might I be missing something in my list configuration???

Subscription spam which is what I think you are experiencing has been dealt
with to a certain degree by recent versions of mailman. The following two
functions I believe would be of assistance are:


There is some detail information about them in Defaults.py I believe. 

Brian Carpenter
EMWD, Owner

Providing Cloud Services and Mailman hosting for over 18 years.

More information about the Mailman-Users mailing list