On Wed, 2020-08-19 at 12:24 +0200, Andreas Schamanek via mailop wrote: > On Wed, 19 Aug 2020, at 09:51, Andy Smith via mailop wrote: > > > Since yesterday I've been seeing a large number of attempted > > subscriptions to all the public lists on one of my Mailman servers. > > (...) > > I can confirm this for my servers from top to end including some of > the hashes. > > BTW, Mailman mm_cfg.py option `SUBSCRIBE_FORM_SECRET` apparently > mitigates the DoS, too.
+1 to this. Also, fail2ban on subscription 404s in your web server logs. -Jim P. _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop