Conversely, failing to immediately unsubscribe someone on the first notification of their attempt, regardless of any authentication or lack thereof, can be considered illegal now. So… pick your poison. (CANSPAM is a *very* badly-written law IMO.)

-Adam

From: Hartmut W Sager <hwsager@marityme.net>
Sent: Thursday, August 14, 2025 1:06 PM
To: MUUG - Round Table <roundtable@muug.ca>
Subject: [RndTbl] MUUG e-mail/subscriptions security

I just noticed on a MUUG Round Table e-mail today, the following at the bottom:

Roundtable mailing list -- roundtable@muug.ca

To unsubscribe send an email to roundtable-leave@muug.ca

Regarding the second line (the unsubscribe), I sure hope MUUG at least does SPF/DKIM verification before acting on such an incoming e-mail, because otherwise, a rogue actor out there could unsubscribe any or all of us!

Even so, SPF/DKIM verification would only fully protect those of us (like me) who use our own domain name.

Hartmut