On Jan 12 2005, Seth Breidbart wrote:
Laird Breyer <laird(_at_)lbreyer(_dot_)com> wrote:
I agree. However, the simple act of turning off the address still
automatically send a challenge back to the list address even if the
user unsubscribes and resubscribes afterwards.
Why? How? The challenge doesn't go back unless the list sends to the
turned-off address, so unsubscribing, resubscribing, and then
turning-off would be the preferred order.
Yes. It's not difficult to do this right (or wrong), it's just
different from dealing with an address belonging to a single person.
We're finding that ISACS users need to treat mailing list addresses
differently from personal addresses, for if they treat them the same
way it causes side effects and can be exploited as per the example.
Similarly, list operators must treat ISACS users differently (ignoring
or blocking challenges say) or bear possibly unbounded costs.
The point of this subversion exercise is to imagine common scenarios
and apply the proposed method. If amendments or constraints are found,
these had better be known, and will be relevant when comparing with other
spam solutions.
For example, software spam filtering methods (as a counterexample)
don't require special treatment of mailing lists.
--
Laird Breyer.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg