django-newsfeed icon indicating copy to clipboard operation
django-newsfeed copied to clipboard

Published 20 hours ago verified publisher icon saadmk11

Add option to Unsubscribe via Unique URL in the Sent E-mail

Open KimSJ opened this issue 4 years ago • 3 comments

The current architecture allows malicious unsubscribe. The solution adopted by mailchimp, for example, is to only allow unsubscribe via a link sent with every email, which contains a token which is used to verify authenticity. I'm not sure if this should be the only route to unsubscribe, but it should certainly be an option.

Presumably, the token should be fixed for a given user, so that the unsubscribe link works from any email. Although what happens if a naive user forwards a newsletter? I think one needs a "You have been unsubscribed, if this wasn't your intention, you can resubscribe by clicking this link" confirmation email, perhaps?

KimSJ avatar Sep 25 '20 11:09 KimSJ

This approach does make it more verbose to do mass mailings, though. Can't see a way round that.

KimSJ avatar Sep 25 '20 12:09 KimSJ

I actually prefer this way, but what you said totally makes sense. :) Need to look into it.

saadmk11 avatar Sep 26 '20 06:09 saadmk11

I can see that some people would prefer the current option, so I guess it needs to be a config parameter.

KimSJ avatar Sep 26 '20 09:09 KimSJ