Automated processes can swamp a list with web subscription requests.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
GNU Mailman |
Fix Released
|
Medium
|
Mark Sapiro |
Bug Description
There are discussions of this in threads at <http://
The Mailman developers do not think there is any way to prevent this other that disabling web subscribe entirely, as by definition, subscription requests come from unauthenticated users.
However, an attempt will be made to mitigate this by making a site option to include a dynamically generated hidden hash in the subscribe form which will at least require an automated process to first GET and parse the listinfo form immediately prior to POSTing it.
Changed in mailman: | |
status: | In Progress → Fix Committed |
Changed in mailman: | |
milestone: | 2.1.16 → 2.1.16rc1 |
status: | Fix Committed → Fix Released |
description: | updated |
Would you please allow us to configure this on a per list basis?