On Mon, 2015-09-28 at 19:41 -0700, Mark Sapiro wrote: > On 09/28/2015 07:46 AM, Matthew Saltzman wrote: > > > > So I used the ban script from > > http://nigelb.me/2015-08-26-mailman-attacks.html to add regexps of > > the > > form > > > > "^\.*j\.*o\.*e\.*b\.*l\.*o\.*w \ .*+.*@gmail \.com" > > > > to the ban list. They show up in the ban_list window looking > > correct > > (without the quotes) but don't seem to be blocking the intended > > addresses. The same pattern without the \.*'s does block the > > addresses > > not containing embedded periods. > > > > Not quite sure what I'm missing or where to go here. I'd prefer not > > to > > actually hack the code in MailList.py if I can avoid it. > > > I'm not sure either because I don't know if any of that white space > is > actually there or not. > > However, this part '.*+' is absolutely wrong. The + needs a preceding > \ > or the entire RE is invalid. > > And you don't want to hack the code either because trying to keep a > list > of actual addresses is futile because there keep being more, the > permutations with '.' notwithstanding. You want either the regexp I'm > using or one of the 'safer' ones in my reply at > <https://mail.python.org/pipermail/mailman-users/2015-September/07987 > 4.html>.
The regexp in the linked message has left parens instead of left braces, but otherwise seems to be working so far. I added it with @gmail.com and @usc.edu to be even safer (as those are the only ones I've seen to this point), but will watch for other domains for a while. Thanks! -- Matthew Saltzman Clemson University Math Sciences mjs AT clemson DOT edu ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
