[Mailman-Users] Spam Subscriptions
David Andrews
dandrews at visi.com
Sun Jun 3 00:14:27 EDT 2018
At 10:29 PM 6/2/2018, Mark Sapiro wrote:
>On 06/02/2018 06:55 PM, David Andrews wrote:
> >
> > Does anyone have any solution for dealing with spam subscriptions from
> > gmail
> > addresses?
> > The requests are coming from random addresses that contain a few words, a
> > plus sign, then another random string of characters.
>
>
>I use this regexp in the GLOBAL_BAN_LIST
>
>^[0-9a-z.]{8,}\+[0-9a-z]{4,}@gmail\.com$
>
>That blocks subscribe attempts from any address which is 8 or more
>letters, digits and periods followed by a plus followed by 4 or more
>letters and digits @gmail.com.
>
>Recently, I've seen some with only 6 letters before the + so you might
>reduce {8,} to {6,}. I think I'll try that too.
>
>I also have
>
>^.*\+.*\d{3,}@
>
>which blocks anything with a + followed by anything ending in 3 or more
>digits. Scanning the membership of all the Mailman 2.1 lists @python.org
>(over 132K addresses) shows only 10 matches 4 of which were members of
>the python-3000 at python.org with addresses .*+python-3000 at .* and the
>other 6 were nabble.com or googlegroups.com, so it's very unlikely that
>legitimate regular subscribers will match that.
>
>The advantage of the global ban list for this is all the ones I've seen
>are web subscribes. This blocks them with a web response and doesn't
>send any confirmation email.
>
Thanks very much -- we are trying it!
You always have the answer -- thanks!
Dave
> > We are getting hundreds of held subscription messages per day. Is blocking
> > this kind of thing through Exim an option? We are using cpanel.
>
>
>If these as I've seen are all web subscribes, the only thing you could
>do in Exim is drop the outgoing confirmation email, but banning them
>stops the subscribe attempt before any mail is sent.
---
This email has been checked for viruses by AVG.
https://www.avg.com
More information about the Mailman-Users
mailing list