Add option to Unsubscribe via Unique URL in the Sent E-mail #15
Labels
Comments
|
This approach does make it more verbose to do mass mailings, though. Can't see a way round that. |
|
I actually prefer this way, but what you said totally makes sense. :) Need to look into it. |
|
I can see that some people would prefer the current option, so I guess it needs to be a config parameter. |
saadmk11
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The current architecture allows malicious unsubscribe. The solution adopted by mailchimp, for example, is to only allow unsubscribe via a link sent with every email, which contains a token which is used to verify authenticity. I'm not sure if this should be the only route to unsubscribe, but it should certainly be an option.
Presumably, the token should be fixed for a given user, so that the unsubscribe link works from any email. Although what happens if a naive user forwards a newsletter? I think one needs a "You have been unsubscribed, if this wasn't your intention, you can resubscribe by clicking this link" confirmation email, perhaps?
The text was updated successfully, but these errors were encountered: