On Sun, October 17, 2021 11:56, Simon Arlott via mailop wrote:
>
> ...sign-up can be by email
> only and they should stop accepting sign-up on a website.
That sounds indeed like a great idea and if I was maintaining a mailing
list - I would definitely do this.
However, I'm afraid that in reality
On 17/10/2021 11:15, C A via mailop wrote:
> On Sun, Oct 17, 2021, Simon Arlott via mailop wrote:
>
>> confirmation process only if your email passes SPF/DKIM (or DMARC). If
>
> And if the sender doesn't use either?
If there are no SPF or DMARC records published then you can let them
continue to
On Sun, Oct 17, 2021, Simon Arlott via mailop wrote:
> confirmation process only if your email passes SPF/DKIM (or DMARC). If
And if the sender doesn't use either?
--
Please don't Cc: me, use only the list for replies.
[let's see what happens to the addresses...]
___
On 20/01/2021 10:50, Stefano Bagnara via mailop wrote:
> I'm looking for brainstorming and updated industry "standards" from people
> handling outgoing SMTP services or ESP exporting APIs to "request
> subscriptions" (confirmed opt-in).
For mailing lists, it occurs to me that we should now be at t
On 2021-01-21 at 12:47 +0200, Mary via mailop wrote:
> The victim of a subscription bombing attack can't do much, they
> should be careful to shift through the garbage and find the real
> threat (password changes, bank transfers, etc).
>
> Email admins can only do manual work, because I haven't se
The victim of a subscription bombing attack can't do much, they should be
careful to shift through the garbage and find the real threat (password
changes, bank transfers, etc).
Email admins can only do manual work, because I haven't seen anything automated
that can help in these situations.
M
On 21/01/2021 09:15, Stefano Bagnara via mailop wrote:
> Of course a DNS method to let domains opt-in to such a generic system would
> be cool, but unless we think 100% of domains will adopt openid we'll still
> have the subscription bombing issue around, for every form not using this
> "new method
On Wed, 20 Jan 2021 at 20:05, Simon Arlott via mailop
wrote:
> On 20/01/2021 10:50, Stefano Bagnara via mailop wrote:
> > I'm looking for brainstorming and updated industry "standards" from
> people
> > handling outgoing SMTP services or ESP exporting APIs to "request
> > subscriptions" (confirme
On 20/01/2021 10:50, Stefano Bagnara via mailop wrote:
> I'm looking for brainstorming and updated industry "standards" from people
> handling outgoing SMTP services or ESP exporting APIs to "request
> subscriptions" (confirmed opt-in).
How about a web-based process to confirm opt-in?
Domains cou
Dnia 20.01.2021 o godz. 14:00:47 Jaroslaw Rafa via mailop pisze:
>
> I'm not sure about what actual level of protection it provides. What do you
> think?
Sorry, I just realized that you were looking for a way of protection against
mail-bombing caused by subscription confirmation emails, and not p
Dnia 20.01.2021 o godz. 11:50:30 Stefano Bagnara via mailop pisze:
>
> How do you deal with this issue?
I'm not an ESP and actually don't face this issue, but some time ago I
created my own version of CAPTCHA that I use in registration form on my
server.
There is no CAPTCHA on the form per se, b
Hi all,
I'm looking for brainstorming and updated industry "standards" from people
handling outgoing SMTP services or ESP exporting APIs to "request
subscriptions" (confirmed opt-in).
Not every website uses CAPTCHA and also webforms using CAPTCHA are being
abused as even reCAPTCHA have been crack
12 matches
Mail list logo
