How to restrict mailman list subscriptions to certain domains?

Is there any way to restrict a mailman mailing list to only allowing subscriptions from one specific domain?

I know how to ban specific email addresses or domains from subscribing, but is there a way to ban all domains that aren't, say, example.com? Or maybe a couple specific domains?

We're starting to get hit by subscription attempts to some of our lists from what I'm sure are spammers on botnets1 and it's annoying list owners. Some lists are configured with a subscribe_policy of "Require approval" or "Confirm and approve" because the lists are intended to be only for our local users and it would be nice to minimize the annoyance of the list owners by automatically rejecting subscriptions from outside email addresses that won't be allowed to subscribe by the list owner anyways.

We can't simply restrict access to the local networks because we have lists intended for a worldwide audience and some of our "local" users can be anywhere.


1 One email address subscribes to a couple dozen unrelated lists from different IPs over a few hours; then the next day another round with a new email address and different IPs. In a few cases list owner has emailed them a question about why they were signing up for the list and received no reply.


Mailman uses Python's regular expression engine, which is flexible enough to match everything except a certain domain.

Put something like this in the ban_list for the list: ^(?!.*example\.edu) or: ^(?!.*(example\.edu|example\.com))

If lists are restricted and getting spam subscriptions, you may want to not advertise the list in mailman (make the link available elsewhere). Setting the mailing list subscription policy to "Confirm and Approve" instead of "Approve" so that spammers have to handle a piece of email before the list owner is annoyed can help, too.


Other answers will not stop an email address like "[email protected]". This will: ^(?!.*[@.]example\.com) (assumes all subdomains of example.com are okay). To apply run:

config_list -i <(echo 'ban_list = [ "^(?!.*[@.]example\.com)$", ]' ) listname