Google manually creates these for large senders, this is not available to just anyone.
There is a standard for this called list-unsubscribe (RFC 8058), but adding the header has no purpose. I have not been able to find an email client that uses the header: Thunderbird, FairEmail, Gmail, Hotmail, and I'm not sure if I asked someone to test it in Outlook but I think so. It is recommended to add the header for lowering your spam score, I don't know if it actually helps, but this one-click unsubscribe thing in your email client's UI seems to be a custom thing they add manually instead of just using the RFC...
If Google wants Gmail to be less spammy, they could start by not implementing double standards that give senders of big newsletters special treatment and a special hole in the spam filter.
You obviously have some kind of axe to grind specifically about List-Unsubscribe but you don't understand how Google implements it. Gmail does support this header, but only for senders with high reputation. If a sender has poor reputation, the support for List-Unsubscribe isn't visible to the user for that message.
> you don't understand how Google implements it. Gmail does support this header, but only for senders with high reputation.
Then how come emails with unsubscribe buttons in the UI do not have the list-unsubscribe header set, and emails with the header do not have the button visible?
Also, I'm not sure that "you don't understand how to use the system" follows from "you can only use the system if you're an invited VIP"
Maybe that unsubscribe link should be at the top then. Interested readers will move past it quickly. People held hostage or cajoled into enrolling will find it quickly.
Also, those unsubscribe links don't necessarily work, even in non-phishing emails.
Besides the usual bad faith (e.g., ignoring unsubscribes, or creating new categories of communications into which users are opted-in), I saw a new one just an hour ago:
The unsubscribe link, in genuine marketing email for a brand, is for some email address other than the one to which the email was sent. (In this case, I was unsubscribing some unlikely-looking earthlink address, of all things, in an uneditable form field.)
> don't necessarily work, even in non-phishing emails
Probably you don't, but just in case: note that if you press such a button for a phishing email in an attempt to get off their list, all you do is confirm that your email address is active and you're interacting with their message
I'm pretty sure that Gmail has support for the `List-Unsubscribe` mechanism [1] which provides email clients with a standardized way for a recipient to unsubscribe from the list with a button-click.
I can't quickly find any documentation about this from Google directly, confirming whether they support it, but there are a lot of 3P websites discussing it. It's kind of frustrating that Google's announcement [2] explicitly mentions one-click unsubscribes, without actually explaining (or linking to) what specific technologies they're talking about:
> Enable easy unsubscription: You shouldn’t have to jump through hoops to stop receiving unwanted messages from a particular email sender. It should take one click. So we’re requiring that large senders give Gmail recipients the ability to unsubscribe from commercial email in one click, and that they process unsubscription requests within two days. We’ve built these requirements on open standards so that once senders implement them, everyone who uses email benefits. emphasis mine)
That paragraph certainly evokes the idea of `List-Unsubscribe` to me, but it'd be nice to know for sure; and to know what if anything specifically sends need to do to be compatible with Gmail.
(Note that I don't think this removes the need for the email body to include an unsubscribe link, since a recipient can't be presumed to be using a client that supports it.)
If you select multiple messages in the list view and mark them as spam, Gmail will ask if you want to also unsubscribe. Probably using this mechanism?
Report Spam and Unsubscribe
These messages will be marked as spam. Would you also like to stop receiving
similar messages from following senders? Learn more.
<list of sender names>
[Report Spam & Unsubscribe] [Report Spam]
>and that they process unsubscription requests within two days.
what's up with this 2 days delay? it's an automated system. isn't this pretty much just updating a field in a database? are they allowing for batches in 24 hour increments? in the days of needing human assistance, i get time delays, but for automated computer systems there should be very little delay.
don't get me started on why in 2023 it still takes time for banks to do things
Not everything reads from live databases. Some marketing is sent by running batch jobs against data sitting in bigquery, hadoop, etc. So even if a write to the source of truth happens at some time, a job running an hour later might not see that update. Also, you may have bulk sending tooling which throttles the rate at which messages get sent out, also slowing down responsiveness to an incoming request to unsubscribe.
The theory is that they might have already generated the list of subscribers when they wrote up the email days earlier, or be working off some mirror of the data, etc.
It's a really dumb theory and the real reason is "because we can and it's very slightly easier".
The GMail iOS app is completely unusable for me. I simply cannot figure out how to read a thread with it. Ive reached the point where I’ve started using the Apple Mail app instead (yech).
> Gmail’s AI-powered defenses stop more than 99.9% of spam
How to lie with statistics :). It's not hard to block all spam if you chuck anything you're not sure about in with the false positives. It's not that Gmail is so much better, it's that they have to care less because everyone has to deal with their dominance on the market
Edit: reading further
> By February 2024, Gmail will start to require that bulk senders:
> 1. Authenticate their email
That is already the case, as evidenced by that the blog post links to an existing help article of theirs to an existing error code that I have indeed encountered as a sender. They mention having rolled this out last year, which fits the timeline on my side.
> 2. Enable easy unsubscription
That has long been required by law. Did they not factor this in yet?!
> 3. [Stay below] a clear spam rate threshold that senders must stay under to ensure Gmail recipients aren’t bombarded with unwanted messages. This is an industry first
Here we go, this is the meat. So if someone wants to annoy you, they can sign up for your newsletter and hit the spam button and everyone will stop receiving all email from your site (such as signup confirmations, password resets... you're basically out of business).
