[Mailman-Users] Spam Subscriptions

Mark Sapiro mark at msapiro.net
Sat Jun 2 23:50:07 EDT 2018

I have a different question.

For a few weeks now the Mailman 2.1 lists @python.org have seen a
massive number of web subscribes from addresses @yahoo.com and @aol.com
addresses. The aol.com ones seem to have abated but yahoo.com continues.
They mostly have local parts that look like first and last names and
display names that don't match the local part name. I implemented
reCAPTCHA on the listinfo subscribe forms and that didn't seem to slow
them down. Also, at first at least some of the subscriptions waiting
user confirmation were being confirmed, some by email and some by web.

I have resorted to scraping Mailman's logs with an hourly cron looking
for subscribes and attempts and when it find 4 or more for a single
address, it uses my erase script to remove them.

This seems to slow down on weekends and pick up during the week.

My question is does anyone have a clue as to who might be doing this and
what they are trying to accomplish. As far as I know, even when they've
succeeded in subscribing, they don't try to post.

Are they just script kiddies trying to be noticed or are they actually
trying to accomplish something.

Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list