[Mailman-Users] Any way users can unsubscribe without a password?

[Barry A. Warsaw]

I've just finished implementing a more general confirmation scheme for
Mailman 2.1.  There are two aspects to this.  When an operation
requiring confirmation is performed, a confirmation email message is
sent as before.  However, the confirmation message will include both a
confirming email command and a URL with a unique cookie, and the
operation can be performed either by replying to the message or
visiting the specified URL.

Currently only two confirmable operations are defined: subscribing and
removing.  The above works regardless of e.g. whether the removal
request is coming from cgi or from an email command.  This means a
user can send the message "unsubscribe" to mylist-request with no
address and no password, and they will receive a confirmation
message.  A reply to that message, or a hit on the URL will remove the
user.

(Note that if the user actually knows their password, they can include
it in the web page or email command for immediate removal.)

(Note also that the architecture is general enough that other
confirmable operations could be added in the future.)

While this isn't exactly password-less accounts, I think it
accomplishes basically the same intent.  And it strikes a good balance
between convenience and security.  It means in practice that a user
can get removed from a list without having to remember their password
(or how to get it!), and the two-step removal in that case isn't too
onerous (since most MUAs I suspect would let them click directly on
the URL in the mail message).

Acks go to Les Niles who implemented a rough cut at this.  My
implementation was different, but similar in spirit.

-Barry