>Well, on a discussion list, other members need to be aware of your
>email address if you post. Imagine if a spammer were to submit an
>unsubscribe to SPAM-L on behalf of anyone who posted? Without
>confirming the unsubscribe requests, said spammer would ruin this
>resource in short order.

I've been running discussion lists for close to two decades, none of
which require confirmation to unsub, and this hypothetical problem has
never, ever, happened. Indeed, I can't remember any maliciously
forged unsubs at all. What does happen is that an ISP screws up and
bounces a bunch of mail by mistake (like Earthlink did last week)
which makes people bounce off the list, so I have to go put them back
on when the ISP fixes the problem.

On the other hand, there are lots of cases where a person's address
changes or is abandoned, and I am really, really tired of list
managers demanding that I forge an unsub from a dead address to get
that dead address off his list. So I accept any unsub without any
verification (although often with a farewell message), and it works
great.

Regards,
John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor
"More Wiener schnitzel, please", said Tom, revealingly.