In all seriousness, here’s what I do to combat Insidious Mailing List Spam. It’s kinda simple.
1. Get one email address for friends and family. Never ever post it online. Never use it for any shopping or anything. This is your email address. There is no mailbox anxiety because you get one email a day to this address and it’s from your dad and you love him.
2. Get another one for mailing lists. Crucially, using a rule, mark every new mail as read on receipt. There is no mailbox anxiety because the “read me” or “keep me unread until I’ve actioned” or whatever is gone. Totally gone. Need to do a thing with an email? Figure out a way outside your inbox to track that.
I started this accidentally about a year ago and it’s a revelation.
This kind of works. But also realize that if your email makes it into their contacts, then phone apps will harvest this. Things like WhatsApp or LinkedIn will definitely harvest these so it’s not nearly as secure as you believe. You could have double indirection where you create a secret email and give everyone a second secret email and forward all emails from there.
I have been doing this for well over 10 years and can confirm the approach, with one small tweaks:
The address for friends and family should be split in 2 - one for the really technologically literate ones, who will never do stupid crap with it like using it in a pinterest "Share this!" form, and one for everyone else (who must never learn you didn't give them "best" address because they're clueless).
Also, if you own a few domains, devote a whole cheap one to mailing lists, online subscription and whatever else. Create a dedicated address everytime you subscribe to a service (like mybank@myjunkmaildomain.icu, amazon@myjunkmaildomain.icu, facebook@myjunkmaildomain.icu, somedodgyonlinemerchant@myjunkmaildomain.icu etc).
This gives you the benefit of seeing who leaked your address when you see spam, of being able to disable them individually, of being able to migrate provider with no impact to your accounts (just repoint your own domain's email forwardings)
You can also use the + for email adress, my.name+facebook@domain.com. No need to register another mail adress for each service. It can lead to problems logging in though, not everyone knows that + is a legal character in mail adresses.
I had enough validation and dictation issues with that approach that I registered a catchall email on a subdomain, so I give out yoursitename@email.example.com. For one thing, anyone wise to that trick will just strip
Panix.com has a feature that sidesteps that problem. It accepts any email address that looks like: hackernews@myname.users.panix.com, where you can customize "hackernews" to be a mailing list, company, or any text; and "myname" is your actual email address, eg myname@panix.com. No charge. Works great. Easily filtered.
> Create a dedicated address everytime you subscribe to a service
I tried this and don’t recommend it.
Yeah, you get the advantage of knowing who leaked your address. But I don’t care. If the ‘spam and lists’ address gets too spammy, I’ll just create another.
The disadvantage is that you have to configure a mail client to send from this address if you ever want to do that, and I found myself doing it far more often than I imagined. Need to write back to a store regarding a transaction? Frequently enough. To my health insurance company for some reason? Of course.
No, the idea is to remove as much friction as possible. This adds friction. Keep it simple.
There are services designed to allow you to think up new email addresses on the fly, with no setup, and still have them delivered. I personally like https://www.spamgourmet.com/ - you can create an identifying address on the fly that also limits the total number of emails you'll receive from that address. It solves all the issues you mentioned - it's frictionless and still allows replies, while preventing spam. The gmail '+' feature works too, but is so high profile that a lot of spammers know how to parse it.
I just set up a wildcard email forwarder on my domain and set up an email address for every domain or website I sign up for (e.g. ycombinator.com@mydomain.net). Keeps everything nicely separated, logins are predictable, and I can track who got my email from where.
It makes certain things more complicated, like authenticating against certain services, or if someone sends and invitation to one of your domain emails, but it works just fine 95% of the time.
I used to have this problem with Gmail because it was easy to receive mail at a new address, but always a 10-minute process to start sending mail from a new address.
I just switched to Fastmail and was pleasantly surprised with their solution. You can set up wildcard response aliases so that if you receive an email to random.onetime@mydomain.net, when you hit reply, it automatically sends from the random.onetime@mydomain.net.
I have never once in my life "signed up" to a mailing list. The only reason I can think of that I receive so much spam is from sites where I've used my email address selling that information to others, or otherwise leaking it.
I have my own domain with [anything]@mydomain.tld gets forward to my real address, so I generally use a unique email address for any service, retailer, mailing list etc. A password manager is a real benefit for this.
I've caught places that get hacked or sold their list and can filter them readily.
I think that this approach also helps reduce the attack surface from a hack as there is little to no reuse of credentials, but at N=1 I can't verify that. Maybe there's an oversight in my approach.
I get a lot of junk mail haha. It's like any time I purchase something from Walmart or Newegg, they subscribe me to like 5 mailing lists.
I wanted something where I could bulk select items in my inbox and have someone else deal with it.
I just made a product I wanted :) But yeah, it's not sustainable in the sense of money -- but in my eyes, if my product becomes less necessary over time, then I did my job right
Make it so that you can gift subscriptions. This is the kind of thing to give to a CEO friend as a gift. If they are actually chief of something, then it saves them time which is precious to them. If it is your friend and his one person marketing firm, makes a fun gift.
Depends.. many types of list maintainers are very bad abusers, political list, charity lists come to mind. You get unsubscribed from that "list" your email gets sold on to multiple lists, also a response or worse a purchase via the mail like this makes yours email higher value.
Anyone who attends a conference once or twice a year. Vendors sponsor those and in return often get access to the attendee list. Name, title, company, email, etc.
One thing I would be worried about is that a lot of emails have auto login urls if you click a button. For example, if you get an email from Quora, you are auto logged into Quora from that link.
Depends on the implementation, at $WORK we have similar mechanism but the links clicked in the email do what's called a partial login that gives basic access to some closed pages but still needs authentication to access or change account details. We have this exactly because people forward emails and such.
The unsubscribe link often has dark patterns to try and defeat your attempt so I can see some getting frustrated and giving up. So maybe for the less technically inclined?
They've made it a lot easier, because now you're not required to sign-in -- which is why this product works.
I just pay my high-school sister $15/hour to manually dig through the links and check unsubscribe for each mailing list for you.
As a tech worker, throwing $5/month to saving me frustration is worth it. Sure, you're exposing your email -- but I'm also exposing my email on my personal website, and literally any company I register on.
I think the way you've set it up is really great, allowing the user to try out/start using the product and just let them when they owe money seems very simple.
However, personally I would not use it as I find it easy to unsubscribe via gmail already.
Yeah, Gmail is nice because it shows a little gray unsubscribe link that they pluck out. I use Thunderbird with Protonmail and it doesn't have that... and I really don't want to go back to Gmail :/
I've gotten into the habit of spam labeling these emails, hoping they contribute to the great spam filter in the sky. This works much better than unsubscribing because most of these emails aren't even intended for me but the jerks who keep using my email address to sign up for services and aren't required to verify the email address they provided.
One thing I've realized having moved away from Gmail to fastmail, is the importance of owning your spam data as I had to train Fastmail's spam system.
You mean it gets the spammer blacklisted so they risk being unable to contact me.
I've actually pinged a couple of services to let them know that spamming me is a security vulnerability, because they loose their ability to contact me.
Let's say you often buy on Amazon (or any other online shop), they send you a newsletter. If you mark it as spam instead of unsubscribing, you could be losing some of their emails you'd want to see (order confirmation, response to a message you sent them, etc).
I have simple solution for that.
If the newsletter doesn't stop and keeps coming, I would just cancel my email address amzn1@mydomain and open another one amzn2@mydomain.
If the spam persists, I just move business elsewhere. As simple as that.
Really? How would they even know? I've been clicking "report as spam" for anything with a not-immediately-obvious or intentionally complicated unsubscribe button (to punish shady tactics) for a very long time now and I haven't seen any signs of missing any order confirmations.
If you didn’t subscribe, don’t unsubscribe. Set up a filter that auto-reports as spam. That way you don’t have to see it ever again, but you still give spam filters a fighting chance at stopping other people from seeing it too. The more you hurt their deliverability, the less effective spamming will become.
Are you saying that a substantial number of people is routinely using your _fastmail_ address with services that send _marketing_ emails to _unverified_ email addresses?
I find this highly implausible.
Edit -
Why the downvotes? If I read the OP correctly, they have such a common address that random people mindlessly type it into various subscription nags. Can you think of a such @fastmail address?
If it's not that common, then their address was just leaked and ended up on the spammers list, so tagging as spam is a proper thing to do. However it sounds like the OP also spam-tags bulk emails they don't like even if they are subscribed to those, which is as ass thing to do. It hinders delivery to others, nicks the sender reputation, etc.
Fastmail allows unlimited aliases. Just use an alias on every shady website and not only can you just delete the alias when you’re done, but you’ll also know who sold away your email address in the first place.
Screenshots including potential personal data contained in forwarded emails?
How long amd where are these screenshots stored and what happens to them afterwards?
Just a thought: what about focusing on the really annoying emails? So that when someone who is not very techie can't figure out why they keep getting the damn emails, they forward them to you? Rather than as a general purpose service.
Also, implement as a gmail plugin if that's possible.
I don't think it breaks any rules but one benefit of prefixing it with Show HN is that it shows up on https://news.ycombinator.com/show (Launch HN does as well but only the "official" ones). Not that it matters considering your post is almost #1 on the front page even without that extra exposure.
I do not want to sound negative but my honest opinion is that you need to work on your price model. Very few people will be ready to pay $5-10 per month(!) for such small convenience. Assuming that you do mostly automatic processing your actual costs should be really small (per user). You can probably offer this service for $5/year and still make profit, while attracting more users.
The site says emails are manually processed and a comment here by the poster [1] states that they pay $15/hr for someone to do it.
I agree that the value isn't there for the pricing, especially as a monthly subscription. $5/month is too expensive considering most people won't even pay that to read content they actually want. All major email providers have spam/unsubscribe buttons already and I don't want to risk forwarding emails to someone else to reveal even more data.
If this was more like a global unsubscribe service that removed me from all major email lists somehow, or helped with other privacy/data cleanup then it might be worth a one-time fee.
What about shady services that won't unsubscribe your email even if you do it from their admin panel or just outright doesn't work? What about services that provide a really complicated unsubscribtion procedure, e.g. enter password, fill multi-page quiz why you are leaving, wait up to 24h for some code that you will have no idea where to enter. And finally, I suspect there are just plain evil "services" that after unsubscribing will put up your email on various spam lists - have fun with even more spam.
Good behaving email marketing services are not the problem, I would gladly pay for a service that deals with those shady ones and maybe even helps to battle spambots on a global scale, by reporting spam to appropriate authorities and even using GDPR laws to stop them. Tried using spamcop once, but most reports end up "nulled" and not actually reported.
