Re: Last Call: <draft-levine-herkula-oneclick-04.txt> (Signalling one-click functionality for list email headers) to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



important protection against accidental (but, IMO, badly
designed) or malicious bad behavior.   So this specification
proposed a way to bypass those safeguards and protection?

No, of course not. The unsubscribe links in the mail this will affect are invariably unique to the message's recipient with a hard to forge hash of some sort. So if you have the message, you are the subscriber or the subscriber gave the message to you.

I've talked at some length to the people at Gmail who plan to implement this, and they've clearly dealt with more mail forgery than any of us.

By the way, in the US, it is not just poor practice to require confirmation of unsubscribe requests for commercial mail, but under the FTC's CAN SPAM rules, it is illegal to do so.

R's,
John




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]