 
|
| Sender: |
|
| Date: |
Wed, 30 Apr 2008 10:38:49 -0500 |
| Reply-To: |
|
| Subject: |
|
| MIME-Version: |
1.0 |
| Content-Transfer-Encoding: |
7bit |
| In-Reply-To: |
<005501c8aad6$06fb12a0$5980490c@HAL9000> |
| Content-Type: |
text/plain; charset=ISO-8859-1; format=flowed |
| From: |
|
I know Pete can speak for himself but I underst
that to mean that if mail should happen to get forwarded to
[log in to unmask] from
a person's e-mail address then the person will be removed.
But as Hal said, this may interact with the Validate setting
to help prevent that.
So if some spam-bot happened to keep spewing spam
From: the victim and To: the -unsubscribe-request
address then that could cause repeated issues as well.
Hal Keen wrote:
>> Isn't it trivially easy for spam software to forge a FROM: and/or TO:
> address? As you know, there are special listserv mail list aliases
> (addresses) that perform this UNSUB function w/o any body of text.
>
> It is not hard to forge a From: address. Therefore, the Validate= keyword in
> the list configuration ought to be checked. Signing off ought to require
> confirmation, and that confirmation wouldn't happen if the request was sent
> with a forged From: address.
>
> [ I don't understand the notion of forging a To: address, except on a
> forwarded copy. One can certainly send a message with the actual recipient
> on the Bcc: header line, but that's not "forging" anything. ]
>
> Hal Keen
>
|
|
|
