Bill Honneus (honneus) wrote:
The reason we want to do this is because we want to control the subscriptions to our mailing list interface through our application. We disable subscriptions and unsubscriptions by email, so the only way that users can join is through our application interface. We would only allow users who have signed on through the application to subscribe, so they would have already verified themselves.
Unless I'm missing something here, this process can still be abused by remote parties to subscribe others to your list, and that's the key danger.
-- Brad Knowles <[EMAIL PROTECTED]> Member of the Python.org Postmaster Team, & Co-moderator of the mailman-users and mailman-developers mailing lists ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
