[Mailman-Developers] password-less unsubscribe

[Tomas Fasth]

Roy Smith wrote:
> 
> The problem with this is that:
> 
> 1) Somebody subscribes with address user@foo.com
> 
> 2) They switch ISPs and become user@bar.com
> 
> 3) They now want to unsubscribe user@foo.com and subscribe user@bar.com.
> 
> If a confirmation request is mailed to user@foo.com, you loose because
> user@foo.com is probably no longer a valid address.

That scenario is a problem for the subscriber, no doubt about it. Since
the email address essentially represents the identity of the subscriber,
a change of email address and therefore identity is problematic if you
at the same time in general want to maintain a certain level of
integrity. Providing a personal password is one way to deal with this
dilemma. Another is to contact the list owner and persuade her/him to
make the change.
But I do not recommend to completely remove from mailman the minimal
requirement of proving your identity by email address or password.

Tomas