Users do not understand the spam button is meant for spam, not for anything they don't want to receive anymore, which is why it's so useful to have an unsubscribe button in the UI that actually works, but Gmail doesn't show that (see my other comment in this thread https://news.ycombinator.com/item?id=37773525).
"Industry first" indeed... few others have the market power to demand these sorts of things and require senders to spend (wo)manpower on manually resolving delivery issues for individual receivers. If a random ISP would start doing this, the people at that ISP would just get mad that email often does not arrive. With Google, who is going to blame Google? Clearly the site you're signing up on is broken.
I disagree with your characterization of the spam flagging and that people need to learn how to use it.
If you made it hard for me to unsubscribe, ignore my unsubscribe request, or start spamming me because I did some other business with you and you think that gives you the right to send me marketing emails, I am absolutely clicking that spam button, and I am not wrong.
Oh sure, if it's hard to unsubscribe then I will totally use anti-spam mechanisms to block that as well. I am talking about the case where people engage the spam button for email that they (1) can unsubscribe from using the standard one-click unsubscribe link at the bottom of the email, and (2) have either explicitly signed up for or that is otherwise from a legitimate sender that complies with your local laws and will honor the unsubscription.
Spammers are absolutely not going to care about the unsubscribe link, in fact it will likely put you higher on their list for engaging with the email.
By not understanding this difference, by not 'learning' how to use it as you say, it is very hard for services (e.g. messaging services also struggle with this) to know what is spam and what people newly want to stop receiving.
> is otherwise from a legitimate sender that complies with your local laws and will honor the unsubscription.
those are the worst.. If I don't remember subscribing I always mark them as spam, even if there is a big prominent "unsubscribe" button. I'd still be doing that if the unsubsrube was built into UI.
Why? My email got on some list somewhere and now I am getting an emails from various "trusted partners". Sure, there is an unsubscribe button and I would not be surprised if it works _for that sender_ but it has no point as there will be a new sender next week.
Marking everything like this as spam is the only reasonble resort. Yes, this will not save my inbox, but at least it might help the next person.
> > is otherwise from a legitimate sender that complies with your local laws and will honor the unsubscription.
> those are the worst
If it's legal in your area to send unsolicited commercial email, obviously that problem is not just going to go away because it gains them a competitive advantage to do so.
> [when m]y email got on some list somewhere and now I am getting an emails from various "trusted partners".
Yea that isn't legal where I live. For me, that would totally fall in the "smash that report-as-spam button" category, so I can very much understand your sentiment
> (1) can unsubscribe from using the standard one-click unsubscribe link at the bottom of the email, and (2) have either explicitly signed up for or that is otherwise from a legitimate sender that complies with your local laws and will honor the unsubscription.
That's not the bar of spam. Spam existed well before legislation to combat it. Spam is anything that you don't want to receive and weren't asked if you wanted to receive. That includes a wide variety of emails which are legal in most jurisdictions (like the ones GP mentioned).
> have either explicitly signed up for or that is otherwise from a legitimate sender that complies with your local laws and will honor the unsubscripti
2 points:
I'd agree that using spam for something a user has signed up for would be unfair, but only in the sense that they understood clearly they were signing up for emails, and not, for example, a confusing opt out tick tied to their purchase. You totally deserve the spam box for that latter one.
Similarly, honouring local requirements for unsubscribe is not enough to get you out of spam reports if you didn't have a reason to email me to begin with. That you have a new product or newsletter or corporate announcement isn't good enough, but many marketing people believe it is. The fact that they can't self police is why I'm ok with email providers being strict about this.
Really the one thing I miss since moving from Gmail is the knowledge that my use of the spam button hurt deliverability for senders of spammy emails more widely than just my own inbox.
> but only in the sense that they understood clearly they were signing up for emails, and not, for example, a confusing opt out tick tied to their purchase
Agree! (With the side note that this is already illegal in my area.)
> Really the one thing I miss since moving from Gmail is the knowledge that my use of the spam button hurt deliverability for senders of spammy emails more widely than just my own inbox.
Agree here, too: a unified list of spammy senders would be nice so we can work together and keep inboxes clean everywhere.
But it should cut both ways.
A sibling comment mentioned they hit the spam button per the definition of "when I do not want to receive the email". That could mean a personal email from their mom that they weren't wanting to read on a sunday, a legitimate invoice for an activity they booked, or literally anything else. Those people should either be banned from influencing a sender's spam score, or at least be ranked 10-100x lower. (Taking this idea one step too far, probably:) We could even tie those email addresses to other services: just ask youtube, discord, HN, reddit, etc. how often flagging/reporting is used as super-downvote button. If those people are registered as willfully misunderstanding the purpose of the button, that frees up a lot of resources and can increase the rate of correct spam detection significantly by having good labeling on data.
> or that is otherwise from a legitimate sender that complies with your local laws and will honor the unsubscription.
I think your (luvb1e's) issue is that you don't understand the fundamental definition of SPAM:
SPAM is anything that the sender (not the recipient) defines as SPAM.
For example, a few years ago I bought something from L. L. Bean. In addition to my order confirmation, shipping confirmation, thank you email, surveys, ect, they also automatically put me on their daily email flyer.
All of these emails were legal. Some of the emails were in the "grey area" between legit email and SPAM. The daily email flyer that I never signed up for: 100% SPAM. (And 100% legal.)
