The mailing list for listmasters using Sympa

[Riccardo Veraldi <address@concealed>]

Hello,
on my sympa server I have a problem

if a user points to this URL


https://mysympaserver.org/sympa/renewpasswd/

the users is prompted to insert his email for a lsot password.

but the form accepts ANY email also addresses which are not in the smypa 
user_table.

so any email address will receive a reply by sympa to reset the password.
the result is that a new user will be created.
how can I avoid this ?

thanks

Rick