Michael, here's the thing that worries me, and the reason I concentrated on getting as much junk as possible out of the subscriber rosters. In a word, spamtraps. Spamtraps already subscribed, and still subscribed.
http://www.uceprotect.net/en/rblcheck.php?ipr=96.86.170.229 , as an example of the (several) remaining DNSBL entries, says:
What does it mean to be listed at the UCEPROTECT-Level 1? It means abusive activity was seen from IP 96.86.170.229 directly within the last 7 days.
Concrete allegation: IP 96.86.170.229 tried to deliver mail to spamtraps.
_If_ bogus subscriptions have been allowed in the past, then one or more of the subscriptions, to one or more of the four BALUG mailing lists, almost certainly are still spamtraps -- unless I lucked out and pruned them in my recent work.
SO: The above-cited URL permits "express delisting" from the cited DNSBL -- with the caveat that if we haven't fixed the underlying problem, we'll soon get relisted.
I would invite you to look over the situation, then tell me your thoughts about how/whether we can tell that we aren't going to get bogus subscriptions (without 3-way handshake) going forward, and that we don't have any spamtrap addresses remaining in the rosters.
Worst case, if we're pretty sure that bogus subscriptions _have_ been possible, but we've scotched that, e.g., with the mm_cfg.py secret key for subscription forms, then we might have to bite the bullet and require all existing subscribers to re-confirm their desire to be present.