On 09/16/2018 07:44 AM, Peter Shute wrote:
> At least one member of our list has received an unexpected email from the
> list server requesting confirmation of unsubscription. It looks to me like
> someone has filled in this member's address on the unsubscription form on
> their behalf in an attempt to remove them from the list.
Or, if you have a personalized unsubscribe link in a list footer like
this list does, the list member replied to or forwarded a list post
without removing the quoted footer and a recipient clicked it
maliciously, inadvertently or thinking she was unsubscribing herself.
> Is there any way for us to monitor these attempts?
You could analyze your web server logs looking for POSTs to the list's
options page, however that won't show you the POST data so won't be too
useful.
Alternatively, you could modify the ConfirmUnsubscription method in
Mailman/MailList.py to log the event in addition to sending the
confirmation email, or perhaps more simply, change the lines
msg = Message.UserNotification(
addr, self.GetRequestEmail(cookie),
text=text, lang=lang)
in that method to
msg = Message.UserNotification(
[addr, 'ot...@example.com'], self.GetRequestEmail(cookie),
text=text, lang=lang)
to effectively Bcc: all such notices to ot...@example.com.
--
Mark Sapiro <m...@msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
