On 01/16/2016 04:02 PM, Perry E. Metzger wrote: > > I have direct evidence that the asshats are now using "+" strings > after the main address that are not strictly numeric. They seem to > have responded to the simple ways of stopping them.
I haven't seen any like that yet. The regexp I use is ^.*\+.*\d{3,}@ which will block anything between '+' and '@' as long as it ends with 3 digits. Please provide some examples. If there is any discernable pattern, it might be blockable without impacting real subscribers. I haven't actually seen kemo.mart or kezukaya + digits @gmail for 5 days. The last five days have been all hellocatboots+<eight digits>@gmail.com, although a few days ago a bunch of 'ichiba at kezukaya.com' actually got through. (I'm now banning that one too) > What's a good technique at this point to slow them down besides > regexps? I'm stuck on 2.1.18 at the moment as a debian user. Based on the one above getting through, I wrote the script at <https://www.msapiro.net/scripts/erase> (mirrored at <http://fog.ccsf.edu/~msapiro/scripts/erase>) to 'erase' an address from all lists. I.e. for every list, if the address is a member, it is removed. If there are any posts or (un)subscription requests from the address awaiting moderator action, they are removed and optionally any subscripions for the address awaiting user confirmation are discarded too. As far as I can tell, even if the address isn't banned, unless you allow open subscribe which is a bad idea for many reasons, the subscription will require user confirmation, moderator approval, or both. Those that require confirmation (or both) will never be confirmed because the bots don't get the confirmation request email, but they do create back-scatter (the confirmation request email) to the address. Those that require moderator approval will presumably be discarded, but are a moderator burden. The script can deal with all that at once. Other possibilities are disabling web subscribe all together or installing some kind of captcha (ugh) in the page. Experience shows that SUBSCRIBE_FORM_SECRET doesn't stop them unless perhaps SUBSCRIBE_FORM_MIN_TIME is set long enough that it becomes a problem for real subscribers. -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org