Franck Martin writes:
> May be a captcha? Or some more modern techniques...
Captchas aren't applicable to email requests. It will be harder than
that.
We could turn off subscription by email after user creation so that
users would get only one email per email at most. From Mailman's
point of
- Original Message -
> From: "Barry Warsaw"
> To: "mailman-developers"
> Sent: Monday, August 22, 2016 2:43:06 PM
> Subject: Re: [Mailman-Developers] Remediation for fake member creation
> On Aug 22, 2016, at 01:03 PM, Franck Martin wrote:
>
>>While mailman does double opt-in, one can
On Aug 22, 2016, at 01:03 PM, Franck Martin wrote:
>While mailman does double opt-in, one can still fill a mailbox with account
>confirmations, what are the methods to stop a bot submitting email addresses
>for registration across several lists?
Mailman 3 will not pend a registration request more
I'm not sure if you have seen the following blog posts:
https://wordtothewise.com/2016/08/subscription-bombing-esps-spamhaus/
https://wordtothewise.com/2016/08/spamhaus-comments-on-subscription-attack/
https://wordtothewise.com/2016/08/ongoing-subscription-attack/
While mailman does double op
On 8/22/16 5:31 AM, A. Schulze wrote:
Mark Sapiro:
There is a CSRF vulnerability ...
I have developed a fix...
I'm delaying the release ...
Hello,
don't understand why you wait? Yes some people may need time to plan a
update.
But there are also people not needing such plan. They could us
Mark Sapiro:
There is a CSRF vulnerability ...
I have developed a fix...
I'm delaying the release ...
Hello,
don't understand why you wait? Yes some people may need time to plan a update.
But there are also people not needing such plan. They could use the
patch just now.
But maybe you