Remember: It's my inbox, so I define what I consider SPAM to be SPAM. L. L. Bean can't twist the definition of SPAM so that their SPAM is really something else, and then blame me for hitting the SPAM button.
That's like saying: it's my back yard, I'll decide which laws apply here and who can deal drugs here
It's nice to decide on one's own what legislation should look like, but that muddles the detection of real spam. You are signaling to your email provider that this email should never have been sent and that the sender is dishonestly sending garbage around. If the email was legal in your area, I would say the problem lies there, because no amount of spam button pressing will solve the problem if they continue to have a commercial advantage by sending unsolicited commercial email.
The daily flyer that I never signed up for is "real spam." It doesn't matter who sends it.
You can't go and say, "oh, we're not spoofing and harvesting so we're not spam." That's just writing your own loophole so you can hijack my inbox and turn it into a billboard.
And remember, I bear the burden of my inbox being full of email that I never subscribed to and will never read. Pushing the spam button has no consequence to me, but hopefully it will trigger consequences for somebody who thinks that my inbox should be their billboard.
It's not my duty to click an unsubscribe button if I didn't subscribe in the first place.
Companies like LinkedIn decide logging in gives them consent to start spamming you. Name a single company besides maybe amazon that if you place an order, they don't automatically put you into their marketing emails?
It's all spam. By definition. I didn't ask for this, you are sending it to me. I don't care how easy you make it for me to stop you from sending it, I shouldn't have been getting it in the first place.
> It's not my duty to click an unsubscribe button if I didn't subscribe in the first place.
Then it's also not your duty to click the spam button??
Joking aside, that's not the kind of email I am talking about. Spam is spam and should be flagged as spam. If you get benign email that complies with all the anti-spam legislation but you just don't want it, then use unsubscribe.
Using the spam button for things that are not spam muddles the data labeling and increases spam rates because the email service operators can't use it to tell what is actually spam and what is a frustrated (or perhaps simply ignorant) user.
I find that I don’t mind _bulk emails_ I mind having a high volume of emails in my inbox.
I’ve gotten a lot of value over the years by having marketing emails in my archive (price history, etc). What I wish gmail did was come up with a really easy system for automatically setting up a “tag and skip inbox” filter for emails.
> That has long been required by law. Did they not factor this in yet?!
This isn't generally required by law (but please correct me if I'm wrong; it's been some time since I worked in the email industry.) Requiring this from large senders is going beyond what the law requires.
Not all messages are subject to the laws that do exist around bulk email. For example, under the US CAN-SPAM law, "transactional" messages like purchase or shipping confirmations are not required to have unsubscribe links (even though they may be sent in bulk).
Some classes of bulk email that normal people think of as marketing are also exempt from the law, such as email from political campaigns. There are also gray areas, like transactional messages having a certain amount of marketing content in them.
I also believe the laws pertaining to bulk email do not apply to individual messages sent by a human. A particular email might be lawful for a single person to send individually, even though it might be unlawful for a program to send the same email as part of a bulk campaign.
It's unfortunately and surprisingly difficult to make generalizations about email.
> This isn't generally required by law (but please correct me if I'm wrong; it's been some time since I worked in the email industry.)
I was thinking of commercial, not transactional email at that time. For that, the law that I'm familiar with: https://www.acm.nl/nl/verkoop-aan-consumenten/reclame-en-ver... and I tend to assume that most things that we have in the Netherlands are EU-wide, either in spirit or by being EU-originated legislation. Checking Wikipedia's spam article, four clicks and some ctrl+f'ing later, yes:
> provided that customers clearly and distinctly are given the opportunity to object, free of charge and in an easy manner, to such use of electronic contact details [...] on the occasion of each message
For transactional email, I don't really see the point of unsubscribe links. What's one-click unsubscribe supposed to do when you press it on a StreamSeries invoice, cancel your subscription because they won't be able to invoice you anymore for the streaming service? The only legitimate instance that comes to mind is if a third party filled in your email address and is triggering the emails to annoy you, then unsubscribe could make sense, but that could also just be prevented from happening by doing the (typical) email validation step.
I appreciate email as a marketing channel. I sign up for several newsletters. I read them sometimes. I don't at others. If I find they offer nothing of interest or value to me, I unsubscribe. If I continue receiving emails after unsubscribing, then we have a problem.
I rarely have issues with companies which actually abide by things like the CAN SPAM Act.
What is it with these comments? I'm not sending you a "damned" newsletter, go complain to someone else. Emails from my server are either my personal emails, or from one of various websites/tools which can send you emails, for example to notify you of when a player you chose to follow uploaded a new level, when the local river is exceptionally low or rising sharply or whatnot, when security updates were applied... thing that you asked to receive.
I'm sorry if you're as pissed off about marketing garbage as I am but I am not your problem.
At least to hobbyist services like mine, by hitting spam and not using the proper unsubscribe mechanism on emails that are not spam by any definition, it becomes very hard to run these things and not have a quarter of the people (particularly on google services) complain they don't receive the requested email. They assume the problem lies with me because google couldn't possibly ever make a mistake, they're too big for that and clearly it works for everyone else (yeah, everyone else runs commercial services and either indirectly contracts or employs people whose full-time job it is to make sure that sent emails dance to the tune of a few big providers)
> So if someone wants to annoy you, they can sign up for your newsletter
I'm sure you aren't the problem, but in general, every time you do business with any company they sign you up for marketing garbage on an opt-out basis. I personally do actually use the "proper unsubscribe mechanism" on these things but I have absolutely no sympathy for them and I hope Google just decides to unilaterally end this practice.
