Slashdot Mirror

← Back to Stories (view on slashdot.org)

UCE Fallout - Newsletter/Mailing List Confirmations are SPAM?

Posted by Cliff on from the even-innocent-communication-is-now-suspect dept.

battlemage asks: "According to this Article [heise.de; Google translation - pretty unreadable], a german court decided on 9/19/02 that the common confirmation E-Mails sent to new subscribers of newsletters could be considered unsolicited e-mail, aka SPAM, if they are sent to somebody who did not actually subscribe. According to German laws, this could actually mean fines for the site running the newsletter. They said it was the site owners obligation to prove that somebody actually requested such e-mail. The question is, how would that be possible without e-mail and without cost-intensive Passport/ID/CreditCard-Checks? I do work on a website in my free-time, and we would probably like to offer newsletters in the future, but I'm now unsure how we could do that." Mailing list and newsletter admins in other countries might do well to keep an eye on this in case such laws migrate to their area.

2 of 36 comments (clear)

  1. TOU by Trane+Francks · · Score: 3, Interesting

    Write it into the terms of usage agreement for joining the newsletter that the user agrees to accept a confirmation e-mail to a user-specified e-mail address. To protect the user, create a server-side database that monitors sign-ups and disallows multiple-signups within a 24-hour period. Additionally, accounts for which no confirmation is received in, say, a 72-hour period would then be moved to an "unconfirmed" database. A user would get a second chance to join and ask for confirmation on this address and, if still unconfirmed, the account would be marked void.

    These are just some ideas on how to take care of it. Unfortunately, there's no real way to do this on the client side....at least none of which I can think.

    --
    ...a FreeDOS contributor: http://www.freedos.org/
  2. Re:Just to put this clear... by beebware · · Score: 4, Interesting

    But surley the site operator had the subscribers IP address as well? I know a few times when I've joined mailing lists via the web, I've received an email along the lines "A request was made at xx-xxx-xx xx:xx:xx from IP address xx.xx.xx.xx to subscribe you to this mailing list. To confirm your subscription, please reply to this mail or click this link. If this subscription is in error, you do not need to do anything".

    This way both parties have knowledge of who attempted the sign up: if the email account owner claims the message is spam, then at least the mail-admin has got a third-party to blame.