undefined | Better HN

0 pointsRaed6671y ago0 comments

Just an idea, what if malicious bots started unsubscring thousands of email addresses to harm your business.

Even if you send a confirmation email afterwords that's potentially millions of emails you are sending because of bots.

0 comments

> what if malicious bots started unsubscring thousands of email addresses to harm your business.

GP said:

>> need to confirm that a user "looks human" is for repeated connection attempts in quick enough succession to matter (DDoS prevention)

And even in that case, you could implement other solutions. For example, for unsubscription links, you could pass a "token" in the query string that "verifies" that it's the address' owner unsubscribing. You could generate such token either stateless (JWT, for example, then verify it) or store it somewhere along with the address.

j / k navigate · click thread line to collapse