> Here we go, this is the meat. So if someone wants to annoy you, they can sign up for your newsletter and hit the spam button and everyone will stop receiving all email from your site (such as signup confirmations, password resets... you're basically out of business).
Except everyone already does that and the bar is, presumably, significantly higher than one person.
> the spam button is meant for spam, not for anything they don't want to receive anymore
What you're seeing is that the spam button is meant for spam, i.e. anything they don't want to receive. Trust me, they didn't want to receive it in the first place.
If I had a dime for every crappy company who signed me up for emails without my consent because I had one interaction with their business that involved an email, and then switches their entire "newsletter" infrastructure yearly... I wonder why...
> What you're seeing is that the spam button is meant for spam, i.e. anything they don't want to receive. Trust me, they didn't want to receive it in the first place.
Third reply I read to my comment, third accusation.
What makes you think I am some sort of soulless adfarm person? What in my comment gives you that impression?
Trust me, if you receive an email from my server, you want to read it because: you asked for it. I don't send unsolicited email, I don't run a commercial service. Go complain to someone else if you have a problem with their service, don't blame me for your inbox problems
> Users do not understand the spam button is meant for spam, not for anything they don't want to receive anymore
Anymore?
I never signed up for any of the commercial email I receive. But Gmail does a good job keeping it out of my primary, so the situation is tolerable.
99.99999% of claims that I asked for an email are lies. In light of that fact, the burden is on the sender to prove beyond a shadow of a doubt that I asked for what they sent. If they can't prove that in a court of law, they deserve to be marked as spam.
I am thinking of the broader case here, as someone who runs various websites/tools for various purposes, quite a few of which can send you email to notify you of when a player you follow uploaded a new level, when the local river is exceptionally low or rising sharply or whatnot, when security updates were applied... you may not care about these anymore and not realize that one is being a nuisance, at least to hobbyist services like mine, by just hitting spam and not using the proper unsubscribe mechanism. In other countries, I can understand why: unsubscribing isn't required to be one-click, and even domestically a lot of companies do not honor the law to the letter.
Actually it's usually just accounts the spammer signed up for that purpose. It's so easy to get an account that there's no point bothering to steal credentials.
So the short version is that Google is requiring senders of more than 5,000 messages per day to have DKIM and SPF configured, as well as one-click unsubscribe.
This is excellent to see. Many email providers have made this easy to set up, but many admins don’t go through the extra steps because “it adds complexity” or some other lazy excuse.
I think the final criteria, “don’t send spammy messages” will be harder to comply with. Because marketing staff genuinely don’t see their messages as spam. They see it as an “engagement opportunity” or whatever marketing hoops they jump through to justify another particular email.
I send maybe one message per month to a Gmail address and they already require having DKIM in addition to SPF since last year.
One-click unsubscribe is an internet standard (RFC 8058) which they are currently not using. The article does not say that they will now use it. Presently, they manually implement that functionality for large senders. Let's see what they will actually end up doing.
Agree on the last point. Also note that, if you are blocked as sender, that genuinely sucks for you. Sure, your marketing department will need consoling, but your sign-up rates for anyone using Google services is going to go to zero.
> Enable easy unsubscription: You shouldn’t have to jump through hoops to stop receiving unwanted messages from a particular email sender. It should take one click. So we’re requiring that large senders give Gmail recipients the ability to unsubscribe from commercial email in one click, and that they process unsubscription requests within two days. We’ve built these requirements on open standards so that once senders implement them, everyone who uses email benefits.
Also @dang can you update the submission to be the primary source?
Under that law your unsubscribe link may be a link to a web form when the user enters their address and preferences and clicks a submit button (i.e. multiple clicks)
You're right, it appears Google's new policy is to make the List-Unsubscribe header mandatory, and require certain semantics[0] for the URL it contains, so that they can issue unsubscribe requests on behalf of users in an automated fashion: https://support.google.com/mail/answer/81126#subscriptions
(This wasn't immediately clear to me from the original link or the Google blog post.)
Anecdotal, but I feel like I’ve started getting considerably more spam once I started clicking “unsubscribe” (in lists that I have never signed up for in the first place).
Now I don’t bother anymore and just report as spam without “unsubscribing” (or “confirming as valid email” it feels like).
Depends on the sender. Using fake opt-out links to build lists of verified addresses is a trick almost as old as spam itself. But services like SendGrid actually honor unsubscribes, and I believe monitor the unsubscribe rates of their customers to catch those buying lists.
I'm not a Gmail user, but doesn't Google click the link in the List-Unsubscribe header for you when you mark as spam? The help article linked from the Google blog post implies they do (or they will): https://support.google.com/mail/answer/81126#subscriptions
It prompts you, I believe — “report spam and unsubscribe” or just “report spam”. I never clicked the links from those spammy emails directly but used to accept gmail’s prompt.
If you didn't sign up, it's not legal in the first place, at least not in the Netherlands and it sounds weird if it would be elsewhere (can spin up infinite companies for a few tenners each and keep sending the same list of people spam emails from different legal entities). These senders have no interest in following a law, they're interested in who engages with their emails
I thought you already had to do most of this to have any hope of landing in an inbox on gmail. That’s sure how it’s seemed when configuring outbound mail.
