[Mailman-Users] Re: "Message discarded" "spamdetect", why?
Am Samstag, den 20.06.2020, 13:59 -0700 schrieb Mark Sapiro: [...] > In your case, the message is discarded for DMARC policy reasons, > presumably because of the DNS timeout. Do you really want this list > configured to discard these messages? No, that's precisely what I want to avoid, but that's precisely what happened. Strangely though, not what happens every time a DNS query fails but it did happen some of the time. Cheers, Johannes > -- Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
[Mailman-Users] protecting the web interface against subscription spam
Dear all, currently we get inundated with abuse complaint mails because our mailman instance is targeted by spambots who for whatever reason try to subscribe to the lists at our side with addresses belonging to someone else, and when mailman sends out the confirmation email, this is considered spam by the recipient and occasionally reported as abuse. At https://www.ralfj.de/blog/2018/06/02/mailman-subscription-spam.html I found the hint that in /etc/mailman/mm_cfg.py, one should set SUBSCRIBE_FORM_SECRET to a random string which will trigger mailman to embed aCSRF tokeninto the subscription form. This, unfortunately hasn't helped. The abuse mail complaints kept coming. On the same page I found the note that you can also embed a captcha. However I have not found instructions on how to do this. If this is really the case, could somebody give me a link to where I can find the instructions? Thanks so much! Johannes P.S.: I guess, mailman3 has better spam protection, but up to now, I have been too intimidated to actually do it... -- Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
[Mailman-Users] Re: protecting the web interface against subscription spam
Am Freitag, dem 05.03.2021 um 09:41 -0500 schrieb Brian Carpenter: > > Depending upon what version of Mailman 2 you are running, you can add > the following to your mailman_install_dir/Mailman/mm_cfg.py > > BLOCK_SPAMHAUS_LISTED_IP_SUBSCRIBE = Yes > RECAPTCHA_SITE_KEY = "recaptcha site key" > RECAPTCHA_SECRET_KEY = "recaptcha secret key" Thanks! Indeed that works! Thanks so much! Caveat: only recaptcha v2 works (for me) Cheers, Johannes -- Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
