On 2015-01-22 12:41:05 +1000, Russell Stuart wrote: > On Wed, 2015-01-21 at 21:10 -0500, Michael Gilbert wrote: > > So anyway, nnnnnn-subscribe can be used to spam confirmation messages > > currently, and general mail to the bts from an unknown address will > > end up doing the same, but it's basically a non-issue because it's a > > rather uninteresting thing to do for anyone that might consider > > wanting to do it. > > I don't know how interesting it would be on an absolute scale, it > certainly would be "more interesting than it is now" if we remove the > authentication we have. > > The reason is all that happens now is you get one unwanted email and > that is the end of it.
A spammer can send several nnnnnn-subscribe messages. -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon) -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150122142006.gb25...@ypig.lip.ens-lyon.fr