That’s not always so easy to find, it’s often in a small font in a hardly visible color at the bottom of the email. Having a button that’s always on the same position is more useful.
So I’ve heard. I’ve become more sensitive lately about providing external services my data.
While I can’t avoid Google completely, I don’t use their web or mobile apps. Same goes for other services, though the issue with google connecting the dots on my online interactions is probably higher than with a small service. There on the other hand security is a higher issue than with Google with many SREs on call if something happens, so at the end of the day I prefer an offline service/program to parse my emails for the inscribe button.
The 'privacy' section is a bit too vague. Sure, you aren't selling my data, but what are you doing with it? What happens to the emails you receive - are they archived or stored, or do you delete them? How secure are they kept?
These messages could have lots of private data in them, even simple things like usernames might be of value to hackers.
That's a fair point. I added an update to the Privacy section. I really don't care about these spam emails, plus Gsuite only offers 30 GB for the plan I purchased. After processing, the emails will be sent to Gmail's trash, which is cleared every 30 days.
Your pricing model does seem to need some work. Credits would likely be a better match than a monthly service. It would better fit the nature of the problem. But, kudos on offering a manual service in a space where automation can easily fail.
Wow. Your comment is 2 hours old and it seems the model is already changed.
Kudos to the author.
> Note: After some input, I have decided to change billing to a credit-based system. Each unsubscribe uses 1 Credit. Over time, you should need this service less and less :)
Haha! That's so expensive. 10 quid a month for the sometimes minor convenience of not hitting the block button when an email has no unsubscribe at the bottom. Is this really the same value as comparably priced subscription services? How did they come up with this pricing model?
As someone who’s responsible for sending emails, all of the comments about “marking it as spam is easier than unsubscribing” really make me cringe.
For several reasons:
1. If you subscribe to a list then please please please take the time to locate the very clearly marked unsubscribe link, or use the one that gmail or your other email client shows. I spend a lot of time making sure it’s suuuper easy to unsubscribe.
2. Spammers know how to get around spam protections when they want to. They can switch domains and do other shady stuff a legit company can’t, so by marking my email as spam because it’s “easier” you’re not helping the fight against spam but rather hurting a legitimate email sender.
Now, if you can’t unsubscribe (because there’s no link, it’s broken, or simply doesn’t actually unsubscribe), and this is a legit company, please please please let them know.
If after all of this you still can’t unsubscribe, hit that spam button twice!
>>> please please please take the time to locate the very clearly marked unsubscribe link
You mean the one word link in font 6 hidden maybe somewhere at the bottom of the email if it's there at all?
I have never seen an easy clearly marked unsubscribe in my life.
When at look at my friends and parents who are not as computer savvy and often don't see things put in front of them, there is no way they would ever manage to unsubscribe from any newsletter. The spam button is a godsend.
What's worse is when the unsubscribe link takes you to a page where you can select the reason why you are unsubscribing, and it doesn't include an option like "I never signed up to this mailing list". I've never in my life checked the box to sign up to any mailing list, so this is always my reason, yet some arrogant marketers believe they always obtain consent when they add emails to their mailing lists and so remove this option.
The even worse scenario is when the unsubscribe workflow is hidden behind a login screen. Unsubscribing from a mailing list should be one of two clicks at most.
> when the unsubscribe link takes you to a page where you can select the reason why you are unsubscribing
It should only take one click on the unsubscribe link in the email for the sender to actually do the unsubscribe. If after processing it the sender is determined to try and stuff a sales and marketing survey on the landing page, I suppose it's hard to stop them, but I won't play "20 questions" just to get the sender to accept that I don't want any more of their emails.
Executive summary: if I can't unsubscribe from your email newsletter with one click, you get the spam filter treatment <sigh>
Spend 20 seconds on the page, couldn't see an unsubscribe button.
Tried to spend another 20 seconds in good faith, still couldn't find it. I honestly don't understand what is the strange layouts of these pages and where is the newsletter even supposed to be.
Spam that is.
P.S. If you're wondering, the news seems to be the left column, then go to the bottom. I don't think having to scroll through 3 screens of texts and pictures to find a button is easy. My not tech savvy parents and friends wouldn't be able to find it.
Why send this crap in the first place? Do you think people actually care to read your HTML + tracking filled pile of junk? Sorry about the tone, but it really does irk me.
You missed that key line. It may surprise you because you personally don’t do this, but regular people love signing up for email newsletters.
This is very different from email sent unexpectedly when you make an account somewhere. The OP was clearly talking about a list the user has asked to receive.
These tend to have fairly clear unsubscribe links in the footer.
IME "asked for" is too often code for "bought something 5 years ago", "didn't read the terms and conditions". Rarely real, informed consent.
The one exception —again, just in my 20 years experience doing this crap— is when you pay them, eg "10% off your first order when you subscribe to our newsletter". This is still more coerced consent than informed, but better than most subscriptions.
As someone who's been doing email marketing for a decade, you'd be subscribed by how many people are more than happy to sign up to a mailing list without being "coerced" as you describe.
We get that you don't like marketing email, but plenty of people do.
It's not just my bias. I'm sensitive to it, but I'm regularly added to mailing lists despite my express lack of consent. We all are.
I also regularly walk clients back from doing exactly the same thing. The perks in marketing don't give a flying French Fancy what the law is. They care about absolute volume.
