[Mailman-Developers] Foiling automated subscriptions by spammers

[Barry A. Warsaw]

>>>>> "GFN" == George F Nemeyer <tigerwolf@tigerden.com> writes:

    >> Has anyone heard rumors that big spamhauses are planning to
    >> deploy new technology to attack mailing lists, or for that
    >> matter are planning anything specific for this spring?

    GFN> I've not heard rumors, but the way I read the ominous
    GFN> forecast was that spammers plan to automate the
    GFN> subscription/confirmation process to get into lists initially
    GFN> with the hope of getting at least one spam flood through.

    GFN> If that's true, it seems the next logical step is to create
    GFN> lists that are 'semi-moderated'.

    GFN> That is, for any new subscriber, a human reviews and manually
    GFN> approves the first N postings, until the user can be tagged
    GFN> as 'trusted' and their subsequent posts are then allowed onto
    GFN> the list automatically.  If any early posts are spam, the
    GFN> user is summarily booted.  N can even be zero if the list
    GFN> owner knows and trusts the user when they approve the
    GFN> subscription to the list initially.

Mailman 2.1 will do this, although it will take manual intervention to
remove a member from probation.  It'll be easy though; on the same
screen where a moderator approves messages, there'll be a checkbox to
remove the moderate (i.e. probation) flag from a member.

One thing's missing currently though: the ability to flag a member as
a spammer and thus move them from probation to a ban list.  That ought
to be easy to add, and I will for MM2.1beta1; the hard part will be
working out the U/I so it doesn't further clutter an already busy
screen.

-Barry