[Mailman-Users] Mailman Security
odhiambo at gmail.com
Thu Jan 19 11:32:26 EST 2017
On 19 January 2017 at 18:55, Brian Carpenter <brian at emwd.com> wrote:
> > I have a situation which is a little confusing on a server where I run
> > Mailman. The subscription model is "confirm & approve"
> > When I check the MTA's queue, I find hundreds of mail destined to certain
> > addresses, and one address could have 10 or more same mail destined to
> > I cleared the queue before checking the contents of these e-mails, but I
> > assume they were those 'confirm your subscription' ones to these
> > because I can see the addresses in in Mailman's subscribe logfile.
> > Now this got me thinking: Once one has submitted a subscription request
> > Mailman has dispatched the 'confirm' email, shouldn't mailman decline any
> > further subscription requests from the same address if they decide to
> > submit such, and as such shouldn't send any other confirm/verification
> > requests as long as there is one still pending??
> > I am talking about a situation leading to a subscribe logfile like the
> > at: http://bit.ly/2iFv5vi
> > Might I be missing something in my list configuration???
> Subscription spam which is what I think you are experiencing has been dealt
> with to a certain degree by recent versions of mailman. The following two
> functions I believe would be of assistance are:
> There is some detail information about them in Defaults.py I believe.
> Brian Carpenter
> EMWD, Owner
> Providing Cloud Services and Mailman hosting for over 18 years.
So is it enough to add
SUBSCRIBE_FORM_SECRET = 'L1feSuX'
to mm_cfg.py and restarting Mailman without doing any other thing??
The GLOBAL_BAN_LIST is self-explanatory when I read it.
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."
More information about the Mailman-Users