I did a little exercise last year, took a screenshot of every order form I submitted. I reported a dozen companies to the ICO last year, with documented examples of companies wilfully ignoring GDPR regulations.
So, I should navigate to an external webpage (which can include other forms of tracking) to unsubscribe from an email that was unsolicited? Personally, I'd rather just flag it as junk/spam.
3. This is not an ad hominem, and I'm sure you're part of the 1%, but 99% of newsletters I receive are spam that I never wanted in the first place.
Companies employ a tremendous range of dark patterns to get my consent for email, then flood me with spam. Time after time I have unsubscribed from the "best products of the week"-newsletter, just to receive a "weekly product highlights"-newsletter the next day. According to the logic of the sending company, this is a completely different newsletter that I also have to unsubscribe from.
I mark all of them as spam. I'm sorry the 99% make life more challenging for you.
Nah. You forgot to quote the key word from those definitions: email. Not "newsletters subscriptions", not "promises to receive interesting emails", not "agreements to get sent x mails per week". Spam is unsolicited and/or unwanted email, period.
It does not matter whether you were tricked into subscribing to some newsletter or whether you checked a "receive interesting emails from us" box while paying for something.
If the email you just received is unsolicited and/or unwanted, then it's spam by definition.
"Unwanted" is hard to define in a way not to include many things. When an acquaintance or relative sends me some bullshit meme or a silly joke, that's an unwanted email. It's not spam though.
That's why there usually needs to be some direct or indirect commercial gain involved too.
The legacy definition of spam is any unwanted email, or "unsolicited commercial email"
But in the context of social media, what does spam mean? It isn't email. And an awful lot of it is simply self-promotion or commercial promotion.
And many FB groups and the like are permissive when it comes to posts that are really advertisements, or are just one person's definition of "off topic." And there are mechanisms for reporting content as "spam", but what does that even mean when it isn't an email?
I've found that many people have redefined the term "spam" as repetitive content, not unwanted/unsolicited content. I guess this comes from gamer/chat culture where there is talk of "spamming the jump button" or "spamming the chat" where it isn't the content that is remarkable, it is the repetition. You can kind of see where it comes from as most email spammers are quite repetitive and indiscriminate. But a spam email can be just one, and that definition doesn't seem to fly in the inherently noisy social media context.
I was just struck by this evolution of the term spam when I tried reporting some (unwanted by me) commercial self-promotion on social media, only to be told that it wasn't spam at all because the poster only posted it once. I guess a lot of it comes down to how territorial and defensive people are about their email inbox vs. social media feed.
If the recipient wants to unsubscribe after receiving an automated email, then by definition that mail was spam to them (literally unwanted mail). So marking that mail as "spam" is the correct thing to do, and nobody should care about the sender's feelings nor should they abide by the sender's pleas.
It is up to the sender (1) not to gaud people into subscribing to their newsletters in the first place, and (2) to send actually useful and interesting content to their subscribers.
> Now, if you can’t unsubscribe (because there’s no link, it’s broken, or simply doesn’t actually unsubscribe), and this is a legit company, please please please let them know.
I mostly agree with you, but this point only works if the company is contactable. There are some companies sending stuff from no reply addresses.
Those I just spam. At that scale companies need to be testing, if they’ve left no way to be reached.
I get where you're coming from, but I'd like to offer an alternative perspective. Outside of these mailing lists I never even subscribed to but magically got added to on signing up or what not, I don't receive any spam. Spam in the way it used to be is not a problem today. The mailing list _is_ the spam, and if reporting it makes the spammy business less viable, that's a double win.
No, if you send an unwanted email people have no obligation to ensure your company preserves a good spam rating, and are free to do whatever they want to do with your email.
The good news is that if you improve your process and send less unwanted emails, they'll be less flagged as spam and you'll keep a good spam rating. The system works basically.
The system that you’re talking about is heavily weighted towards sending more stuff to spam than not.
Keeping a good spam rating is an extreme challenge for legit senders, especially when so many people click the spam button for reasons that have to do with laziness and carelessness.
Lasiness and carelessness?
If people click the spam button, you are sending them content they find annoying, end of story.
No need to bring personal defaults into that, your service is not entitled to their attention.
I'm on several mailing lists from US companies that use Cloudflare country filters or similar technologies to block non-US traffic to their sites. So since moving out of the US I have no way of unsubscribing and no way of contacting them, so they all get reported as spam.
Keep this in mind if you run a list and are ever tempted to mass block traffic from your site.
> 1. If you subscribe to a list then please please please take the time to locate the very clearly marked unsubscribe link, or use the one that gmail or your other email client shows.
Teaching people to click unsubscribe links in spam emails is horrible security practice. I know you said “if you subscribed to a list” but it’s hard for me to verify that the sender of the email is the original company I subscribed to.
You mean to say you signed up for a service or subscribed to a newsletter, then see an email from the service or newsletter and don’t know if it’s really that company/person?
Did you check the “to”? Do you look at the url of the unsubscribe link? (Harder when click tracking is on, I know)
And you would rather hurt that company or person because you don’t feel like taking the time?
This makes no sense to me, and I hope I’m not in the minority here.
I think he means that a lot of pure-spam emails include an unsubscribe link that actually proves to the spammer that they've reached a live person, and then they'll resell your address to everyone.
It can be difficult to tell if it's a fake UniversalBankCo email or a real one, even if you are a UniversalBankCo customer.
