[Mailman-Developers] Spammers forging addresses forsubscribe/unsubscribe
Mark Sapiro
mark at msapiro.net
Sat Apr 19 05:38:37 CEST 2008
Justin Long wrote:
>
>Is there a way in mailman to do the following - and if not, I'd like
>to submit these ideas for implementation or adjustment
>(1) bounces from subscribe requests should not include the original message
I can pretty much promise that this and other measures will be in the
initial Mailman 2.2 release, but it isn't in Mailman 2.1
>(2) unsubscribe requests should be dropped if they come from an
>address which is not a member
Interesting idea, but I can see some installations would want to send
some kind of response in case it is really from a subscribe who just
doesn't happen to know what their correct subscribed address is.
>You can't really tell if a subscribe request is valid or not, but at
>least the attachments could be stripped out...
Yes, we definitely plan to not echo the message body, at least by
default. However, many people feel there should be no response at all.
See for example the thread beginning at
<http://mail.python.org/pipermail/mailman-developers/2008-March/019804.html>
and continuing into April.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Developers
mailing list