[Mailman-Users] Increasing volume of distributed subscription attacks (was Blocking or holding subscribe requests when email address contains "+")
Robert Sparks
rjsparks at nostrum.com
Thu Sep 17 20:38:42 CEST 2015
David Gibbs wrote:
> I've been getting a lot of subscribe requests from bogus email
addresses that look like: adfslij+32987234 at gmail.com.
You're not alone. The subscriptions have also moved on to include
addresses at SMS gateways after we added filters similar to what the
thread suggested.
In case others are also dealing with this at volume, some background on
what the IETF mailman admin is doing:
https://mailarchive.ietf.org/arch/msg/tools-development/p4iI5kxO-J1LZR5CQLerZYflHc0
and
https://mailarchive.ietf.org/arch/msg/tools-development/P9mDSeRrvgUAD_tFzYqgDbOkUpM
If anyone has a mitigation strategy that's working well, please let me know.
RjS
More information about the Mailman-Users
mailing list