Michael, This feature is surprisingly not built in. If you go to the main list page and just enter your email address and unsubscribe there will be no confirmation - very unsafe! So basically anyone can unsubscribe someone else. This is a problem in terms of access control. Current legislation is very specific about liability and disclosure of breaches in access control. If we offer a system that has a problem with controlling access then we might be liable. I am surprised to see that unsubscriptions do not have the same options as subscriptions in terms of verification of the sender!
> -----Original Message----- > From: > [EMAIL PROTECTED] > rg > [mailto:mailman-developers-bounces+somuchfun=atlantismail.com@ > python.org] On Behalf Of Michael Heydekamp > Sent: Saturday, January 03, 2004 1:09 PM > To: [EMAIL PROTECTED] > Subject: Re: [Mailman-Developers] How to change that > unsubscriptions alsorequire confirmation > > Somuchfun <[EMAIL PROTECTED]> wrote on 03.01.04: > > > Due to current legislation we need to change mailman to also require > > confirmation for unsubscribe requests. > > That's built-in anyway, I think (unless the subscriber has > authenticated > himself with his password through the Web interface)? > > But what strange sort of "legislation" are you talking about? > > ----------8<---------- > > Sender: [EMAIL PROTECTED] > ----------8<---------- ^^^^^^^^^^^^^ > > How and why has *that* sender header been created? > > > Michael > > _______________________________________________ > Mailman-Developers mailing list > [EMAIL PROTECTED] > http://mail.python.org/mailman/listinfo/mailman-developers > _______________________________________________ Mailman-Developers mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-developers
