---Mark Salamon <mark@sixdegrees.com> wrote:
Thanks for the reply. I have now received about 10 such replies. We will take them to heart, remove the cypherpunks and attempt to deal with the mailing list issue in an intelligent way.
Most lists and services have dealt with the problem of someone accidentally subscribing or maliciously subscribing someone else in one of two ways: A) send and acknowledgement message with a randomly generated authorization code that requires the user to respond. B) send out a password and require the user to login before account is activated. This works only if you assume the malicious individual will not receive mail sent to that address. This therefore falls down when the address is a mailing list or other distribution point that the malicious individual has access to directly or via archives. What we really need is an automated system that could authorize/deny an address prior to the code/password being sent that would keep track of distribution list addresses and such. Perhaps I'll create one myself soon. Matt