1 |
On Wed, 2009-05-27 at 09:28 -0700, Robin H. Johnson wrote: |
2 |
> Lately we've been seeing a LOT of spam being sent to the mailing list |
3 |
> subscribe mechanism, with the side effect that the subscribe mechanism |
4 |
> responds to the From header address with a confirmation request. That |
5 |
> address (along with the envelope sender) are unfortunately forged. |
6 |
> |
7 |
> The volume of the confirmation requests is getting worse than direct |
8 |
> spams, because the spam filtering considers the confirmation requests to |
9 |
> be valid email (they would be, except for the fact they are |
10 |
> unsolicited). |
11 |
> |
12 |
> To combat this problem, I'd like us to consider switching the subscribe |
13 |
> mechanism for the mailing lists to be a web form (protected with |
14 |
> recaptcha). Unsubscribe will continue to be offered as an email action |
15 |
> for the moment, because it ignores the mail if the address was not |
16 |
> subscribed. |
17 |
|
18 |
Fine with me. I've been getting quite a few of these lately, and since |
19 |
I sometimes do subscribe to new lists, I have to look at them before |
20 |
discarding. |
21 |
|
22 |
Regards, |
23 |
Ferris |
24 |
-- |
25 |
Ferris McCormick (P44646, MI) <fmccor@g.o> |
26 |
Developer, Gentoo Linux (Sparc, Userrel, Trustees) |