No one-click unsubscribe? It's spam.

161 points by cpursley ↗ HN
Your marking emails might not have a one-click unsubscribe link but Gmail certainly has a one click spam button.

Two ways you can keep me as a subscriber:

1. Remind me what the hell it is your company does/sells in the first sentence. Between my signup and now, chances are about 95% that I forgot what I even signed up for.

2. Make it easy to unsubscribe. That means a very visible one-click link. Unsubscribing doesn't mean I'm no longer interested in your product. But making it difficult to unsubscribe says a lot about how I will be treated as your customer.

<extra> Go easy on the HTML / CSS / Images. </credit>

112 comments

[ 3.2 ms ] story [ 176 ms ] thread
Companies that make me sign in to unsubscribe, stop doing this.
If I click an unsubscribe link and the company wants me to sign in, I mark it as spam in gmail.
It's amazing how many US based startups does this.
If I didn't explicitly opt in (checking an unchecked checkbox, emailing someone and saying "please subscribe me to your ads", etc.), I mark it as spam.
One of the ACM's email lists makes you log in to unsubscribe, but then I can't access that section of the site because my membership lapsed.

And this organization purports to represent the state of the art in this field.

I'd like to add:

3. I shouldn't have to sign in to unsubscribe.

4. Don't auto-subscribe me to new notification types. (We're ALL looking at YOU LinkedIn.)

Twitter has been doing #4 aggressively as well, which is a bit disappointing, since somehow I assumed they were better about netiquette than LinkedIn is.
Twitter is horrible at that. Every few weeks they add a new notification type that you have to unsubscribe from, lest you get hit with another "newsletter" every few hours.
Linked-In has the spammiest email protocol out of any service I have ever used. Even after signing-in there is no one-click-to-unsubscribe button (they split it into about 12 scattered categories), and they create new categories periodically and opt you in to them. This is downright deceitful. Pro tip: change your email to one that you never use. It literally came down to doing this or deleting my Linked-in account--unfathomable to me. Also: no more f@#$!ng emails at 4 in the morning. This seems like a jackpot CAN-SPAM class action suit.

@easternmonk: That's the thing -- I did mark them as spam in GMail. I assumed it would block future emails from Linked-in but not the case. ... Somehow they continued to come in.

@sehugg: That too! I complained about their this on Facebook and I had friends (yes, plural) who had deleted their account because of the spam and yet were still receiving it. Unbelievable

change your email address with them to myoriginalusername+linkedin@whatever.com

Filter with gay abandon.

Came to leave this comment, not disappointed someone beat me to it.
(So why did you post, then?)
It gives me great joy that both posts appear downvoted. Hopefully mine will be too.
Agreed, spenvo! First thing I do when I sign up for a LI group is unsubscribe from all mailings (excepting a few which I chose to follow on a daily/weekly basis).

The next page after signing up for a LI group should be (unchecked) opt-in checkboxes for the mailings you'd like to receive.

Just mark it as spam in Gmail.
(comment deleted)
I agree completely with your description, of all the social services I have an account with, I find them to be the worst offender of emails and reminders.
Not only that, but they send you emails even after you have deleted your account.
They repeatedly send you emails even if you don't have an account.
If you really want to kill ALL Linkedin messages choose the "Filter messages like these" option in Gmail. Then just enter "linkedin.com" in the From field. Done.
You can also create filters to manage such emails so it doesn't clutter you're inbox, but still lets you see them if you want.
I did this with a college newsletter that was spammy, and had no method to unsubscribe. After repeatedly marking the email as spam to no avail, I set a filter up to send the message to the bin.
Twitter, too, has twelve categories of email to opt yourself out of, although I don't believe that you're not automatically opted in to all of them (I unsubscribed long ago, so I can't be sure).
Some woman who was in my grandfather's contact list got spammed by LinkedIn for a month. There didn't seem to be any way to unsubscribe. She ended up hating my grandfather, because his name kept showing up on the emails! Of course he didn't know there wasn't going to be an opt-out. I ended up adding her email address to my LinkedIn account, so they would stop spamming her.
Change the email you use there to yourname+linkedin@gmail.com, and then filter it out. :)
I flag all LinkedIn email as spam, and yet I still find the occasional LinkedIn email in my inbox. You could call it Superspam!
I agree.

The other day I had to unsubscribe out of two Yahoo! Japan newsletters that suddenly started to arrive (for two different accounts I've apparently made years before).

To unsubscribe I had to login to both. And for one I didn't even remember the password. Overall it took me half an hour to unsubscribe.

Also if I can't unsubscribe it goes to spam.

