On Fri, May 13, 2022, 6:02 PM Greg Newby <gbnewby@pglaf.org> wrote:
Hi Karl.
When you get a confirmation code, it means that someone was able to forge your email (this is not hard to do).
If you post the confirmation code to the public cypherpunks list, then the same culprit just needs to send that confirmation code in another forged email.
Yes, I did that within the past few days and was quickly unsubscribed. But the last time I did this I replaced the last 12 characters with the phrase [gently censored] so it would presumably not be usable without work to recover the characters. So, you should not be posting those confirmation codes!
In order to get the confirmation code otherwise, someone would need to intercept your incoming email messages (or, perhaps, the outgoing messages from the list server). That is rather harder than forging an email.
Yes. Is it difficult to verify that the unsubscription and resubscription processes of 0xloem@gmail.com today were normal? With 0xloem, I posted no codes and did not find a farewell notice in my email, but my messages began bouncing until I resubscribed.
~ Greg
When an address is unsubscribed, they get a goodbye email from the
On Fri, May 13, 2022 at 05:37:00PM -0400, Karl Semich wrote: list
software. Did that happen?
I'm not seeing this.
I ended up finding this for gmkarl@gmail.com but not 0xloem@gmail.com . gmkarl@gmail.com was unsubscribed by someone else at 1058-0500 today, after posting a partial unsub code publicly that I was surprised to receive, which would presumably have required brute forcing the server to use as it was missing trailing digits. 0xloem@gmail.com has bounce notices but no unsubscription notices, and did not receive nor share an unsub code that I saw.
It was a little surprising that the bounce notices come from cypherpunks-owner whereas the farewell messages come from cypherpunks-bounces.