[Mailman-developers] what to do with confirmation of web based subscriptions
Barry A. Warsaw
bwarsaw@CNRI.Reston.Va.US (Barry A. Warsaw)
Mon, 27 Apr 1998 11:07:15 -0400 (EDT)
>>>>> "S" == Scott <scott@chronis.pobox.com> writes:
S> i'd like to make it impossible for a
S> person to subscribe some other unconsenting person to a
S> mailling list.
...while still allowing someone to subscribe to a list using a
perfectly valid alternative address. Scott, I haven't seen your
patches, but I know that other ML managers handle this in a useful
way. They will send a confirmation email to the alternative address
that contains a partially random string. The user need only reply to
the message and include verbatim this string.
This seems like a small hurdle to impose given the important nature of
this defense. A small explanation included with the email (along with
a link to a detailed Web page) would go a long way to easing any
inconvenience.
S> the only reason i can think of is that people don't want
S> subscribing to involve two steps. i don't personally find this
S> valid given the nature of folks to abuse such services.
I highly agree!
-Barry