A couple months ago I asked a question and got a
response from Mark Sapiro, see below. We are
having trouble implementing anything. We are
trying recaptcha, but it isn't popular with our
users, thousands of whom are blind. Here is what my Linux guy asks:
Does anyone have any solution for dealing with spam subscriptions from gmail
addresses?
The requests are coming from random addresses that contain a few words, a
plus sign, then another random string of characters. I can't figure out how
we block this without blocking all addresses with plus characters in them,
which is not a good option.
We are getting hundreds of held subscription messages per day. Is blocking
this kind of thing through Exim an option? We are using cpanel.
p.s. The number of messages is causing my ISP to throttle my e-mail!
Dave
At 01:50 PM 2/23/2018, Mark Sapiro wrote:
On 02/23/2018 07:07 AM, David Andrews wrote: > >
I have just two lists that receive a bunch of
spam subscribes each day > -- hundreds of them,
in fact. For some reason -- which is good, they
are > held, so don't go through, not quite sure
why. Two questions -- first > is there a file
I can erase for each list that will get rid of
all the > held subscriptions, without breaking
anything else. I tried once, and > my
installation broke -- don't know if it is
related, but don't want to > try again unless I
do it right. See the script at
<https://www.msapiro.net/scripts/erase>
(mirrored at
<https://fog.ccsf.edu/~msapiro/scripts/erase>).
This will remove everything for an address or
addresses that match a regexp. Also for any list
you can remove the lists/LISTNAME/request.pck
file, but if there are any held messages for the
list, they too will disappear from the pending
requests although the
data/heldmsg-LISTNAME-nnn.pck file will still be
there. The best thing is to handle all held
messages before removing the requests.pck file,
but there is a script at
<https://www.msapiro.net/scripts/hold_again>
(mirrored as above) that can reprocess the
data/heldmsg-LISTNAME-nnn.pck files or they can
be removed if not wanted. > Secondly, there is
some commonality in the subscribe addresses,
are > there strings I can use to discard the
subscribes so I never have to see > them. > >
Below are examples, there is a common word, or a
common word, a period > ., and another common
word, then a plus sign + then a 4 5 or 6
character > word, all alpha, and @gmail.com >
Here are examples: > > > dragonommz+ >
jwmidnight+ > nommz.naidoo+ Since Mailman 2.1.21
there is a GLOBAL_BAN_LIST. See
<https://mail.python.org/pipermail/mailman-users/2018-January/082905.html>
for a bit on how to use this. You will find more
in the archives from this Google search
<https://www.google.com/search?q=site%3Amail.python.org+inurl%3Amailman-users+%22global_ban_list%22>
Also, if you haven't done so, set
SUBSCRIBE_FORM_SECRET to some string unique to
your site. Both the above are mm_cfg.py
settings. Also, I don't know when cPanel will
upgrade to Mailman 2.1.26 but it contains an
ability to enable reCAPTCHA on the listinfo page
subscribe form. > Finally, I know it is probably
too late in the Mailman2 cycle to get a > new
feature, but in the web UI, it would be nice if
you could delete all > deferred
subscriptions. You can do so with deferred
messages, that are > held, but not
subscriptions. If someone wants to do it, I'd
accept a merge request, but I'm not likely to do
it myself -- Mark Sapiro
<m...@msapiro.net> The highway is for
gamblers, San Francisco Bay Area,
California better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list
Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives:
http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-users/dandrews%40visi.com
---
This email has been checked for viruses by AVG.
https://www.avg.com
------------------------------------------------------
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
