When we try to subscribe to one of the mailing lists on https://lists.wikimedia.org, we get a 403 error:
Forbidden You don't have permission to access /mailman/subscribe/<listname> on this server.
When we try to subscribe to one of the mailing lists on https://lists.wikimedia.org, we get a 403 error:
Forbidden You don't have permission to access /mailman/subscribe/<listname> on this server.
Subject | Repo | Branch | Lines +/- | |
---|---|---|---|---|
mailman: increase per IP and per email rate limits from 1 to 5/hour | operations/puppet | production | +4 -4 |
Which specific mailing lists was this tested with? Which web browsers was this tested with?
(Likely unrelated, but I fail to see CSS applied and encoding errors for e.g. https://lists.wikimedia.org/mailman/listinfo/wikics-l in Firefox 60 and Chromium 65, due to Blocked loading mixed active content “http://cs.wikipedia.org/skins-1.5/common/*.css“)
Indeed my CSS issues above are unrelated. I wonder if https://gerrit.wikimedia.org/r/#/c/432168/ could be somehow related here. CC'ing @herron.
One coworker tried to the glam list and had the same issue (Firefox 60 too). Another coworker spoke about the issue to @Sadads who says he can subscribe with no problem.
So, I did some further tests, and it seems that it is the IP of Wikimédia France's office that is blocked. Why?
Hi @Sylvain_WMFr could you share that IP address with me? I can trace logs on the lists server. By email would be great <kherron@wikimedia.org>
Thanks in advance!
IP received by email. Thanks!
Unfortunately it appears this address is listed on a few spam blocklists. Details about which lists and links to more information can be found by looking up the IP address with a tool like http://multirbl.valli.org
This is affecting list subscription because RBL checks at subscription time were implemented in https://gerrit.wikimedia.org/r/#/c/433671/ as a countermeasure against an increasing volume of list subscription spam.
My suggestion would be to coordinate submission of delisting requests for this IP and in the mean time subscribe to lists using a different IP address. If that isn't possible I'd be happy to help subscribe addresses as needed.
Thanks!
I will investigate on why we are blocked, and we will use our smartphones to register in the meantime.
While this ticket is reopened, I might as well update: it turns out that the IP has been on these blacklists since 2012, years before it was ours. I cannot remove it from all the lists because they are for IPs of email servers and it is not an one (so I cannot do the required DNS changes...)
Hi, I ran into this problem over the last few days trying to subscribe to wikidata-tech while on the eduroam network (my public IP address of 194.94.98.189).
I then tried using my mobile phone (on the Vodafone network), and it responded "You're trying that too often. Please try again later."
Since the 429 "too often" error is thrown after multiple subscription attempts from the same IP maybe the phone was also connected to wifi at the time?
In any event I think we can tune the rate limit to a less aggressive setting now that the flood of spam subscription requests has slowed. Let's start by increasing it from 1 to 5 per hour and see how that goes.
Change 446617 had a related patch set uploaded (by Herron; owner: Herron):
[operations/puppet@production] mailman: increase per IP and per email rate limits from 1 to 5/hour
Change 446617 merged by Herron:
[operations/puppet@production] mailman: increase per IP and per email rate limits from 1 to 5/hour
This issue still persists in some IP Addresses from Cameroon I think. I've gotten folks poke about the 403 error. Thanks!
Mailing lists: Wikitech-l, African-Wikimedia-Developers
Hello, same issue here.
Tried to subscribe myself in https://lists.wikimedia.org/mailman/listinfo/mediawiki-l just now.
The RBL check that was causing 403s for subscription attempts from IPs listed on spam blacklists was reverted today with https://gerrit.wikimedia.org/r/#/c/operations/puppet/+/464819/ so I'll transition this to resolved.