On Wed, 2015-01-21 at 21:10 -0500, Michael Gilbert wrote: > So anyway, nnnnnn-subscribe can be used to spam confirmation messages > currently, and general mail to the bts from an unknown address will > end up doing the same, but it's basically a non-issue because it's a > rather uninteresting thing to do for anyone that might consider > wanting to do it. I don't know how interesting it would be on an absolute scale, it certainly would be "more interesting than it is now" if we remove the authentication we have. The reason is all that happens now is you get one unwanted email and that is the end of it. In particular the attacker can't force you do to something to prevent the bugs.debian.org from sending further unwanted emails. If you get rid of authentication then the victim, be it you, or your mother, or your local police constable, will have to tell the Debian bugs system to unsubscribe them from a list they never subscribed to in the first place. Perhaps you can suggest a way of explaining the situation to our mothers or local law enforcement agents so they don't end up blaming the Debian bugs system for putting them in this predicament. I struggling to come up with something they would swallow once they learn we could have designed the system to avoid it, but chose not to because we found it convenient to inconvenience them.
Attachment:
signature.asc
Description: This is a digitally signed message part