aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman/Utils.py (follow)
Commit message (Expand)AuthorAgeFilesLines
* Added onhashchange to the HTML _badwords list.Mark Sapiro2020-10-221-0/+1
* DMARC mitigation no longer misses upper case names.Mark Sapiro2020-05-281-2/+4
* Implement Ralf Jung's captcha feature for the subscribe form.Mark Sapiro2019-06-191-0/+30
|\
| * implement a simple CAPTCHA scheme based on questions and answers configured b...Ralf Jung2019-06-101-0/+29
|/
* Implement MAX_LISTNAME_LENGTH to avoid calculating on each web access.Mark Sapiro2019-03-011-4/+9
* Expand tabs in Python code.Mark Sapiro2019-01-281-1/+1
* Fixed broken patch at rev. 1796.Mark Sapiro2018-07-241-1/+1
* Truncate long invalid list names in web error messages.Mark Sapiro2018-07-231-5/+16
* Escaping of HTML entities for the web UI is now done more selectively.Mark Sapiro2018-07-041-3/+6
* Fixed BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE to use DBL, not ZEN.Mark Sapiro2018-07-021-1/+1
* Implemented BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE.Mark Sapiro2018-06-121-0/+22
|\
| * Support for verifying subscriber domains against the Spamhaus DBLJim Popovitch2018-06-111-0/+22
* | Implement security log.Mark Sapiro2018-06-111-1/+6
|\ \ | |/ |/|
| * Improved logging of security related eventsJim Popovitch2018-06-061-1/+5
|/
* Extend BLOCK_SPAMHAUS_LISTED_IP_SUBSCRIBE for IPv6.Mark Sapiro2018-06-051-7/+21
* Restrict Spamhaus ZEN hits to SBL, CSS and XBL.Mark Sapiro2018-06-041-1/+1
* Added BLOCK_SPAMHAUS_LISTED_IP_SUBSCRIBE FeatureMark Sapiro2018-06-041-0/+21
* Added a few more badword checks to Utils.suspiciousHTML().Mark Sapiro2018-03-081-4/+27
* Updated i18n in preparation for 2.1.25 release.Mark Sapiro2017-10-261-2/+2
* Improved DMARC testing for domains with DNSSEC validation problems.Mark Sapiro2017-10-071-2/+14
* Changed member_verbosity_threshold from a >= test to a strictly > test.Mark Sapiro2017-05-241-2/+2
* Fixed unexploitable XSS attach via crafted HTTP Host: header.Mark Sapiro2017-03-301-1/+1
* Fixed a typo and deleted an unreferenced assignment.Mark Sapiro2016-10-291-5/+2
* Match header_filter_rules as normalized unicodes.Mark Sapiro2016-07-141-0/+31
* Allow DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL to be None or the null string.Mark Sapiro2016-05-041-0/+2
* Use rfind rather than find to find '@' for domain splitting.Mark Sapiro2016-04-091-1/+2
* Honor an organizational domain's DMARC sp= policy for sub-domains.Mark Sapiro2016-04-091-5/+14
* Better logging of DMARC lookup DNS exceptions.Mark Sapiro2016-03-061-1/+1
* Minor documentation clean up.Mark Sapiro2016-02-261-4/+5
* Lower case domains for the Organizational Domain fix.Mark Sapiro2016-02-251-3/+3
* Further refactoring of the Organizational Domain fix.Mark Sapiro2016-02-251-2/+1
* Refactored OrganizationalDomain fix.Mark Sapiro2016-02-251-17/+81
* If DMARC lookup fails to find a policy, also try the Organizational Domain.Mark Sapiro2016-02-241-4/+25
* Added dmarc_non_moderation_action to list settings.Mark Sapiro2016-02-021-0/+9
* Merged and tweaked Jim P's mailman-auto-mod-verbose-members branch.Mark Sapiro2016-01-181-1/+48
|\
| * Improvements based on feedback from Mark Sapirojimpop@template.hostname2015-11-041-5/+3
| * Removed 2 development debugging linesjimpop@template.hostname2015-11-041-5/+0
| * Auto-Moderate Verbose Membersjimpop@template.hostname2015-11-041-0/+26
|/
* Defended against a user submitting URLs with query fragments or POSTMark Sapiro2015-09-161-0/+16
* Improved identification of remote clients coming via a proxy server.Mark Sapiro2015-06-231-1/+8
|\
| * Support for HTTP_X_FORWARDED_FOR and HTTP_FORWARDED_FOR (RFC 7239) Jim Popovitch2015-06-231-1/+5
|/
* The vette log entry for DMARC policy hits now contains the list name.Mark Sapiro2015-05-011-4/+4
* Fix for path traversal vulnerability.Mark Sapiro2015-03-271-0/+6
* Implemented the equivalent domains feature for list posting/moderation.Mark Sapiro2015-01-231-0/+34
* A number of changes from the unofficial 2.2 branch have been backported toMark Sapiro2015-01-221-1/+57
* The options CGI now rejects all but HTTP GET and POST requests.Mark Sapiro2014-09-211-0/+5
* If checking DNS for dmarc_moderation_action and DNS lookup is notMark Sapiro2014-05-291-1/+5
* Make dmarc_quarantine_moderaction_action a list setting.Mark Sapiro2014-05-021-3/+2
* More fine tuning of dmarc_moderation_action.Mark Sapiro2014-05-021-8/+8
* The new Utils.IsDMARCProhibited() used collections.defaultdict whichMark Sapiro2014-04-191-3/+2