Often I will get an email notification and happen to be logged out when I click the link. I don't get notified of further changes unless and until I visit that page again when logged in. This has caught me out several times.
I think the visiting and diff links in the email should contain a cookie (based, perhaps, on their user ID - I think bot rollback uses something similar) that identifies the user and clears their wl_notificationtimestamp for that page, even if the user is not logged in.
It would be inappropriate to log a user in automatically, but just clearing the flag should not hurt. The worst that will happen is they get sent more email when further changes are made, and this is probably what they want.