Divorce yourself from this notion that it's sometimes okay to send it. It's not just a newsletter. It don't care that you now offer free delivery. If the recipient didn't explicitly ask you for marketing communications, you're just as bad as the people offering penis enlargement pills. That's why you get treated the same.
If it is something I asked for, I will click the unsubscribe link.
I have a fundamental issue with "Unsubscribe". In most cases I want to be removed from their registry/"right to be forgotten".
"Unsubscribe" is a smokescreen for the above purpose. Most people believe that "Unsubscribe" makes these companies go away, but in reality it just hides the fact that they still own some of your data. And if it is companies like Google, Facebook, Pinterest, Twitter, they tend to follow you around the web, even if you haven't logged on to their service at the time (this has been discussed plenty).
I am in EU, so GDPR applies. I prefer to (instead) take a few mins and either respond and/or respond and include their "privacy@example.com" asking them as per GDPR to delete me from their records, which they (most) claim to have done so.
In some extreme cases, I filter to auto-delete their crap. I understand the grandfather of this post claiming that we should make the effort to do things clean and neat (which I honestly do and urge friends and family to also do), but there is an imbalance here. Some companies act in a very unethical way. They take the (beneficial to them) gamble that most people will prefer to flag as spam, than go through the multiple hoops of "Unsubscribing". The fact that he/she acts ethically, caring for the marketing effectiveness of his/her efforts makes him the minority (imho).
I don't hate advertisements or advertisers. They are people too. I just dislike the practices of the majority of marketers.
> I have a fundamental issue with "Unsubscribe". In most cases I want to be removed from their registry/"right to be forgotten".
Right, but that's not an unsubscribe issue. You're not trying to unsubscribe from someone's mailing list, you're trying to be removed entirely from their database. They're entirely separate things.
The most annoying thing for me is when my users flag a transactional email as spam (I don’t send marketing). What you don’t want your text only receipt?!
So I reached out to a few of my users to figure out why they were flagging their receipt as spam... turns out they don’t differentiate between the “spam” button and the “delete” button. So really they just didn’t care to have their receipt (perfectly legit) and are clicking whatever button removes it.
The button could say “Launch Nukes” and if removes the message from their immediate view they’ll push it.
The problem is the one of scale and time waste: you are asking recipients to decide whether your email is mass-spam, commercial unsolicited email (also spam), something they subscribed to using a dark pattern (prechecked checkbox), something they subscribed to on purpose (and how long ago). To top it all off, some use those unsubscribe links or embedded images to track and confirm how real a recipient is. And many an unsubscribe link is simply broken.
You have to accept the reality that in very few cases people want these emails, so you are asking them to expend the effort in deciphering origin, purpose and viability of unsubscribing for the few where it will work.
If you are in the legitimate email business, you should design around this reality.
When I started teaching and my school email address was published on the school's website, I discovered the hell that is the ed-tech marketing machine. 90% of the spam I get from these sources, which are usually individual sales reps of medium to large companies, lack any unsubscribe link whatsoever. And these are firms with which I have zero relationship or transaction history.
I'm kind of sympathetic to your plight, at least until I get here:
> Now, if you can’t unsubscribe (because there’s no link, it’s broken, or simply doesn’t actually unsubscribe), and this is a legit company, please please please let them know.
No chance I'm taking the time to do that. 99.99% they already know that it's broken and either made it that way intentionally or intentionally refuse to fix it to boost some kind of performance metrics. Why take the time to contact them? To the spam-filter it rightly goes.
Knowing that it makes people in your line of work cringe makes marking newsletters as spam even more satisfying, so thank you for telling me this. I hope you all cringe so hard your faces get stuck like that.
I mark marketing email as spam, and not because it's easier than unsubscribing.
The vast majority of spam I receive is marketing emails from legitimate companies I bought something from, and who mistakenly think this means I want their marketing emails. I never deliberately subscribe to marketing emails, so if I get one then either:
1) They sent me marketing email without asking, therefore they deserve to be marked as spammers and get the associated hassle.
2) They had some pre-ticked "send me spam" tickybox on a web page designed to distract attention from it, therefore they deserve to be marked as spammers and get the associated hassle.
I do the same with my custom domain with a catch all email-address that end up in one gmail inbox where I have setup specific filters and rules.
Everything I don't care about (ex: linkedin@mydomain) goes straight to trash.
A few things get marked as read and archived automatically (ex: pge@mydomain)
255 comments
[ 1.6 ms ] story [ 263 ms ] threadOr get another email address?
This doesn’t feel very sustainable.
In all seriousness, here’s what I do to combat Insidious Mailing List Spam. It’s kinda simple.
1. Get one email address for friends and family. Never ever post it online. Never use it for any shopping or anything. This is your email address. There is no mailbox anxiety because you get one email a day to this address and it’s from your dad and you love him.
2. Get another one for mailing lists. Crucially, using a rule, mark every new mail as read on receipt. There is no mailbox anxiety because the “read me” or “keep me unread until I’ve actioned” or whatever is gone. Totally gone. Need to do a thing with an email? Figure out a way outside your inbox to track that.
I started this accidentally about a year ago and it’s a revelation.
Also filter all emails with unsubscribe in their body to that folder. Works like a charm.
It works until someone sends an email with cat photos to your secret address and all their contact list, and forget to use bcc.
