[Mailman-checkins] [Branch ~mailman-coders/mailman/2.1] Rev 1854: Implement WARN_MEMBER_OF_SUBSCRIBE subscribe setting.

Wed, 10 Jun 2020 15:06:20 -0700 

------------------------------------------------------------
revno: 1854
fixes bug: https://launchpad.net/bugs/1883017
committer: Mark Sapiro <m...@msapiro.net>
branch nick: 2.1
timestamp: Wed 2020-06-10 15:04:26 -0700
message:
  Implement WARN_MEMBER_OF_SUBSCRIBE subscribe setting.
modified:
  Mailman/Cgi/subscribe.py
  Mailman/Defaults.py.in
  NEWS


--
lp:mailman/2.1
https://code.launchpad.net/~mailman-coders/mailman/2.1

Your team Mailman Checkins is subscribed to branch lp:mailman/2.1.
To unsubscribe from this branch go to 
https://code.launchpad.net/~mailman-coders/mailman/2.1/+edit-subscription

=== modified file 'Mailman/Cgi/subscribe.py'
--- Mailman/Cgi/subscribe.py	2020-01-10 01:00:40 +0000
+++ Mailman/Cgi/subscribe.py	2020-06-10 22:04:26 +0000
@@ -300,6 +300,7 @@
             results = _('You are already subscribed.')
         else:
             results = privacy_results
+        if privacy_results and mm_cfg.WARN_MEMBER_OF_SUBSCRIBE:
             # This could be a membership probe.  For safety, let the user know
             # a probe occurred.  BAW: should we inform the list moderator?
             listaddr = mlist.GetListEmail()

=== modified file 'Mailman/Defaults.py.in'
--- Mailman/Defaults.py.in	2020-05-18 17:01:51 +0000
+++ Mailman/Defaults.py.in	2020-06-10 22:04:26 +0000
@@ -1130,6 +1130,10 @@
 # request email, she has to wait PENDING_REQUEST_LIFE (default 3 days) before
 # she can request another.  This setting also applies to repeated unsubscribes.
 REFUSE_SECOND_PENDING = No
+# Mailbombing of a list member of a list with private rosters can occur with
+# repeated subscribe attempts resulting in repeated user warnings.  Set the
+# following to No to supress the user warnings.
+WARN_MEMBER_OF_SUBSCRIBE = Yes
 
 
 

=== modified file 'NEWS'
--- NEWS	2020-05-29 01:59:15 +0000
+++ NEWS	2020-06-10 22:04:26 +0000
@@ -20,6 +20,10 @@
     - DMARC mitigation no longer misses if the domain name returned by DNS
       contains upper case.  (LP: #1881035)
 
+    - A new WARN_MEMBER_OF_SUBSCRIBE setting can be set to No to prevent
+      mailbombing of a member of a list with private rosters by repeated
+      subscribe attempts.  (LP: #1883017)
+
 2.1.33 (07-May-2020)
 
   Security


_______________________________________________
Mailman-checkins mailing list -- mailman-checkins@python.org
To unsubscribe send an email to mailman-checkins-le...@python.org
https://mail.python.org/mailman3/lists/mailman-checkins.python.org/
Member address: arch...@jab.org

Reply via email to