Japan tangent: I am amazed on a weekly basis by the mountain of spam newsletters flooding my email inbox by some of Japan's leading internet services. Total lack of respect for the customer. Physical mail today is pretty much 99% spam and 1% bills, and it looks like it might take a miracle to stop email ending up the same way.
It's in violation of the CAN-SPAM Act

    You can’t charge a fee, require the recipient to give you any personally identifying information beyond an email address, or make the recipient take any step other than sending a reply email or visiting a single page on an Internet website as a condition for honoring an opt-out request.
http://business.ftc.gov/documents/bus61-can-spam-act-complia...
I would not interpret "visiting a single page" to mean one-click. Of course, I agree that one-click is the right way to do things.
It is the spirit if not the letter of the law. Nobody intended someone to use 50 AJAX steps on a single page to skirt the law.
And, moreover, requiring a login or any personal information to unsubscribe is specifically disallowed by the law.
With the important exception of an email address. Most of the time the part that annoys me the most is entering that because at best I have to check what it was sent to (many email accounts all going into one gmail) and at worst, it wasn't sent directly to me, so I have to try harder.
I think "visiting a single page" means precisely one-click.

Because once click takes you to the page. Any further action, even while you're on that same page, is an additional requirement, which is disallowed.

It allows requiring an email address.
How could you unsubscribe an email address without asking which one?
You provide a special link that someone can follow that has an ID of some type associated with the email.
You can find practically nothing, except for some initial cases many years ago, where someone has been prosecuted for can-spam. I would imagine that like with any crime, you would have to really piss some people off to fall under this act.

(Smoking marijuana is a crime as well as is driving over the speed limit and a host of other things that generally don't land you in hot water even if they are known to the authorities.)

I love that, but unfortunately CAN-SPAM is a US law, not a universal law.
Sure, but it applies to the many, many US-based tech companies. And I know Canada, Australia, and the UK have similar laws.
The thing is, how do you even prosecute it? Where the company is based? Where the web servers are based? Where the email servers are based? Where it was served? The email client's server location?
As long as the company does business in the US, you have enough of an argument to drag them into court over it. Whether or not that is worth your time (or will ultimately net you anything) is anyone's guess.
Can you actually drag a company into court over CANSPAM? I was under the impression it was FTC fines only.
Consumers can't really take any action on their own, but ISPs can. Microsoft has been pretty active in this regard. My understanding is they use this to file charges against John Doe spammers so that they can use court procedures to track down their actual identity. IANAL.
There are a lot of things wrong with the CAN SPAM Act, but this is not one of them. It applies to any company where the US can claim jurisdiction which, at the very least, includes every US based company. It does not matter how or where the emails are sent.
the company can in the U.S. at least get hit with an FTC fine.
So, that means I shouldn't have to login to my account to unsubscribe, correct? I find this annoying as I tend to click on the unsubscribe link from my phone, and not have the login details with me. I've seen several prominent companies that do this, including Mint earlier today.
Yes that is not permitted - they need to use encoded links in the email to identify you automatically upon click.
The links do not need to be encoded -- they are allowed to ask for your email address -- but they can't ask for much else. And definitely not a username/password.
Funny, even big sites like LinkedIn break this. Is there some exception to some types of mail, like bulk mail received after signing up with a service?
Also a good reason to test your emails in different systems - Gmail often snips emails I receive, meaning the Unsubscribe link at the bottom is cut off. I'll bet that leads to increased spam reports.

Aweber had an article last week suggesting you put an Unsub link at the top of your emails as well. I haven't had the guts to do that for my template (EveryDayDreamHoliday) but as a consumer I like the idea.

> Gmail often snips emails I receive, meaning the Unsubscribe link at the bottom is cut off.

It also makes these emails 100% unreadable on a mobile device, because they don't include the link to the full message on phones for some reason, even though they do on their web interface.

I have one-click no-login unsubscribe button at the bottom of all my emails. To even get an email you have to explicitly subscribe to something. (This is not a mailing list but notification system.) Yet I still get about 1 spam report a day.

I am tempted to just deactivate anyone's account that reports as spam. Is there something else I'm missing?

You might send an email along the lines of "continue receiving these?" every few months and offer an unsubscribe email in there, but that's all I can think of. I'd imagine that's a fairly low spam report threshold as it is.
I'd be interested in what the current best practice is for sending emails.

For your case, do the emails start with an idiot proof line such as "This is the notification that you signed up for at example.com" ?

From is the username they subscribed to. Subject has the website url along with the the exact type of notification it is.

Content is very short and sweet.

Having run a mailing list I can pretty much tell you that despite your best efforts to put the right headers in so Google can do their own unsub links, unsub at top and bottom, etc, that despite all this and being fully CAN-SPAM complaint that people will still write emails to your ISP claiming that your sending SPAM.

I'm not sure why but usually it's academics who send these. Maybe people sign them up for mailing lists b/c they are jerks or something. They all seem to be sure that they've never ever signed up for a mailing list.

ISP sends me email about the compliance issue, I put the email address into a form that blocks it from ever being associated with any of the lists on that server, and it spits back an email detailing when they signed up, confirmed, etc, that they've been blacklisted, and then attaches a jpeg image of the headers / footers with unsub links circled in red so the ISP can close the case.

> Maybe people sign them up for mailing lists b/c they are jerks or something

Not possible if you have a confirm step. And you should have a confirm step.

You would be surprised. I've run several mailing lists for both technical and non-technical people.

