Unsubscribe/Subscribe Confirmation Email Looping?
Hello everyone,
I'm getting some troubling reports from various users, who say that they're getting reports from members of their list that unsubscribe from a newsletter, or to be resubscribed, then unsubscribed, etc in a huge loop
The usage log will look a lot like this:
[Tue May 3 16:28:33 2011] listshortname 12
123
12
12 Unsubscription Confirmation Sent for listshortname
list hapless
email@example
com
[Tue May 3 16:28:33 2011] listshortname 12
123
12
12 Unsubscribed from listshortname
unsub_confirm_list hapless
email@example
com
[Tue May 3 16:28:33 2011] listshortname 12
123
12
12 Subscribed to listshortname
unsub_confirm_list hapless
email@example
com
[Tue May 3 18:41:15 2011] listshortname 12
123
12
12 Unsubscribed from listshortname
unsub_confirm_list hapless
email@example
com
[Tue May 3 18:41:15 2011] listshortname 12
123
12
12 Unsubscribed from listshortname
list hapless
email@example
com
[Tue May 3 21:13:34 2011] listshortname 12
123
12
12 Unsubscribed from listshortname
sub_confirm_list hapless
email@example
com
[Tue May 3 21:13:34 2011] listshortname 12
123
12
12 Subscribed to listshortname
sub_confirm_list hapless
email@example
com
[Tue May 3 21:13:35 2011] listshortname 12
123
12
12 Subscription Confirmation Sent for listshortname
list hapless
email@example
com
[Tue May 3 22:22:35 2011] listshortname 12
123
12
12 Unsubscribed from listshortname
sub_confirm_list hapless
email@example
com
[Tue May 3 22:22:35 2011] listshortname 12
123
12
12 Subscribed to listshortname
list hapless
email@example
com
And this pattern will continue to repeat
The first chunk of code is what's supposed to be logged when someone requests to unsubscribe
The second chunk is when what's supposed to be logged when someone confirms the unsub
The third chunk is when someone requests to be subscribed
and the forth chunk is when someone confirms the subscription
Everything looks great, except that the user isn't doing any of this - it's all on autopilot and this pattern will continue to repeat and repeat and repeat, until the list owner finally just removes the email address from the list, permanently
I'm scratching my head at what the base problem is and I currently have absolutely no idea
My first thought was that it's some sort of Denial of Service attack, but it would seem strange to have it target a specific email address that was already subscribed and then have the "attack" span over hours Not a very good attack! This would also mean the pin verification system has been broken, but I'm not sure that's the case, either
My next suspicion, which is a good one, is that there's a bug in Dada Mail, but all my looking hasn't turned up with anything
My most recent suspicion is that it's some sort of auto link prefetching going on with the user's email reader Link prefetching is a really bad idea for email messages, exactly for this reason, but would explain the mechanism that causes this loop:
When a subscriber receives a confirmation email to unsubscribe, it gets followed automatically and they will receive a, "you've been unsubscribed" email, which has a link to subscribe again, which will be followed, automatically, which will send the subscription confirmation email, which will subscribe them That'll send a "you're now subscribed" email, which has a link to unsubscribe them again - and that's where the loop is
That's my current theory
Has anyone on this list experience this problem? Got any other idea what may be going on?
It's very strange, since it happens to maybe 1 out of every 10,000 subscribers The link prefetching could be a sign that the user's machine has been comprised with some sort of virus and this is just a weird side effect of some sort of logging system of the virus itself - I dunno I could really use some help to get to the bottom of all this, though,
- This mailing list is a public mailing list - anyone may join or leave, at any time.
- This mailing list is a group discussion list (unmoderated)
-
Start a new thread, email: dadadev@dadamailproject.com
This is the developer discussion mailing list for Dada Mail.
If you are just looking for support Dada Mail, consult the message boards at:
https://forum.dadamailproject.com
Documentation for Dada Mail:
Specifically, see the Error FAQ:
https://dadamailproject.com/d/FAQ-errors.pod.html
To post to this list, send a message to:
mailto:dadadev@dadamailproject.com
All subscribers of this list may post to the list itself.
Topics that are welcome:
- Constructive critiques on the program (I like, "x", but, "y" needs some work - here's an idea on how to make this better...)
- Bug/Error reports
- Bug fixes
- Request For Comments on any changes to the program
- Help customizing Dada Mail for your own needs
- Patches
- Language Translations
- Support Documentation/Doc editing, FAQ's, etc.
- Discussion of any changes that you would like to be committed to the next version of Dada Mail -
Dada Mail is on Github:
https://github.com/justingit/dada-mail/
If you would like to fork, branch, send over PRs, open up issues, etc.
Privacy Policy:
This Privacy Policy is for this mailing list, and this mailing list only.
Email addresses collection through this mailing list are used explicitly to work within this email discussion list.
We only collect email addresses through our Closed-Loop Opt-In system.
We don't use your email address for any other purpose.
We won't be sharing your email address with any other entity.
Unsubscription can be done at any time. Please contact us at: justin@dadamailproject.com for any help regarding your subscription, including removal from the mailing list.
All mailing list messages sent from us will include a subscription removal link, which will allow you to remove yourself from this mailing list automatically, and permanently.
All consent to use your email address for any other purpose stated at the time of the mailing list subscription will also be revoked upon mailing list removal.