Daniel Feenberg wrote:
On Fri, 14 Nov 2008, Chris Lewis wrote:
The MAAWG sender BCP talks about saying that unsubs should be a "single
action", and not require any additional information (eg: "confirmation
cycle" or password).
The unsubscribe URL could contain a cookie in addition to the email
address to prevent malicious unsubscriptions, if such a thing became a
problem.
I think that's what I just said. In fact, I'm the guy who put it in the
Sender BCP ;-)
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg