At 10:29 PM 6/2/2018, Mark Sapiro wrote:
On 06/02/2018 06:55 PM, David Andrews wrote: > > Does anyone have any solution for dealing with spam subscriptions from > gmail > addresses? > The requests are coming from random addresses that contain a few words, a > plus sign, then another random string of characters.I use this regexp in the GLOBAL_BAN_LIST ^[0-9a-z.]{8,}\+[0-9a-z]{4,}@gmail\.com$ That blocks subscribe attempts from any address which is 8 or more letters, digits and periods followed by a plus followed by 4 or more letters and digits @gmail.com. Recently, I've seen some with only 6 letters before the + so you might reduce {8,} to {6,}. I think I'll try that too. I also have ^.*\+.*\d{3,}@ which blocks anything with a + followed by anything ending in 3 or more digits. Scanning the membership of all the Mailman 2.1 lists @python.org (over 132K addresses) shows only 10 matches 4 of which were members of the python-3...@python.org with addresses .*+python-3000@.* and the other 6 were nabble.com or googlegroups.com, so it's very unlikely that legitimate regular subscribers will match that. The advantage of the global ban list for this is all the ones I've seen are web subscribes. This blocks them with a web response and doesn't send any confirmation email.
Thanks very much -- we are trying it! You always have the answer -- thanks! Dave
> We are getting hundreds of held subscription messages per day. Is blocking > this kind of thing through Exim an option? We are using cpanel. If these as I've seen are all web subscribes, the only thing you could do in Exim is drop the outgoing confirmation email, but banning them stops the subscribe attempt before any mail is sent.
--- This email has been checked for viruses by AVG. https://www.avg.com ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
