Data Center operations mail list?

[rafael at gav.ufsc.br (Rafael Possamai)]

Thanks! That works for Apache2.2. For those interested that are using
Apache2.4, make this change:

-Order deny,allow
-Deny from all
+Require all denied

The rest should be the same. Here is some more info:
http://httpd.apache.org/docs/2.4/upgrading.html


Best,
Rafael




On Fri, Aug 14, 2015 at 2:16 PM, Jim Popovitch <jimpop at gmail.com> wrote:

> That's a very old (in Internet Years) Mailman problem that was solved
> with session cookies in v2.1.16 (16-Oct-2013).  If you're still
> paranoid, and don't want to piss your users off with privacy leaking
> captcha, then just set up some referer checking in your apache or
> nginx configs:
>
> Apache:
>
>       # Prevent subscription request spam
>      SetEnvIf Referer lists\.example\.com localreferer
>      <Location /mailman/subscribe>
>         Order deny,allow
>         Deny from all
>         Allow from env=localreferer
>      </Location>
> -Jim P.
>