[Mailman-Users] Handling bogus subscribe requests
Mark Sapiro
mark at msapiro.net
Tue Jan 12 12:54:26 EST 2016
On 01/12/2016 08:18 AM, Rosenbaum, Larry M. wrote:
>>From the "NEWS" file:
>
> - There is a new mm_cfg.py setting SUBSCRIBE_FORM_SECRET ...
This is only partially effective against this attack.
On the @python.org lists we see this attack come and go and even with
SUBSCRIBE_FORM_MIN_TIME = 10 seconds, enough of the bot subscribes delay
long enough to get through.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list