I see that some experiments have been done to see if it possible to
unsubscribe an address you don't "own" and that in at least some
circumstances the experiments have been successful.
Would someone please explain carefully and clearly
a) What the circumstances are that allow this. In particular, is it
*only* possible when the address being "unsubscribed" (the attacker) is
having its messages forwarded to the person performing the procedure
(the victim)? If not, what other possibilities are there?
and
b) What exactly is the procedure
Also, if the explanation uses the term "mimic account", would the
explainer please explain what this term means.
Thanks.
--
Harold Fuchs
London, England
Please reply *only* to users@openoffice.org