> To add yet another protection, moving forward, we’ll enforce a clear spam rate threshold that senders must stay under to ensure Gmail recipients aren’t bombarded with unwanted messages. This is an industry first, and as a result, you should see even less spam in your inbox.
How is this an industry first? Every large receiving domain has had thresholds that they expect senders to stay under regarding the number of messages that bounce and receive spam complaints. As last I recall, the typical threshold for complaints was around 0.1% of messages (but it's been years since I worked in email). Gmail has certainly had a limit like this of some kind, whether or not they've talked about it.
I do really like what Google has been doing to drive adoption of technologies in email like DKIM, DMARC, TLS, etc. I'm not trying to be critical generally. I'm just surprised by this claim.
Perhaps what's an industry first is telling senders their complaint rate [1], and establishing a clear and transparent threshold on it? (Most of the time, complaint rate thresholds are not documented publicly and transparently). So providing this level of transparency may in fact be an industry first.
What would also be a huge step forward, if Gmail is doing this, is migrating to a concept of email reputation that is entirely based on the sender's domain name (and not their IP address). Reading between the lines in their documentation, this seems to be the case (e.g., the requirement to set up SPF and DKIM) -- and calculating statistics like the complaint rate at that level -- though I can't tell for sure. With DKIM being required for all traffic, hopefully IP-based reputation will be a thing of the past.
[1] Senders should be able to calculate their own complaint rate as long as receivers provide a feedback loop, which most large senders do AFAIK, though unsophisticated senders might not have their own tooling to do this.
Google is referring to Google as an industry[0]. This is an industry first, and as a result, you should feel slightly uncomfortable with the idea.
0: I actually have no idea. I wouldn’t be surprised if the author is just using it as an idiom, despite the fact that it otherwise has a literal meaning which has contextual significance.
Gmail doesn't provide the raw FBL (Feedback loop) data. It's only available in Google Postmaster which has an API for domains you have already setup and have to web scrape to set new domains. Validity took over FBL for a lot of providers and just recently announced you will only get statistics or pay a yearly fee to get the raw FBL data.
I also handle support for an email marketing platform. Users 100% will mark an email as spam then ask that company why they stopped receiving emails. Some will even use the unsubscribe link, write that they receive too many emails, then email asking why they stopped receiving email. It's an imperfect system.
75 comments
[ 3.4 ms ] story [ 192 ms ] threadGmail truncates mails at a really small limit for some dumb reason so many times this isn't visible without extra steps of expanding to the full mail.
There is a standard for this called list-unsubscribe (RFC 8058), but adding the header has no purpose. I have not been able to find an email client that uses the header: Thunderbird, FairEmail, Gmail, Hotmail, and I'm not sure if I asked someone to test it in Outlook but I think so. It is recommended to add the header for lowering your spam score, I don't know if it actually helps, but this one-click unsubscribe thing in your email client's UI seems to be a custom thing they add manually instead of just using the RFC...
References to show that this is not just me not understanding how to implement the rfc: https://stackoverflow.com/questions/4365850/list-unsubscribe... https://serverfault.com/questions/329032/how-to-add-the-list... I also checked emails that do show an unsubscribe button in the client's UI (such as a large pizza ad sender) and they do not have a list-unsubscribe header set at all.
If Google wants Gmail to be less spammy, they could start by not implementing double standards that give senders of big newsletters special treatment and a special hole in the spam filter.
Then how come emails with unsubscribe buttons in the UI do not have the list-unsubscribe header set, and emails with the header do not have the button visible?
Also, I'm not sure that "you don't understand how to use the system" follows from "you can only use the system if you're an invited VIP"
Are you mad at the right party?
Besides the usual bad faith (e.g., ignoring unsubscribes, or creating new categories of communications into which users are opted-in), I saw a new one just an hour ago:
The unsubscribe link, in genuine marketing email for a brand, is for some email address other than the one to which the email was sent. (In this case, I was unsubscribing some unlikely-looking earthlink address, of all things, in an uneditable form field.)
The unsubscribe link in each email only lets you unsubscribe from that one specific notification type.
You have to login to go through and disable them all (a 5 minute task by itself) but then when they add new groups or types its auto-enabled.
Super frustrating and led to me deleting my account.
Probably you don't, but just in case: note that if you press such a button for a phishing email in an attempt to get off their list, all you do is confirm that your email address is active and you're interacting with their message
I can't quickly find any documentation about this from Google directly, confirming whether they support it, but there are a lot of 3P websites discussing it. It's kind of frustrating that Google's announcement [2] explicitly mentions one-click unsubscribes, without actually explaining (or linking to) what specific technologies they're talking about:
> Enable easy unsubscription: You shouldn’t have to jump through hoops to stop receiving unwanted messages from a particular email sender. It should take one click. So we’re requiring that large senders give Gmail recipients the ability to unsubscribe from commercial email in one click, and that they process unsubscription requests within two days. We’ve built these requirements on open standards so that once senders implement them, everyone who uses email benefits. emphasis mine)
That paragraph certainly evokes the idea of `List-Unsubscribe` to me, but it'd be nice to know for sure; and to know what if anything specifically sends need to do to be compatible with Gmail.
(Note that I don't think this removes the need for the email body to include an unsubscribe link, since a recipient can't be presumed to be using a client that supports it.)
[1] https://www.ietf.org/rfc/rfc2369.txt [2] https://blog.google/products/gmail/gmail-security-authentica...
