I believe he's writing about the mailer codes for the grAAvy train. I don't fly AA and haven't jumped aboard the grAAvy train, but here's the basic idea.
Sign up, and sign your spouse, kids, pets, house plants, etc. up for AA's frequent flyer program. Within a few weeks, those signups should start getting mailers with a code to apply for Citi's AA cards. The mailers effectively have no limiting language and most mailer codes are transferrable. Subject to very basic timing restrictions, you can sign up for a Citi AA even if you already have a Citi AA card, and you can use your spouse's, kids', pets', plants' mailer codes to keep signing up for more Citi AA cards. Until a few months ago, these mailer codes were for the most part reusable, so churners would share, buy, and sell and resell these mailer codes on r/churning. They've since become single use only, which has tightened the market. This grAAvy train has allowed some churners to amass hundreds of thousands to million+ AA miles.
The catch is while these mailer codes are transferrable, you need to enter the intended recipient's (last) name before unlocking the application; and on personal card applications, the application is pre-filled with the intended recipient's full name, address, and other personally identifiable information ("PII"). You can edit the application and put in your own information; nonetheless, the process exposes a stranger's PII to the applicant. Not a big deal if you're using your own mailer codes you've signed up for using your and your spouse's, kids', pets', plants' information. You have their consent, or at least implied consent, and you're not invading anyone else's privacy. But some of these mailer codes come from discarded mail, and that crosses a red line for some but is a shady area for others. And what u/aksurvivorfan is saying is that a lot of the mailer codes on the code sharing thread are generated (likely, using a computer program that's cracked the AA mailer code algorithm), possibly using unsuspecting people's PII. He claims he only dabbles in biz card mailer codes, which don't expose PII, but basically the whole thing is shady A.F.