Chuq Von Rospach wrote:
> The idea that came up, which I really like, is to move the
> "authorization" token out of the e-mail space and into the web space.
> Instead of sending an auth string a user has to send back in a way the
> list server can process, you send the user a URL, which points in some
> customized way back to your web site. The web site can then verify the
> token and data, and use the admin password or whatever to sneak behind
> the standard list server mailback authorization.
In addition to the concerns expressed earlier here that this be a complement
to traditional e-mail validation procedures rather than a replacement
for them, I wonder whether this will sufficiently prove that new users
have both inbound and outbound e-mail connectivity with my lists?
I've had more than a few instances of users who could send me e-mail but
not receive it from me, or vice versa, due to a variety of problems.
(And at least one case of someone who could send me e-mail from his
shell account, but not from his browser.)
I rather like the subscribe/acknowledge/confirm mechanism, anyone who
gets through it has not only demonstrated connectivity but at least some
marginal amount of both computer and general literacy, traits that seems to
be all too infrequently displayed on the Internet.