In message <[EMAIL PROTECTED]>,
"Roger B.A. Klorese" <[EMAIL PROTECTED]> wrote:
>On Thu, 6 Jan 2000, Ronald F. Guilmette wrote:
>> Seriously, this is SOOOOOOOOO lame. These people are pretending to
>> be professional list administrators, and not only are they spamming
>> but they apparently can't be bothered with little things like, oh,
>> CONFIRMING list subscriptions before they finalize them.
>
>Do you force your list-managers to use confirmation? That is, is there
>some mechanism by which it is impossible for a list-manager to add an
>address unless there has been a user confirmation? I know of no product
>that will conform to this, Ron, so you might as well just pull yourself
>off the net.
As far as I know, every modern off-the-shelf list management package now
provides, at the very least, an option which, when set, will cause the
list management package to send, via E-mail, SOME SORT of confirmation
request to each alleged new subscriber and to wait for a suitable response
BEFORE finalizing the subscription. (The better packages will even e-mail
a difficult-to-forge cookie of some sort to the alleged new subscriber and
then verify that they get the exact same cookie back from that subscriber
as part of the confirmation process.)
Certainly, if the administrator of a given server system gives any and all
mailing list adminsitartors who have access to that system carte blanche
(e.g. root access) so that they can run rampant and do anything they like,
then yes, some will undoubtedly be able to disable this prudent safety
mechanism. But for any well-managed server that belongs to any company
that makes its daily bread on the basis of providing mailing list services
to random members of the general public, the user interface provided to
the individual mailing list administrators clearly SHOULD NOT allow this
safety mechanism to be disabled.
