James Knott wrote:
mike scott wrote:
(top-posting continued to avoid muddle...)
An interesting issue. How would the moderators (or anyone else for
that matter) know that [EMAIL PROTECTED] is genuine, and that
the request to unsub [EMAIL PROTECTED] isn't a service denial
attempt on someone else?
The only way I can think of, would be for the moderator to send a
message to the gmail account and ask the recipient to forward it back,
showing full headers, from the sbcglobal account. The headers can
reveal a lot of info and the moderator can also read the additional
headers from the forwarding.
Given the volume of messages on this list, if somebody maliciously
unsubscribed me it wouldn't take long for me to notice, and then it
wouldn't be very hard to resubscribe (maybe with a new account) and
catch up. It seems like a pretty worthless attack, anyway, unlike
malicious subscription that can be used for real denial-of-service by
overloading a server with unwanted messages, or to make those who have
to pay by the message get socked with a big bill. I'd rather see the
unsubscribe confirmation go away -- that's what interferes most with the
standard unsubscribe process, or the alternative that would work in this
case ([EMAIL PROTECTED]). We
could respond to most of these "please unsubscribe me" requests by just
doing it. Or, if the request was coming from an unsubscibed account, we
could explain to the OP and tell them about the alternative process. How
does that sound?
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
