Add option to Unsubscribe via Unique URL in the Sent E-mail

[KimSJ]

The current architecture allows malicious unsubscribe. The solution adopted by mailchimp, for example, is to only allow unsubscribe via a link sent with every email, which contains a token which is used to verify authenticity. I'm not sure if this should be the only route to unsubscribe, but it should certainly be an option.

Presumably, the token should be fixed for a given user, so that the unsubscribe link works from any email. Although what happens if a naive user forwards a newsletter? I think one needs a "You have been unsubscribed, if this wasn't your intention, you can resubscribe by clicking this link" confirmation email, perhaps?

[KimSJ]

This approach does make it more verbose to do mass mailings, though. Can't see a way round that.

[saadmk11]

I actually prefer this way, but what you said totally makes sense. :) Need to look into it.

[KimSJ]

I can see that some people would prefer the current option, so I guess it needs to be a config parameter.