> On 30 Sep 2024, at 09:27, Taco Hoekwater <t...@bittext.nl> wrote: > >> On 30 Sep 2024, at 09:15, Hans Åberg <haber...@telia.com> wrote: >> >> An anti-spam measure is requiring email confirmation, typically an email >> sent to the address to be registered with an HTML link that must be opened >> and confirmed by clicking on a button. > > What happens is that a malicious script is submitting a "password reset" form > with a valid but unknown to mailman email address. Mailman3 should not > respond to those, but it does. The receivers of such password reset reminders > get righteously annoyed.
So it seems to be a bug that should be fixed. I have also changed GNU lists, so the question is what they do, or perhaps they have not experienced the problem yet. ___________________________________________________________________________________ If your question is of interest to others as well, please add an entry to the Wiki! maillist : ntg-context@ntg.nl / https://mailman.ntg.nl/mailman3/lists/ntg-context.ntg.nl webpage : https://www.pragma-ade.nl / https://context.aanhet.net (mirror) archive : https://github.com/contextgarden/context wiki : https://wiki.contextgarden.net ___________________________________________________________________________________
