Re: [Mailman-Users] Spam Subscriptions

[Mark Sapiro]

On 02/23/2018 07:07 AM, David Andrews wrote:
> 
> I have just two lists that receive a bunch of spam subscribes each day
> -- hundreds of them, in fact. For some reason -- which is good, they are
> held, so don't go through, not quite sure why.  Two questions -- first
> is there a file I can erase for each list that will get rid of all the
> held subscriptions, without breaking anything else.  I tried once, and
> my installation broke -- don't know if it is related, but don't want to
> try again unless I do it right.


See the script at  (mirrored at
). This will remove
everything for an address or addresses that match a regexp.

Also for any list you can remove the lists/LISTNAME/request.pck file,
but if there are any held messages for the list, they too will disappear
from the pending requests although the data/heldmsg-LISTNAME-nnn.pck
file will still be there. The best thing is to handle all held messages
before removing the requests.pck file, but there is a script at
 (mirrored as above) that
can reprocess the data/heldmsg-LISTNAME-nnn.pck files or they can be
removed if not wanted.


> Secondly, there is some commonality in the subscribe addresses, are
> there strings I can use to discard the subscribes so I never have to see
> them.
> 
> Below are examples, there is a common word, or a common word, a period
> ., and another common word, then a plus sign + then a 4 5 or 6 character
> word, all alpha, and @gmail.com
> Here are examples:
> 
> 
> dragonommz+
> jwmidnight+
> nommz.naidoo+


Since Mailman 2.1.21 there is a GLOBAL_BAN_LIST. See

for a bit on how to use this. You will find more in the archives from
this Google search


Also, if you haven't done so, set SUBSCRIBE_FORM_SECRET to some string
unique to your site.

Both the above are mm_cfg.py settings.

Also, I don't know when cPanel will upgrade to Mailman 2.1.26 but it
contains an ability to enable reCAPTCHA on the listinfo page subscribe form.


> Finally, I know it is probably too late in the Mailman2 cycle to get a
> new feature, but in the web UI, it would be nice if you could delete all
> deferred subscriptions.  You can do so with deferred messages, that are
> held, but not subscriptions.


If someone wants to do it, I'd accept a merge request, but I'm not
likely to do it myself

-- 
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Spam Subscriptions

[Brian Carpenter]

> I have a mailman installation with over 300 lists. It is cPanel, but
> I am the administrator so have access to command line etc.
> 
> I have just two lists that receive a bunch of spam subscribes each
> day -- hundreds of them, in fact. For some reason -- which is good,
> they are held, so don't go through, not quite sure why.  Two
> questions -- first is there a file I can erase for each list that
> will get rid of all the held subscriptions, without breaking anything
> else.  I tried once, and my installation broke -- don't know if it is
> related, but don't want to try again unless I do it right.
> 
> Secondly, there is some commonality in the subscribe addresses, are
> there strings I can use to discard the subscribes so I never have to see
them.
> 
> Below are examples, there is a common word, or a common word, a
> period ., and another common word, then a plus sign + then a 4 5 or 6
> character word, all alpha, and @gmail.com
> Here are examples:
> 
> 
> dragonommz+
> jwmidnight+
> nommz.naidoo+
> 
> 
> If I could knock these out, it would be helpful.  This has happened
> several times previously, but has always stopped after a few weeks.
> This time it has been a couple months.
> 
> Finally, I know it is probably too late in the Mailman2 cycle to get
> a new feature, but in the web UI, it would be nice if you could
> delete all deferred subscriptions.  You can do so with deferred
> messages, that are held, but not subscriptions.
> 
> Thanks!
> 
> Dave

Hey Dave,

If  you are using cPanel then running some Exim filters may be a better
approach to handling this subscription problem. We get tons of spam from
China via two domains and Exim is great at filtering them out.


Brian Carpenter
Owner

Providing Cloud Services and more for over 15 years.

T: 336.755.0685
E: br...@emwd.com
www.emwd.com

--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Spam Subscriptions

[Phil Stracchino via Mailman-Users]

On 02/23/18 10:07, David Andrews wrote:
> I have just two lists that receive a bunch of spam subscribes each 
> day -- hundreds of them, in fact. For some reason -- which is good, 
> they are held, so don't go through, not quite sure why.  Two 
> questions -- first is there a file I can erase for each list that 
> will get rid of all the held subscriptions, without breaking anything 
> else.  I tried once, and my installation broke -- don't know if it is 
> related, but don't want to try again unless I do it right.

As for the held subscriptions, you should be able to go to the list's
admin interface and drop all of the pending subscription requests as a
single operation.


-- 
  Phil Stracchino
  Babylon Communications
  ph...@caerllewys.net
  p...@co.ordinate.org
  Landline: +1.603.293.8485
  Mobile:   +1.603.998.6958
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Spam Subscriptions

[Phil Stracchino]

On 02/23/18 10:07, David Andrews wrote:
> Secondly, there is some commonality in the subscribe addresses, are 
> there strings I can use to discard the subscribes so I never have to see them.
> 
> Below are examples, there is a common word, or a common word, a 
> period ., and another common word, then a plus sign + then a 4 5 or 6 
> character word, all alpha, and @gmail.com
> Here are examples:
> 
> dragonommz+
> jwmidnight+
> nommz.naidoo+
> 
> If I could knock these out, it would be helpful.  This has happened 
> several times previously, but has always stopped after a few weeks. 
> This time it has been a couple months.


You can't filter based on that address format.  (At least, not and be
correct.)

This format, plus-extension, is a legitimate address structure
specifically for the purpose of generating traceable throwaway
addresses.  If I give you reddog+thisl...@example.com as my email
address, which I receive at my address red...@example.com, and I've
given that to no-one else, and a few weeks later I start getting random
spam sent to reddog+thisl...@example.com, I know you have (intentionally
or otherwise) leaked my email address.

Just because an address is plus-extended does not mean it is spam.  If
you choose to refuse extended addresses, you risk refusing legitimate
subscribers.

Have you considered requiring CAPTCHAs for subscription?


-- 
  Phil Stracchino
  Babylon Communications
  ph...@caerllewys.net
  p...@co.ordinate.org
  Landline: +1.603.293.8485
  Mobile:   +1.603.998.6958
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] Spam Subscriptions

[David Andrews]

I have a mailman installation with over 300 lists. It is cPanel, but 
I am the administrator so have access to command line etc.


I have just two lists that receive a bunch of spam subscribes each 
day -- hundreds of them, in fact. For some reason -- which is good, 
they are held, so don't go through, not quite sure why.  Two 
questions -- first is there a file I can erase for each list that 
will get rid of all the held subscriptions, without breaking anything 
else.  I tried once, and my installation broke -- don't know if it is 
related, but don't want to try again unless I do it right.


Secondly, there is some commonality in the subscribe addresses, are 
there strings I can use to discard the subscribes so I never have to see them.


Below are examples, there is a common word, or a common word, a 
period ., and another common word, then a plus sign + then a 4 5 or 6 
character word, all alpha, and @gmail.com

Here are examples:


dragonommz+
jwmidnight+
nommz.naidoo+


If I could knock these out, it would be helpful.  This has happened 
several times previously, but has always stopped after a few weeks. 
This time it has been a couple months.


Finally, I know it is probably too late in the Mailman2 cycle to get 
a new feature, but in the web UI, it would be nice if you could 
delete all deferred subscriptions.  You can do so with deferred 
messages, that are held, but not subscriptions.


Thanks!

Dave



--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org