Hello, Am Montag, 25. Oktober 2004 15:57 schrieb Carlos E. R.: [several theories how to avoid autoresponder subscriptions]
Notice that it is easy for anyone to subscribe any autoresponder: because the confirmation email will be answered by the autoresponder, and it will get subscribed. Thus, the confirmation email method is not valid any longer on its own: it has to be suplemented with a method to force human intervention by the subscriber.
OK, this could be avoided by removing the Reply-To header. But I wonder wyh the autoresponder problem only exists on this list (from those I read, including suse-linux with 100-200 mails daily which would be a more interesting target for autoresponders ;-) So maybe it's not this easy for autoresponders ;-)
How the bots are getting in could be checked by saving both the subscription email, and the confirmation email, for later checking if necesary.
You really believe that autoresponders subscribe theirself? I think, if someone wants to subscribe an autoresponder intentionally, he will subscribe with a "normal" adress and, after subscribing, forward all mails from this adress to the autoresponder adress. And if the autoresponder in on another domain, it's very hard to track :-( But we should avoid writing more mails in this thread than the autoresponders ;-) Regards, Christian Boltz -- The speed at which a mistyped command executes is directly proportional to the amount of damage done. [Joe Zeff]