> On Mar 16, 2016, at 11:52 AM, Glyph <gl...@twistedmatrix.com> wrote:
>
> Over the last few months, twistedmatrix.com <http://twistedmatrix.com/>'s
> mailman installation has been used increasingly frequently to execute
> denial-of-service attacks against people's mailboxes. This is accomplished
> by sending huge numbers of subscription requests to our website, which in
> turn sends huge numbers of confirmation emails to their inbox. Based on some
> information that some targeted users have sent me, I now believe that this is
> to cause those users' mail quotas to be exceeded so that password reset or
> login notification emails won't reach them.
I've taken the first few steps to migrating us over to Mailgun, but just as a
minor status update: web-based subscription is now disabled. If any generous
souls would like to help out and update whatever wiki pages link to the mailman
listinfo pages to say 'please send subscription requests to
twisted-python-owner@ or twisted-web-owner@ instead' that would be great :-).
Those email addresses (and hopefully all the others, too) will keep working
post-migration.
-glyph
_______________________________________________
Twisted-web mailing list
Twisted-web@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-web
