For a long time now, the unsubscribe links in message footers have not required the person to log into their account before unsubscribing (they do ask to confirm first). That means that if someone else were to get one of these links, they could unsubscribe the person. We do send out an easy resubscribe link when someone unsubscribes through this process, so it's not a huge deal, but it would be a nuisance.
When someone replies to a message, we scrub these links from any quoted parts of messages.
I knew there was a 'security hole' in the case of someone forwarding a group message to someone else; the unsubscribe link would be included in the forward, and the receiver could then click the link and unsubscribe the sender. This felt OK to me; making it as easy as possible to unsubscribe is a very good thing.
But what just occurred to me is that for groups that are not set to Reply To Group, this 'security hole' is the default case. We don't see the replies and therefore cannot scrub these links from messages. That's not good. So, I've changed the footers for single messages sent to groups that are not Reply To Group; the unsubscribe links in these messages do require login.
Please let me know if you have any questions.