Always, without fail, you will get someone that signs up, confirms and then mashes the spam button two emails later while sending you irate "HOW DID YOU GET MY EMAIL ADDRESS UNSUBSCRIBE ME OHGODWHATHAVEYOUDONE?!" emails.

It's remarkable, really.

Well yes, forgetting that you signed up is still possible if there's a confirm step. Being signed up (maliciously or accidentally) by someone else, however, is the situation I was referring to and confirm steps exist specifically to prevent that.
Tangentially related: you can create a filter to search for emails with the word "unsubscribe" in them. Generally speaking I don't want to read anything with "unsubscribe" in it, and when I do, I have a nice folder for it.
My Gmail won't block linkedin spam no mater how much I click on "report spam".
Create a filter for linkedin and send it to your spam folder.
Better yet, create a filter for linkedin and have the filter first forward the mail to abuse@linkedin.com with a header explaining why and then throw it in the trash.
Also, don't send me an email afterwards letting me know I just opted out. I know that already.

And why might it take 10 days to get me off your list? Do your electrons move slower than everyone else's? It's 2012!

Anyone who doesn't offer a one-click-unsubscribe gets in my blocklist. This means that to every newsletter you send, you get an automatic response that I didn't care enough. I don't even see you sent the message at all.

It's too bad that they're usually sent from no-reply, yes, but it's more satisfactory at least.

Ironically enough I have more issues with getting spam text messages on my cell phone than spam email messages. It's a shame that either the CAN-SPAM act isn't enforced or doesn't apply to text messages. I'm on the national do not call list as well, and that has had seemingly no affect.
As a developer, I like to follow the rule of thumb that requests that have a persistent effect (such as changing your subscription options) should be HTTP POST rather than HTTP GET. This is in order to avoid mistakes generated by automated tools or systems which pre-fetch/cache/scan/analyze content. As such, my unsubscribe links lead to a page containing a one sentence summary of what you are about to do, and a form submit button.

This does not apply to the link passed in the SMTP header List-Unsubscribe, which needs to take direct action.

It's slightly less fast, but I don't mind this. Provided you don't make me remember which email address you're sending to and just autofill it, I'll happily click all the one-button forms you like.
(comment deleted)
Dropbox did this recently with an email titled "Never email big files again! Share with a Dropbox link"
Bonus Points: If I haven't logged into your site in over 2 weeks and/or opened an email, consider me unsubscribed and stop sending me emails.
Two weeks is ridiculous. You might as well not send a newsletter. Depending on your service, pretty much everyone on your list will, at one point or another, go two weeks without a trackable interaction.

I've personally seen (opt-in) newsletter subscribers go many months without loading images or clicking a link... but send them a notice that their subscription is being turned off as a courtesy and sure enough a sizable percentage click the "keep me subscribed" button.

How would you know if I've opened your e-mail? Active html in emails (which would allow image-bugs to work) is disabled for most people that I know.
My pet peeve, companies that don't unsubscribe immediately. Apple for example says they'll unsubscribe you in 10 days. Given all the other things a company's systems can do immediately this one strikes me as spammy
Many companies say 10 days as a legal CYA (10 days is the limit imposed by CAN-SPAM Act). In practice, despite what they say, it's usually instant.
(comment deleted)
not 10 consecutive days of course. just 10 random days in the future of our choosing.
The companies where I have noticed this it is mainly because they send so much email that the email might already be sitting in the outgoing queue waiting to be delivered...
e-how's unsubscribe link doesn't work. i've been getting spam from them for a while now, just because I wanted to post some backlinks on their articles :)
Meetup.com and as a result the New York Tech Meetup are egregious offenders of not providing 1-click unsubscribe. They take it another step further and make it extremely difficult to unsubscribe on the website too.
Meetup.com also send out "A waitlist is available for [event]" e-mails - perhaps the most unhelpful e-mail possible, and as far as I can tell the only way to turn them off is to turn off everything.

Makes me thankful for gmail's filtering.

But aren't the mails which contain one-click unsubscribe links also spam because they use it to identify which email accounts are active and sell that information to other marketers?
This happened to me with TripIt. A colleague invited me and they started sending me spam without any action from myself, and it was to my corporate account without an easy spam button like yahoo mail or gmail. I couldn't unsubscribe without creating an account first. I ended up emailing their corporate address notifying them they were violating CAN-SPAM and they manually removed me, and a PR contact apologised. I advised them they should give non-users a way to unsubscribe. I'm not sure if they ended up following my advice. My colleagues are loyal users, but just because your users love you doesn't mean your non-users want your email.
TripIt is one of the offenders for certain. The network updates are obnoxious.
Tell that to the New England Journal of Medicine, please. I have unsuccessfully tried to unsubscribe from them several times and they do not use this simple pattern.
The ACM is also really horrible. Subscription options are located in two or three hard-to-find places on the website. They kept on sending me emails somehow, and I eventually had to file a support ticket to get my account deleted.
FYI: most SPAM feedback systems reduce your account weight ('trust score') if you tag your non-SPAM emails as SPAM.

Although I agree with one-click-unsubscribe sentiment, clicking SPAM on an e-mail you subscribed for is not very productive.