(I was probably using my Yahoo! address 25 years ago.)
The address for friends and family should be split in 2 - one for the really technologically literate ones, who will never do stupid crap with it like using it in a pinterest "Share this!" form, and one for everyone else (who must never learn you didn't give them "best" address because they're clueless).
Also, if you own a few domains, devote a whole cheap one to mailing lists, online subscription and whatever else. Create a dedicated address everytime you subscribe to a service (like mybank@myjunkmaildomain.icu, amazon@myjunkmaildomain.icu, facebook@myjunkmaildomain.icu, somedodgyonlinemerchant@myjunkmaildomain.icu etc).
This gives you the benefit of seeing who leaked your address when you see spam, of being able to disable them individually, of being able to migrate provider with no impact to your accounts (just repoint your own domain's email forwardings)
Disclaimer: just a satisfied customer.
I tried this and don’t recommend it.
Yeah, you get the advantage of knowing who leaked your address. But I don’t care. If the ‘spam and lists’ address gets too spammy, I’ll just create another.
The disadvantage is that you have to configure a mail client to send from this address if you ever want to do that, and I found myself doing it far more often than I imagined. Need to write back to a store regarding a transaction? Frequently enough. To my health insurance company for some reason? Of course.
No, the idea is to remove as much friction as possible. This adds friction. Keep it simple.
It makes certain things more complicated, like authenticating against certain services, or if someone sends and invitation to one of your domain emails, but it works just fine 95% of the time.
I just switched to Fastmail and was pleasantly surprised with their solution. You can set up wildcard response aliases so that if you receive an email to random.onetime@mydomain.net, when you hit reply, it automatically sends from the random.onetime@mydomain.net.
I've caught places that get hacked or sold their list and can filter them readily.
I think that this approach also helps reduce the attack surface from a hack as there is little to no reuse of credentials, but at N=1 I can't verify that. Maybe there's an oversight in my approach.
Even if they did need it, they wouldn't need it for more than 2-3 months.
I wanted something where I could bulk select items in my inbox and have someone else deal with it.
I just made a product I wanted :) But yeah, it's not sustainable in the sense of money -- but in my eyes, if my product becomes less necessary over time, then I did my job right
You are basically the perfect target market and have no use for it at 10$/mo.
For example with now.sh/Vercel: https://vercel.com/login?with-email=1
I'll probably create rules that sends a blacklist of emails to the trash and warns the user.
They've made it a lot easier, because now you're not required to sign-in -- which is why this product works.
I just pay my high-school sister $15/hour to manually dig through the links and check unsubscribe for each mailing list for you.
As a tech worker, throwing $5/month to saving me frustration is worth it. Sure, you're exposing your email -- but I'm also exposing my email on my personal website, and literally any company I register on.
However, personally I would not use it as I find it easy to unsubscribe via gmail already.
One thing I've realized having moved away from Gmail to fastmail, is the importance of owning your spam data as I had to train Fastmail's spam system.
I've actually pinged a couple of services to let them know that spamming me is a security vulnerability, because they loose their ability to contact me.
Let's say you often buy on Amazon (or any other online shop), they send you a newsletter. If you mark it as spam instead of unsubscribing, you could be losing some of their emails you'd want to see (order confirmation, response to a message you sent them, etc).
This is super convenient when you have ten or more "newsletters" you want to unsubscribe from simultaneously.
Are you saying that a substantial number of people is routinely using your _fastmail_ address with services that send _marketing_ emails to _unverified_ email addresses?
I find this highly implausible.
Edit -
Why the downvotes? If I read the OP correctly, they have such a common address that random people mindlessly type it into various subscription nags. Can you think of a such @fastmail address?
If it's not that common, then their address was just leaked and ended up on the spammers list, so tagging as spam is a proper thing to do. However it sounds like the OP also spam-tags bulk emails they don't like even if they are subscribed to those, which is as ass thing to do. It hinders delivery to others, nicks the sender reputation, etc.
I still prefer to keep my stuff away from Google's grubby hands though. Fastmail's spam filter does get better the longer you train it
I didn't mean to imply fastmail was centralised in the original comment if it came off as that :)
So, you promise to click on any link called "unsubscribe" in any email we forward to you?
Somehow this sounds dangerous. I do hope you are doing that in a proper sandbox or virtual machine.
Also, implement as a gmail plugin if that's possible.
I agree that the value isn't there for the pricing, especially as a monthly subscription. $5/month is too expensive considering most people won't even pay that to read content they actually want. All major email providers have spam/unsubscribe buttons already and I don't want to risk forwarding emails to someone else to reveal even more data.
If this was more like a global unsubscribe service that removed me from all major email lists somehow, or helped with other privacy/data cleanup then it might be worth a one-time fee.
1. https://news.ycombinator.com/item?id=25013979
Good behaving email marketing services are not the problem, I would gladly pay for a service that deals with those shady ones and maybe even helps to battle spambots on a global scale, by reporting spam to appropriate authorities and even using GDPR laws to stop them. Tried using spamcop once, but most reports end up "nulled" and not actually reported.
https://tools.ietf.org/html/rfc8058
While I can’t avoid Google completely, I don’t use their web or mobile apps. Same goes for other services, though the issue with google connecting the dots on my online interactions is probably higher than with a small service. There on the other hand security is a higher issue than with Google with many SREs on call if something happens, so at the end of the day I prefer an offline service/program to parse my emails for the inscribe button.
