[Mailman-Users] Unexpected password reminder from this list
Mark Sapiro
mark at msapiro.net
Mon Aug 6 22:00:52 EDT 2018
On 08/06/2018 11:08 AM, Jim Popovitch via Mailman-Users wrote:
> On Mon, 2018-08-06 at 05:33 -0700, Mark Sapiro wrote:
>
>> Anyone can request a password reminder for any address from either
>> the options or private archive login pages.
>
>
>
> What's your thoughts on adding reCAPTCHA to the 2nd half of the
> listinfo page in order to mitigate some of that?
At this point I have no interest. I think most "other address" password
requests are either inadvertence, curiosity, or malice on the part of
humans.
If and when I see evidence of massive robotic reminder requests, I may
rethink this, but I note that the implementation of reCAPTCHA on the web
subscribe form on all Mailman 2.1 @python.org lists didn't seem to make
much of a dent in the bogus web subscribes we were seeing despite the
fact that the form must first be retrieved by GET and then the POST
can't come too soon thereafter.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/mailman-users/attachments/20180806/f4b2fdce/attachment.sig>
More information about the Mailman-Users
mailing list