Hacker News new | ask | show | jobs
by kragen 890 days ago
the standard approach is that unsubscribing sends an unsubscribe confirmation mail to the subscribed email address, replying to which confirms the unsubscription. nothing about logins or passwords or the web. this has been standard practice for 25–30 years
3 comments
murderfs 890 days ago
I have never seen anyone do that and I believe it has been literally illegal in the U.S. for the last 20 years. From https://www.ftc.gov/business-guidance/resources/can-spam-act...:

"You can’t [...] make the recipient take any step other than sending a reply email or visiting a single page on an Internet website as a condition for honoring an opt-out request."

link
kragen 890 days ago
this is not 'taking any step other than sending a reply email' and it's the standard way mailing lists managed with mailman or majordomo or ezmlm have worked for quite a bit longer than 20 years

also, according to that page, the can-spam act only applies to 'any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service', not to mailing lists

link
ghusbands 890 days ago
You keep talking about a particular style as though it is standard practice that's essential for security, even though it is both unusual and now illegal in many parts of the world.

I have not seen such an unsubscribe flow in more than a decade, at this point. I assume you're thinking of mailman or some other similar solution that was already dated two decades ago, let alone now.

link
kragen 890 days ago
something can simultaneously be standard practice in one community, essential for security, unusual in another community, and illegal in many parts of the world, though nobody seems to have found any laws against the standard mailman unsubscription mechanism in this thread

it is understandable that people who are not familiar with a cultural practice might seek to marginalize it, but that does not make it right

i don't really care about making life easier for people who send email advertisements (a cultural practice i am sadly all too familiar with) but i think discussion email lists are important and valuable, even if you personally don't participate in them

link
QuadmasterXLII 890 days ago
That’s gonna catch a report spam from me dawg
link
kragen 889 days ago
hopefully people like you won't be able to figure out how to subscribe to the mailing list in the first place
link