Mark's fix:
If your Mailman is at
least 2.1.16, all you need to do is set
SUBSCRIBE_FORM_SECRET = 'Some string unique to your site"
in mm_cfg.py, and that attack will no longer work.
Is working fine. But thanks for the alternative suggestions. I've got a
copy of fail2ban ready to install bu
On Wed, May 20, 2015 at 02:38:01PM +0100, David Osborne wrote:
> On 15/05/15 05:32, Bill Christensen wrote:
> >I long ago routed real users to an alternative signup, but the spam
> >keeps coming, unrelenting, and are now anywhere between 1k and 10k per day.
>
> One of our lists was spammed in a si
On 15/05/15 05:32, Bill Christensen wrote:
I have a long running list with thousands of subscribers that needs to
move to a new set of email addresses.
The existing list is announce-only, so doesn't get a whole lot of
traffic - typically at most a few outgoing emails a year. But some time
back
On 05/15/2015 06:51 PM, Bill Christensen wrote:
>
> On 5/15/15 12:21 AM, Mark Sapiro wrote:
>> Privacy options... -> Subscription rules -> subscribe_policy st to
>> Require approval and then discard all requests.
> when you say "discard all requests", is there a way to do that
> automatically? W
Excellent. I didn't know about the clone_list script.
On 5/15/15 12:21 AM, Mark Sapiro wrote:
Privacy options... -> Subscription rules -> subscribe_policy st to
Require approval and then discard all requests.
when you say "discard all requests", is there a way to do that
automatically? With
On 05/14/2015 09:32 PM, Bill Christensen wrote:
>
> I'm thinking that the best way to deal with this is to move everything,
> including the archives, to a newly created list on the same domain
> name. The alternative signup method i've set up works, so if i set the
> new list to "Advertise this l
Hi all,
I have a long running list with thousands of subscribers that needs to
move to a new set of email addresses.
The existing list is announce-only, so doesn't get a whole lot of
traffic - typically at most a few outgoing emails a year. But some time
back a bot started sending spam regi
