Conversely, failing to immediately unsubscribe someone on the first notification of their attempt, regardless of any authentication or lack thereof, can be considered illegal now. So… pick your poison. (CANSPAM is a *very* badly-written law IMO.) -Adam From: Hartmut W Sager <hwsager@marityme.net> Sent: Thursday, August 14, 2025 1:06 PM To: MUUG - Round Table <roundtable@muug.ca> Subject: [RndTbl] MUUG e-mail/subscriptions security I just noticed on a MUUG Round Table e-mail today, the following at the bottom: Roundtable mailing list -- roundtable@muug.ca<mailto:roundtable@muug.ca> To unsubscribe send an email to roundtable-leave@muug.ca<mailto:roundtable-leave@muug.ca> Regarding the second line (the unsubscribe), I sure hope MUUG at least does SPF/DKIM verification before acting on such an incoming e-mail, because otherwise, a rogue actor out there could unsubscribe any or all of us! Even so, SPF/DKIM verification would only fully protect those of us (like me) who use our own domain name. Hartmut