They do not, see my comment in reply to a sibling thread: https://news.ycombinator.com/item?id=37773525
what's up with this 2 days delay? it's an automated system. isn't this pretty much just updating a field in a database? are they allowing for batches in 24 hour increments? in the days of needing human assistance, i get time delays, but for automated computer systems there should be very little delay.
don't get me started on why in 2023 it still takes time for banks to do things
It's a really dumb theory and the real reason is "because we can and it's very slightly easier".
Also, why is it so hard to forward/reply all?
How to lie with statistics :). It's not hard to block all spam if you chuck anything you're not sure about in with the false positives. It's not that Gmail is so much better, it's that they have to care less because everyone has to deal with their dominance on the market
Edit: reading further
> By February 2024, Gmail will start to require that bulk senders:
> 1. Authenticate their email
That is already the case, as evidenced by that the blog post links to an existing help article of theirs to an existing error code that I have indeed encountered as a sender. They mention having rolled this out last year, which fits the timeline on my side.
> 2. Enable easy unsubscription
That has long been required by law. Did they not factor this in yet?!
> 3. [Stay below] a clear spam rate threshold that senders must stay under to ensure Gmail recipients aren’t bombarded with unwanted messages. This is an industry first
Here we go, this is the meat. So if someone wants to annoy you, they can sign up for your newsletter and hit the spam button and everyone will stop receiving all email from your site (such as signup confirmations, password resets... you're basically out of business).
Users do not understand the spam button is meant for spam, not for anything they don't want to receive anymore, which is why it's so useful to have an unsubscribe button in the UI that actually works, but Gmail doesn't show that (see my other comment in this thread https://news.ycombinator.com/item?id=37773525).
"Industry first" indeed... few others have the market power to demand these sorts of things and require senders to spend (wo)manpower on manually resolving delivery issues for individual receivers. If a random ISP would start doing this, the people at that ISP would just get mad that email often does not arrive. With Google, who is going to blame Google? Clearly the site you're signing up on is broken.
As big a problem as spammers are seemingly indifferent anti-spammers.
If you made it hard for me to unsubscribe, ignore my unsubscribe request, or start spamming me because I did some other business with you and you think that gives you the right to send me marketing emails, I am absolutely clicking that spam button, and I am not wrong.
There is a low bar for what constites spam.
Spammers are absolutely not going to care about the unsubscribe link, in fact it will likely put you higher on their list for engaging with the email.
By not understanding this difference, by not 'learning' how to use it as you say, it is very hard for services (e.g. messaging services also struggle with this) to know what is spam and what people newly want to stop receiving.
those are the worst.. If I don't remember subscribing I always mark them as spam, even if there is a big prominent "unsubscribe" button. I'd still be doing that if the unsubsrube was built into UI.
Why? My email got on some list somewhere and now I am getting an emails from various "trusted partners". Sure, there is an unsubscribe button and I would not be surprised if it works _for that sender_ but it has no point as there will be a new sender next week.
Marking everything like this as spam is the only reasonble resort. Yes, this will not save my inbox, but at least it might help the next person.
> those are the worst
If it's legal in your area to send unsolicited commercial email, obviously that problem is not just going to go away because it gains them a competitive advantage to do so.
> [when m]y email got on some list somewhere and now I am getting an emails from various "trusted partners".
Yea that isn't legal where I live. For me, that would totally fall in the "smash that report-as-spam button" category, so I can very much understand your sentiment
That's not the bar of spam. Spam existed well before legislation to combat it. Spam is anything that you don't want to receive and weren't asked if you wanted to receive. That includes a wide variety of emails which are legal in most jurisdictions (like the ones GP mentioned).
2 points:
I'd agree that using spam for something a user has signed up for would be unfair, but only in the sense that they understood clearly they were signing up for emails, and not, for example, a confusing opt out tick tied to their purchase. You totally deserve the spam box for that latter one.
Similarly, honouring local requirements for unsubscribe is not enough to get you out of spam reports if you didn't have a reason to email me to begin with. That you have a new product or newsletter or corporate announcement isn't good enough, but many marketing people believe it is. The fact that they can't self police is why I'm ok with email providers being strict about this.
Really the one thing I miss since moving from Gmail is the knowledge that my use of the spam button hurt deliverability for senders of spammy emails more widely than just my own inbox.
Agree! (With the side note that this is already illegal in my area.)
> Really the one thing I miss since moving from Gmail is the knowledge that my use of the spam button hurt deliverability for senders of spammy emails more widely than just my own inbox.
Agree here, too: a unified list of spammy senders would be nice so we can work together and keep inboxes clean everywhere.
But it should cut both ways.
A sibling comment mentioned they hit the spam button per the definition of "when I do not want to receive the email". That could mean a personal email from their mom that they weren't wanting to read on a sunday, a legitimate invoice for an activity they booked, or literally anything else. Those people should either be banned from influencing a sender's spam score, or at least be ranked 10-100x lower. (Taking this idea one step too far, probably:) We could even tie those email addresses to other services: just ask youtube, discord, HN, reddit, etc. how often flagging/reporting is used as super-downvote button. If those people are registered as willfully misunderstanding the purpose of the button, that frees up a lot of resources and can increase the rate of correct spam detection significantly by having good labeling on data.
I think your (luvb1e's) issue is that you don't understand the fundamental definition of SPAM:
SPAM is anything that the sender (not the recipient) defines as SPAM.
For example, a few years ago I bought something from L. L. Bean. In addition to my order confirmation, shipping confirmation, thank you email, surveys, ect, they also automatically put me on their daily email flyer.
