[Mailman-Users] How to blocking malicious subscription requests?

Ian Kelling iank at fsf.org
Tue Sep 5 10:55:01 EDT 2017

There is at least one very major mail provider where
joe+any_string at domain goes to the inbox of joe by default, allowing bad
people to get my mailman instance to send many subscription mails to
joe+random_string at domain, messing up joe's inbox, because mailman just
sees different addresses. Can mailman stop doing this? If not, I'm open
to an exim rule to block or at least rate limit mailman from doing this

Also, is there a way to rate limit subscription requests even for the
exact same email address? For example, don't allow someone to subscribe
to list b if they have > 5 unconfirmed subscription requests in the last

Ian Kelling | Senior Systems Administrator, Free Software Foundation
GPG Key: B125 F60B 7B28 7FF6 A2B7  DF8F 170A F0E2 9542 95DF
https://fsf.org | https://gnu.org

More information about the Mailman-Users mailing list