[Mailman-Users] Distributed mass subscribe attack?
Andy Cravens
acravens at uen.org
Tue Aug 22 12:18:57 EDT 2017
On Aug 18, 2017, at 8:36 AM, David Gibbs <david at midrange.com> wrote:
On 8/17/17 3:47 PM, Andy Cravens wrote:
> I forgot to mention I’m also working on a modsecurity rule to look at
> all POSTs and reject if they contain an email address with a + sign.
I'm interested in both your recaptcha mod & mod_security rule ... please
post (or contact me privately) when you make some progress.
If you're interested in my MM mod, let me know.
After reading the responses concerning the + symbol in email addresses I have decided not to block them. What I did was to implement reCaptcha v1 using the instructions here:
https://www.dragonsreach.it/2014/05/03/adding-recaptcha-support-to-mailman/
When I first looked at this I had made several bad assumptions. I assumed you could not use the reCaptcha v2 keys with v1. The new keys work fine with v1. I had to apply the patch manually by editing the files and inserting the new code. It wasn’t a big deal. I still plan on looking at implementing v2 sometime this year if I can find some free time. Also plan on creating the modsecurity rules mentioned earlier. Another modsecurity rule I want to create is to watch for outgoing replies that indicate a failed login attempt and take action if conditions warrant. I will post my rules when I have tested and verified they work.
—
Andy
More information about the Mailman-Users
mailing list