All of these emails were legal. Some of the emails were in the "grey area" between legit email and SPAM. The daily email flyer that I never signed up for: 100% SPAM. (And 100% legal.)
Remember: It's my inbox, so I define what I consider SPAM to be SPAM. L. L. Bean can't twist the definition of SPAM so that their SPAM is really something else, and then blame me for hitting the SPAM button.
That's like saying: it's my back yard, I'll decide which laws apply here and who can deal drugs here
It's nice to decide on one's own what legislation should look like, but that muddles the detection of real spam. You are signaling to your email provider that this email should never have been sent and that the sender is dishonestly sending garbage around. If the email was legal in your area, I would say the problem lies there, because no amount of spam button pressing will solve the problem if they continue to have a commercial advantage by sending unsolicited commercial email.
The daily flyer that I never signed up for is "real spam." It doesn't matter who sends it.
You can't go and say, "oh, we're not spoofing and harvesting so we're not spam." That's just writing your own loophole so you can hijack my inbox and turn it into a billboard.
And remember, I bear the burden of my inbox being full of email that I never subscribed to and will never read. Pushing the spam button has no consequence to me, but hopefully it will trigger consequences for somebody who thinks that my inbox should be their billboard.
Companies like LinkedIn decide logging in gives them consent to start spamming you. Name a single company besides maybe amazon that if you place an order, they don't automatically put you into their marketing emails?
It's all spam. By definition. I didn't ask for this, you are sending it to me. I don't care how easy you make it for me to stop you from sending it, I shouldn't have been getting it in the first place.
Then it's also not your duty to click the spam button??
Joking aside, that's not the kind of email I am talking about. Spam is spam and should be flagged as spam. If you get benign email that complies with all the anti-spam legislation but you just don't want it, then use unsubscribe.
Using the spam button for things that are not spam muddles the data labeling and increases spam rates because the email service operators can't use it to tell what is actually spam and what is a frustrated (or perhaps simply ignorant) user.
I’ve gotten a lot of value over the years by having marketing emails in my archive (price history, etc). What I wish gmail did was come up with a really easy system for automatically setting up a “tag and skip inbox” filter for emails.
They do. It's the whole reason why I use gmail.
When I'm looking at an email that I want to filter, I hit the hamburger menu and select "filter emails like this."
There's also these instructions: https://support.google.com/mail/answer/6579?hl=en
Google: Here's our spam email discussing how we protect you from spam.
Me: But why am I seeing this message in my inbox instead of spam?
Google:
> That has long been required by law. Did they not factor this in yet?!
This isn't generally required by law (but please correct me if I'm wrong; it's been some time since I worked in the email industry.) Requiring this from large senders is going beyond what the law requires.
Not all messages are subject to the laws that do exist around bulk email. For example, under the US CAN-SPAM law, "transactional" messages like purchase or shipping confirmations are not required to have unsubscribe links (even though they may be sent in bulk).
Some classes of bulk email that normal people think of as marketing are also exempt from the law, such as email from political campaigns. There are also gray areas, like transactional messages having a certain amount of marketing content in them.
I also believe the laws pertaining to bulk email do not apply to individual messages sent by a human. A particular email might be lawful for a single person to send individually, even though it might be unlawful for a program to send the same email as part of a bulk campaign.
It's unfortunately and surprisingly difficult to make generalizations about email.
I was thinking of commercial, not transactional email at that time. For that, the law that I'm familiar with: https://www.acm.nl/nl/verkoop-aan-consumenten/reclame-en-ver... and I tend to assume that most things that we have in the Netherlands are EU-wide, either in spirit or by being EU-originated legislation. Checking Wikipedia's spam article, four clicks and some ctrl+f'ing later, yes:
> provided that customers clearly and distinctly are given the opportunity to object, free of charge and in an easy manner, to such use of electronic contact details [...] on the occasion of each message
https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CEL...
Came into effect in July 2002
For transactional email, I don't really see the point of unsubscribe links. What's one-click unsubscribe supposed to do when you press it on a StreamSeries invoice, cancel your subscription because they won't be able to invoice you anymore for the streaming service? The only legitimate instance that comes to mind is if a third party filled in your email address and is triggering the emails to annoy you, then unsubscribe could make sense, but that could also just be prevented from happening by doing the (typical) email validation step.
Users don't want to receive your god damned newsletter. Just stop using email as a marketing channel.
I rarely have issues with companies which actually abide by things like the CAN SPAM Act.
I'm sorry if you're as pissed off about marketing garbage as I am but I am not your problem.
At least to hobbyist services like mine, by hitting spam and not using the proper unsubscribe mechanism on emails that are not spam by any definition, it becomes very hard to run these things and not have a quarter of the people (particularly on google services) complain they don't receive the requested email. They assume the problem lies with me because google couldn't possibly ever make a mistake, they're too big for that and clearly it works for everyone else (yeah, everyone else runs commercial services and either indirectly contracts or employs people whose full-time job it is to make sure that sent emails dance to the tune of a few big providers)
> So if someone wants to annoy you, they can sign up for your newsletter
I'm sure you aren't the problem, but in general, every time you do business with any company they sign you up for marketing garbage on an opt-out basis. I personally do actually use the "proper unsubscribe mechanism" on these things but I have absolutely no sympathy for them and I hope Google just decides to unilaterally end this practice.
