[Mailman-Users] Somebody could not subscribe to pypy-dev at python.org
Mark Sapiro
mark at msapiro.net
Thu Apr 23 06:41:13 CEST 2015
On 04/22/2015 08:59 PM, Laura Creighton wrote:
>
> BINGO. He has found out that this is what happens at his (new) work
> site. It's a load balancer. He is very grateful for getting this
> figured out. :) I fear that this sort of load balancing is going to
> become all the more common in the future. Is insisting that the IP
> addresses match serving a useful purpose? Should we have a more
> informative error message?
Yes. I just a few minutes ago realized I was looking at the wrong logs
(http vs https). Here's one of his attempts:
50.205.11.75 - - [21/Apr/2015:20:01:42 +0200] "GET
/mailman/listinfo/pypy-dev HTTP/1.1" 200 7220 "https://www.google.com/"
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/41.0.2272.118 Safari/537.36"
50.205.11.74 - - [21/Apr/2015:20:02:18 +0200] "POST
/mailman/subscribe/pypy-dev HTTP/1.1" 200 1013
"https://mail.python.org/mailman/listinfo/pypy-dev" "Mozilla/5.0
(Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like
Gecko) Chrome/41.0.2272.118 Safari/537.36"
He GETs the form from 50.205.11.75 and posts it from 50.205.11.74 and it
fails.
There are things I can do. Yes, I think insisting the IP matches does
serve a useful purpose. The idea is to ensure to the extent possible
that the form is posted by a real human from a real web browser who just
got the form from the listinfo page prior to posting it. IP matching is
part of that check for this and other reasons (see Stephen's reply in
this thread).
I am willing to consider weakening it by including only the first 3
octets of the ipv4 address in the hash.
Regarding the error message, I hate to break i18n translations, but
perhaps I can figure a way to use the 3 existing strings in conjunction
with an additional new string to do better.
This is now reported at <https://bugs.launchpad.net/mailman/+bug/1447445>.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list