On Wed, Oct 07, 2015 at 09:16:32AM -0400, br...@emwd.com wrote: > I have seen another type of subscription form spam pop-up on our > servers. It is particularly affecting one client that has 80 mailman > lists and they wish to keep their lists publicly advertised. We keep > seeing dozens of subscription spam coming in from gmail addresses > PER MINUTE with the following format:
There are multiple approaches to this: 1. Look at the logs. Find out where the subscriptions are coming from, and firewall out the appropriate network(s) or countries. (See ipdeny.com for country IP ranges.) or 2. If you only expect to receive subscriptions from one or a few countries, then firewall out the entire world and only allow connections from that small set. and/or 3. Use the Spamhaus DROP and EDROP lists in your firewall and drop *all* inbound traffic from and *all* outbound traffic to those ranges. This achieves lossless compression. (This should be done whether you do 1 or 2 or neither. It's basic network self-defense.) and/or 4. Collect all the forged subscriptions and have a chat with the email people at Gmail. It's possible that they can do something about this on their side. I can put you in touch with someone if need be. ---rsk ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