Except everyone already does that and the bar is, presumably, significantly higher than one person.
> the spam button is meant for spam, not for anything they don't want to receive anymore
What you're seeing is that the spam button is meant for spam, i.e. anything they don't want to receive. Trust me, they didn't want to receive it in the first place.
If I had a dime for every crappy company who signed me up for emails without my consent because I had one interaction with their business that involved an email, and then switches their entire "newsletter" infrastructure yearly... I wonder why...
Third reply I read to my comment, third accusation.
What makes you think I am some sort of soulless adfarm person? What in my comment gives you that impression?
Trust me, if you receive an email from my server, you want to read it because: you asked for it. I don't send unsolicited email, I don't run a commercial service. Go complain to someone else if you have a problem with their service, don't blame me for your inbox problems
Anymore?
I never signed up for any of the commercial email I receive. But Gmail does a good job keeping it out of my primary, so the situation is tolerable.
99.99999% of claims that I asked for an email are lies. In light of that fact, the burden is on the sender to prove beyond a shadow of a doubt that I asked for what they sent. If they can't prove that in a court of law, they deserve to be marked as spam.
I am thinking of the broader case here, as someone who runs various websites/tools for various purposes, quite a few of which can send you email to notify you of when a player you follow uploaded a new level, when the local river is exceptionally low or rising sharply or whatnot, when security updates were applied... you may not care about these anymore and not realize that one is being a nuisance, at least to hobbyist services like mine, by just hitting spam and not using the proper unsubscribe mechanism. In other countries, I can understand why: unsubscribing isn't required to be one-click, and even domestically a lot of companies do not honor the law to the letter.
This is excellent to see. Many email providers have made this easy to set up, but many admins don’t go through the extra steps because “it adds complexity” or some other lazy excuse.
I think the final criteria, “don’t send spammy messages” will be harder to comply with. Because marketing staff genuinely don’t see their messages as spam. They see it as an “engagement opportunity” or whatever marketing hoops they jump through to justify another particular email.
One-click unsubscribe is an internet standard (RFC 8058) which they are currently not using. The article does not say that they will now use it. Presently, they manually implement that functionality for large senders. Let's see what they will actually end up doing.
Agree on the last point. Also note that, if you are blocked as sender, that genuinely sucks for you. Sure, your marketing department will need consoling, but your sign-up rates for anyone using Google services is going to go to zero.
> Enable easy unsubscription: You shouldn’t have to jump through hoops to stop receiving unwanted messages from a particular email sender. It should take one click. So we’re requiring that large senders give Gmail recipients the ability to unsubscribe from commercial email in one click, and that they process unsubscription requests within two days. We’ve built these requirements on open standards so that once senders implement them, everyone who uses email benefits.
Also @dang can you update the submission to be the primary source?
https://blog.google/products/gmail/gmail-security-authentica...
https://www.ecfr.gov/current/title-16/chapter-I/subchapter-C...
It's illegal to require users to sign in with a username and password, or click a link in a confirmation email, etc.
(This wasn't immediately clear to me from the original link or the Google blog post.)
[0]: https://datatracker.ietf.org/doc/html/rfc8058
Now I don’t bother anymore and just report as spam without “unsubscribing” (or “confirming as valid email” it feels like).
I'm not a Gmail user, but doesn't Google click the link in the List-Unsubscribe header for you when you mark as spam? The help article linked from the Google blog post implies they do (or they will): https://support.google.com/mail/answer/81126#subscriptions
How is this an industry first? Every large receiving domain has had thresholds that they expect senders to stay under regarding the number of messages that bounce and receive spam complaints. As last I recall, the typical threshold for complaints was around 0.1% of messages (but it's been years since I worked in email). Gmail has certainly had a limit like this of some kind, whether or not they've talked about it.
Update: looks like Gmail landed on that same number of 0.1% as documented in https://support.google.com/mail/answer/81126#spam-rate - with an upper limit being 0.3%.
I do really like what Google has been doing to drive adoption of technologies in email like DKIM, DMARC, TLS, etc. I'm not trying to be critical generally. I'm just surprised by this claim.
Perhaps what's an industry first is telling senders their complaint rate [1], and establishing a clear and transparent threshold on it? (Most of the time, complaint rate thresholds are not documented publicly and transparently). So providing this level of transparency may in fact be an industry first.
What would also be a huge step forward, if Gmail is doing this, is migrating to a concept of email reputation that is entirely based on the sender's domain name (and not their IP address). Reading between the lines in their documentation, this seems to be the case (e.g., the requirement to set up SPF and DKIM) -- and calculating statistics like the complaint rate at that level -- though I can't tell for sure. With DKIM being required for all traffic, hopefully IP-based reputation will be a thing of the past.
[1] Senders should be able to calculate their own complaint rate as long as receivers provide a feedback loop, which most large senders do AFAIK, though unsophisticated senders might not have their own tooling to do this.
Google is referring to Google as an industry[0]. This is an industry first, and as a result, you should feel slightly uncomfortable with the idea.
0: I actually have no idea. I wouldn’t be surprised if the author is just using it as an idiom, despite the fact that it otherwise has a literal meaning which has contextual significance.
I also handle support for an email marketing platform. Users 100% will mark an email as spam then ask that company why they stopped receiving emails. Some will even use the unsubscribe link, write that they receive too many emails, then email asking why they stopped receiving email. It's an imperfect system.
The only one that doesn't seem common to me is ARC.