The 'privacy' section is a bit too vague. Sure, you aren't selling my data, but what are you doing with it? What happens to the emails you receive - are they archived or stored, or do you delete them? How secure are they kept?
These messages could have lots of private data in them, even simple things like usernames might be of value to hackers.
Kudos to the author.
> Note: After some input, I have decided to change billing to a credit-based system. Each unsubscribe uses 1 Credit. Over time, you should need this service less and less :)
Or what about: 5 credits free, 2 free per month, XX additional credits per month through a subscription.
Absolutely outrageous.
Oh, but it's only the price of three latés /s
For several reasons:
1. If you subscribe to a list then please please please take the time to locate the very clearly marked unsubscribe link, or use the one that gmail or your other email client shows. I spend a lot of time making sure it’s suuuper easy to unsubscribe. 2. Spammers know how to get around spam protections when they want to. They can switch domains and do other shady stuff a legit company can’t, so by marking my email as spam because it’s “easier” you’re not helping the fight against spam but rather hurting a legitimate email sender.
Now, if you can’t unsubscribe (because there’s no link, it’s broken, or simply doesn’t actually unsubscribe), and this is a legit company, please please please let them know.
If after all of this you still can’t unsubscribe, hit that spam button twice!
You mean the one word link in font 6 hidden maybe somewhere at the bottom of the email if it's there at all?
I have never seen an easy clearly marked unsubscribe in my life.
When at look at my friends and parents who are not as computer savvy and often don't see things put in front of them, there is no way they would ever manage to unsubscribe from any newsletter. The spam button is a godsend.
It should only take one click on the unsubscribe link in the email for the sender to actually do the unsubscribe. If after processing it the sender is determined to try and stuff a sales and marketing survey on the landing page, I suppose it's hard to stop them, but I won't play "20 questions" just to get the sender to accept that I don't want any more of their emails.
Executive summary: if I can't unsubscribe from your email newsletter with one click, you get the spam filter treatment <sigh>
Just a few easy to find unsub links from emails on the first page of RGE.
https://reallygoodemails.com/emails/stay-cool-during-summer-... https://reallygoodemails.com/emails/find-your-perfect-fit https://reallygoodemails.com/emails/download-the-new-sonos-a... https://reallygoodemails.com/emails/dad-approved
Not including the list-unsubscribe headers all these will have which are trivial to click in most modern email clients.
Tried to spend another 20 seconds in good faith, still couldn't find it. I honestly don't understand what is the strange layouts of these pages and where is the newsletter even supposed to be.
Spam that is.
P.S. If you're wondering, the news seems to be the left column, then go to the bottom. I don't think having to scroll through 3 screens of texts and pictures to find a button is easy. My not tech savvy parents and friends wouldn't be able to find it.
Punish those who abuse it, not everyone. That’s all I’m saying.
You missed that key line. It may surprise you because you personally don’t do this, but regular people love signing up for email newsletters.
This is very different from email sent unexpectedly when you make an account somewhere. The OP was clearly talking about a list the user has asked to receive.
These tend to have fairly clear unsubscribe links in the footer.
The one exception —again, just in my 20 years experience doing this crap— is when you pay them, eg "10% off your first order when you subscribe to our newsletter". This is still more coerced consent than informed, but better than most subscriptions.
We get that you don't like marketing email, but plenty of people do.
I also regularly walk clients back from doing exactly the same thing. The perks in marketing don't give a flying French Fancy what the law is. They care about absolute volume.
I did a little exercise last year, took a screenshot of every order form I submitted. I reported a dozen companies to the ICO last year, with documented examples of companies wilfully ignoring GDPR regulations.
Yeah, I'm also fun at parties.
Those were fun helpdesk tickets to get.
If you're receiving unsolicited marketing emails, that is the literal definition of spam.
Random emails are... random.
Companies employ a tremendous range of dark patterns to get my consent for email, then flood me with spam. Time after time I have unsubscribed from the "best products of the week"-newsletter, just to receive a "weekly product highlights"-newsletter the next day. According to the logic of the sending company, this is a completely different newsletter that I also have to unsubscribe from.
I mark all of them as spam. I'm sorry the 99% make life more challenging for you.
Elsewhere, Wikipedia describes spam as ‘unsolicited or unwanted’.
And vs. Or. Of course spam’s definition should use ‘and’.
When you sign up for a newsletter, and later decide you don’t want it, to call it ‘spam’ is merely metaphorical.
[1]: https://en.wiktionary.org/wiki/spam
[2]: https://en.wikipedia.org/wiki/Spam
It does not matter whether you were tricked into subscribing to some newsletter or whether you checked a "receive interesting emails from us" box while paying for something.
If the email you just received is unsolicited and/or unwanted, then it's spam by definition.
That's why there usually needs to be some direct or indirect commercial gain involved too.
But in the context of social media, what does spam mean? It isn't email. And an awful lot of it is simply self-promotion or commercial promotion.
And many FB groups and the like are permissive when it comes to posts that are really advertisements, or are just one person's definition of "off topic." And there are mechanisms for reporting content as "spam", but what does that even mean when it isn't an email?
I've found that many people have redefined the term "spam" as repetitive content, not unwanted/unsolicited content. I guess this comes from gamer/chat culture where there is talk of "spamming the jump button" or "spamming the chat" where it isn't the content that is remarkable, it is the repetition. You can kind of see where it comes from as most email spammers are quite repetitive and indiscriminate. But a spam email can be just one, and that definition doesn't seem to fly in the inherently noisy social media context.
