[Mailman-Users] How to blocking malicious subscription requests?
Ian Kelling
iank at fsf.org
Tue Sep 5 10:55:01 EDT 2017
There is at least one very major mail provider where
joe+any_string at domain goes to the inbox of joe by default, allowing bad
people to get my mailman instance to send many subscription mails to
joe+random_string at domain, messing up joe's inbox, because mailman just
sees different addresses. Can mailman stop doing this? If not, I'm open
to an exim rule to block or at least rate limit mailman from doing this
too.
Also, is there a way to rate limit subscription requests even for the
exact same email address? For example, don't allow someone to subscribe
to list b if they have > 5 unconfirmed subscription requests in the last
day?
--
Ian Kelling | Senior Systems Administrator, Free Software Foundation
GPG Key: B125 F60B 7B28 7FF6 A2B7 DF8F 170A F0E2 9542 95DF
https://fsf.org | https://gnu.org
More information about the Mailman-Users
mailing list