Limit number of subscribe requests in a period
Bug #266323 reported by
Eric-black
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
GNU Mailman |
New
|
Medium
|
Unassigned |
Bug Description
Add limits (number of requests in a day, and minimum
number of days before resetting the counter) to the
number of subscribe requests for an email address.
Defaults would be 1 request in 1 day.
This is needed to prevent malicious mailbombing of an
innocent victim by someone repeatedly submitting their
address. Currently the victim gets the verify.txt
template email for each submission.
[http://
To post a comment you must log in.
BTW, I've been running 2.1.5 with this problem, and 2.1.7
still exhibits the vulnerability.