Subject: The mailing list for listmasters using Sympa
List archive
Re: [sympa-users] Spamming emails boxes from subscribe POST
- From: "Stefan Hornburg (Racke)" <address@concealed>
- To: address@concealed
- Subject: Re: [sympa-users] Spamming emails boxes from subscribe POST
- Date: Mon, 26 Jun 2017 18:06:15 +0200
On 06/26/2017 05:46 PM, François Poulain wrote:
> Hi,
>
> On our wwsympa we are getting numerous web requests like
> POST /wws/subscribe/listname
> from numerous output servers, with numerous emails to be subscribed.
>
> Since we use auth scenario, confirmation email are sent to the
> recipients posted.
>
> Each days we send hundreds emails which are blocked by Google (error
> 450-4.2.1 The user you are trying to contact is receiving mail at a
> rate that 450-4.2.1 prevents additional messages from being delivered).
>
> There is no evidence regarding host/ip_addr or email addr which allow
> to easily thrash theses subscribe requests.
>
> How do you mitigate with this? Is there a way to add tokens in the
> webforms in order to prevent (or at least increase cost of) this
> kind of massive spam?
>
> Best regards.
> François
>
Hello François,
one possible way would be to add a CAPTCHA to this subscribe form,
e.g. we are using reCAPTCHA on a couple of web sites.
Regards
Racke
--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration.
-
[sympa-users] Spamming emails boxes from subscribe POST,
François Poulain, 06/26/2017
- Re: [sympa-users] Spamming emails boxes from subscribe POST, Stefan Hornburg (Racke), 06/26/2017
Archive powered by MHonArc 2.6.19+.