>>>>> "JG" == Jeffrey Goldberg <J.Goldberg@cranfield.ac.uk> writes:
JG> I see that there is a potential for abuses with auto+confirm, but since
JG> those who want to abuse will fake from lines anyway, is there much need
JG> for open now that we have +confirm?
Actually I can't think of any serious abuses with auto+confirm. The worst
you can do (without spoofing the codes) is send a few hundred subscribe
messages and spam some poor user with confirmation messages.
But unless you just want that additional control, there isn't much use for
open+confirm unless you are dealing with people who know how to break the
auth codes. (It's not hard, really.)