On 17/10/2021 11:15, C A via mailop wrote: > On Sun, Oct 17, 2021, Simon Arlott via mailop wrote: > >> confirmation process only if your email passes SPF/DKIM (or DMARC). If > > And if the sender doesn't use either?
If there are no SPF or DMARC records published then you can let them continue to subscribe on the website and be vulnerable to subscription bombing? There has be some form of authentication of the address being subscribed otherwise there's no way for each individual mailing list service to know if it should reject a subscription request that's part of an attack. -- Simon Arlott _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
