Easy way to integrate captcha/reduce subscription spam?

Dear all,
my mailman3 instance is flooded with subscription spam, yet I haven't found any canonical method of integrating a captcha in to the subscription form. Is there really none at all? Perplexity.ai says I should install the python package django-simple-captcha but is unclear about the steps needed to actually make the captcha appear.
Are there other ways? Is there any method that is robust and survives upgrades?
Also, would there be a way of batch-deleting all those thousands of spam registrations that have accumulated (what they have in common is that their email is unconfirmed)
Thanks in advance for any suggestion!
Johannes

Dear all,
sorry for repeating my question, but the degree to which my instance is now being flooded by spambot registrations is truly annoying. Mark's clean_user.py script reliably deletes most of those accounts, but it would be great if we could prevent them from being created in the first place. In Mailman2, this was relatively straightforward. Is there anyone who has successfully integrated some piece of code that stops those spambots in their tracks?
Thanks!
Johannes
Am 16.12.24 um 14:44 schrieb Johannes Rohr:
Dear all,
my mailman3 instance is flooded with subscription spam, yet I haven't found any canonical method of integrating a captcha in to the subscription form. Is there really none at all? Perplexity.ai says I should install the python package django-simple-captcha but is unclear about the steps needed to actually make the captcha appear.
Are there other ways? Is there any method that is robust and survives upgrades?
Also, would there be a way of batch-deleting all those thousands of spam registrations that have accumulated (what they have in common is that their email is unconfirmed)
Thanks in advance for any suggestion!
Johannes
Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/ Archived at: https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/...
This message sent to johannes@rohr.org

On Tue, Feb 25, 2025 at 3:30 PM Johannes Rohr <johannes@rohr.org> wrote:
Dear all,
sorry for repeating my question, but the degree to which my instance is now being flooded by spambot registrations is truly annoying. Mark's clean_user.py script reliably deletes most of those accounts, but it would be great if we could prevent them from being created in the first place. In Mailman2, this was relatively straightforward.
The Recaptcha debate has happened before and there was a good reason given by the Developers why they aren't keen on it. You can search the archives for that. Fedora (or someone using it) patched their Mailman3 to have Recaptcha: https://github.com/pbiering/mailman3-rpm Maybe you are brave enough to patch yours.
Is there anyone who has successfully integrated some piece of code that stops those spambots in their tracks?
https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/thread/B...
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]

Am 25.02.25 um 13:55 schrieb Odhiambo Washington:
Is there anyone who has successfully integrated some piece of code that stops those spambots in their tracks?
https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/thread/B...
Thanks so much! Blocking Tor seems to make a difference
Cheers,
Johannes
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]
participants (2)
-
Johannes Rohr
-
Odhiambo Washington