[Mailman-Users] Preventing abusive / malicious subscription requests

Matthew Blissett mblissett at gbif.org
Mon May 8 07:12:48 EDT 2017


I administrate two small, public Mailman servers.

On one of them [1], I see a lot of unsolicited subscription requests.  
For example, win**********ad at gmail.com was subscribed 41 times last 
week, from 13 different IP addresses.  A whois search on these IP 
addresses suggests they're from anonymization services or spam-friendly 
hosting companies.

In total, there were 234 requests last week, the vast majority were 

Does anyone have any advice on preventing this abuse? Subscriptions 
require confirmation from the user, so manual approval won't help -- 
there's still a notification that the request awaits manual approval.  
Preventing sign-up from a dodgy IP is one option, perhaps directing 
users to email the list owner if they have been caught incorrectly -- 
has anyone set up anything like this?


Matt Blissett

[1] lists.tdwg.org

More information about the Mailman-Users mailing list