[ mailman-Bugs-1448537 ] Limit number of subscribe requests in a period
SourceForge.net
noreply at sourceforge.net
Mon Mar 13 00:47:20 CET 2006
Bugs item #1448537, was opened at 2006-03-12 15:30
Message generated for change (Comment added) made by eric_black
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100103&aid=1448537&group_id=103
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: security/privacy
Group: None
Status: Open
Resolution: None
Priority: 5
Submitted By: EricB (eric_black)
Assigned to: Nobody/Anonymous (nobody)
Summary: Limit number of subscribe requests in a period
Initial Comment:
Add limits (number of requests in a day, and minimum
number of days before resetting the counter) to the
number of subscribe requests for an email address.
Defaults would be 1 request in 1 day.
This is needed to prevent malicious mailbombing of an
innocent victim by someone repeatedly submitting their
address. Currently the victim gets the verify.txt
template email for each submission.
----------------------------------------------------------------------
>Comment By: EricB (eric_black)
Date: 2006-03-12 15:47
Message:
Logged In: YES
user_id=1474448
BTW, I've been running 2.1.5 with this problem, and 2.1.7
still exhibits the vulnerability.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100103&aid=1448537&group_id=103
More information about the Mailman-coders
mailing list