[EMAIL PROTECTED] a écrit : > Michael Clark wrote: > >>No, because then I could use the system to sign you up for lists you >>didn't sign up for. The token (step 6) must be sent to the email >>address that was submitted in step 2). Mike > > > There are two distinct tokens. One embedded in the email address the user > has to send to, and the other embedded in the link sent in the reply. > > The tokens are not connected in any predictable fashion. >
ah! good. and for addresses from AOL (and the like), you can do more checks (SPF in particular, ... etc).