I was just struck by this evolution of the term spam when I tried reporting some (unwanted by me) commercial self-promotion on social media, only to be told that it wasn't spam at all because the poster only posted it once. I guess a lot of it comes down to how territorial and defensive people are about their email inbox vs. social media feed.
I said please three times because laziness on your part is really really bad for us who do it right.
It is up to the sender (1) not to gaud people into subscribing to their newsletters in the first place, and (2) to send actually useful and interesting content to their subscribers.
I mostly agree with you, but this point only works if the company is contactable. There are some companies sending stuff from no reply addresses.
Those I just spam. At that scale companies need to be testing, if they’ve left no way to be reached.
I send with my name on it, reply to everyone who hits the reply button, and have a live chat (manned by humans) as well as a contact us form.
If someone can’t get in touch with me after all of that... That’s a different problem.
The good news is that if you improve your process and send less unwanted emails, they'll be less flagged as spam and you'll keep a good spam rating. The system works basically.
The system that you’re talking about is heavily weighted towards sending more stuff to spam than not.
Keeping a good spam rating is an extreme challenge for legit senders, especially when so many people click the spam button for reasons that have to do with laziness and carelessness.
Keep this in mind if you run a list and are ever tempted to mass block traffic from your site.
We don’t do any of that, but that’s also something I’ve never thought about.
Can’t you email them?
And if you're not, those users aren't marking your email as spam.
Teaching people to click unsubscribe links in spam emails is horrible security practice. I know you said “if you subscribed to a list” but it’s hard for me to verify that the sender of the email is the original company I subscribed to.
You mean to say you signed up for a service or subscribed to a newsletter, then see an email from the service or newsletter and don’t know if it’s really that company/person?
Did you check the “to”? Do you look at the url of the unsubscribe link? (Harder when click tracking is on, I know)
And you would rather hurt that company or person because you don’t feel like taking the time?
This makes no sense to me, and I hope I’m not in the minority here.
It can be difficult to tell if it's a fake UniversalBankCo email or a real one, even if you are a UniversalBankCo customer.
Divorce yourself from this notion that it's sometimes okay to send it. It's not just a newsletter. It don't care that you now offer free delivery. If the recipient didn't explicitly ask you for marketing communications, you're just as bad as the people offering penis enlargement pills. That's why you get treated the same.
If it is something I asked for, I will click the unsubscribe link.
"Unsubscribe" is a smokescreen for the above purpose. Most people believe that "Unsubscribe" makes these companies go away, but in reality it just hides the fact that they still own some of your data. And if it is companies like Google, Facebook, Pinterest, Twitter, they tend to follow you around the web, even if you haven't logged on to their service at the time (this has been discussed plenty).
I am in EU, so GDPR applies. I prefer to (instead) take a few mins and either respond and/or respond and include their "privacy@example.com" asking them as per GDPR to delete me from their records, which they (most) claim to have done so.
In some extreme cases, I filter to auto-delete their crap. I understand the grandfather of this post claiming that we should make the effort to do things clean and neat (which I honestly do and urge friends and family to also do), but there is an imbalance here. Some companies act in a very unethical way. They take the (beneficial to them) gamble that most people will prefer to flag as spam, than go through the multiple hoops of "Unsubscribing". The fact that he/she acts ethically, caring for the marketing effectiveness of his/her efforts makes him the minority (imho).
I don't hate advertisements or advertisers. They are people too. I just dislike the practices of the majority of marketers.
Right, but that's not an unsubscribe issue. You're not trying to unsubscribe from someone's mailing list, you're trying to be removed entirely from their database. They're entirely separate things.
So I reached out to a few of my users to figure out why they were flagging their receipt as spam... turns out they don’t differentiate between the “spam” button and the “delete” button. So really they just didn’t care to have their receipt (perfectly legit) and are clicking whatever button removes it.
The button could say “Launch Nukes” and if removes the message from their immediate view they’ll push it.
You have to accept the reality that in very few cases people want these emails, so you are asking them to expend the effort in deciphering origin, purpose and viability of unsubscribing for the few where it will work.
If you are in the legitimate email business, you should design around this reality.
I appreciate the pragmatism here!
Do you know of any articles or useful content around this?
I’m not talking about those at all. Nor the ones where you sign up for one thing and then their “sister company” starts sending you email.
> Now, if you can’t unsubscribe (because there’s no link, it’s broken, or simply doesn’t actually unsubscribe), and this is a legit company, please please please let them know.
No chance I'm taking the time to do that. 99.99% they already know that it's broken and either made it that way intentionally or intentionally refuse to fix it to boost some kind of performance metrics. Why take the time to contact them? To the spam-filter it rightly goes.
The vast majority of spam I receive is marketing emails from legitimate companies I bought something from, and who mistakenly think this means I want their marketing emails. I never deliberately subscribe to marketing emails, so if I get one then either:
1) They sent me marketing email without asking, therefore they deserve to be marked as spammers and get the associated hassle.
2) They had some pre-ticked "send me spam" tickybox on a web page designed to distract attention from it, therefore they deserve to be marked as spammers and get the associated hassle.
Feels great having separation on every site
Honestly with 100 sites I've maybe had to delete 1 or 2 so its very low effort