Safe Unsubscribe? Hardly.

>

David Pogue, you done steered me wrong.

Just as it seems the eastern block / Russian Mafia spammers have been brought under control, a new class of spammers have taken over.

These are credible appearing organizations who simply have no control over their own email. Congressman, some retail stores, GE Capital, IMF, Hayek groups, etc. have involuntarily placed me on their repeating email lists. Most of the stuff they send is wildly off topic, the rest trivial, worthless announcements. What’s that, you have a new Assistant Vice President of the No One Cares division? Can one of you fucktards explain to me why that is worthy of a press release?

These corporate cornholes work with shops like Constant Contact, who I have come to recognize as the new spammers. Its very simple: Opt out is spam. Unsolicited commercial messages sent by the 1000s  are spam. And my experience with “Safe Unsubscribe” was the exact opposite of what David found –it was anything but. Based upon my specific experience, not only do many of these groups not honor unsubscribe requests, but since using Safe Unsubscribe, it seems that my spam has doubled — mostly from emailers who have a Safe Unsubscribe button. (Hence, I suspect it is being used to confirm email addresses).

Opt out is not safe, its spam, plain and simple, and you shit farms are the new spammers. I propose some graduate student do an improved, rigorous version of the Pogue test: Take a legitimate email and make it public. Run Safe Unsubscribe repeatedly, and see what happens to your inbox. (There is your graduate thesis in Computer Sciences).

Regardless of this foolishness, I am declaring a Jihad on all you IR/PR/Spammers who are burying me in bullshit.

My new approach to spam is as follows:

Anyone who decides to put me on an Opt Out list without my permission is dead to me. And, I have automated the following steps:

-Mark the spammers email address and any domain as spam system wide, including ISP level;
-Report them to every registry of spammers known;
-Report the spammer to the appropriate authority [including FTC, SEC and FBI];
-[horrifically evil and possibly illegal actions deleted under advice of counsel]
-The Words CONSTANT CONTACT and SAFE UNSUBSCRIBE are now blocked at the highest possible level of email.
-Of the 370,000 businesses that use Constant Contact, I will do business with exactly zero of them

I suspect some of the companies I am affiliated with work with these firms. If I have the authority to terminate the relationship outright, I will. If I am merely in a position of influence, I will use that influence towards the same end.

I have decided to take these actions because these groups have wasted enough of my time. I suggest you do the same.

>
See also:
Constant Contact used by spammers, blacklisted by many (WhiteSites)

SpamCop and Constant Contact (SpamCop)

Constant Contact out of touch (INC)

Rethinking the ‘Never Unsubscribe’ Rule for Spam (NYT)

Category: Really, really bad calls, Web/Tech

Please use the comments to demonstrate your own ignorance, unfamiliarity with empirical data and lack of respect for scientific knowledge. Be sure to create straw men and argue against things I have neither said nor implied. If you could repeat previously discredited memes or steer the conversation into irrelevant, off topic discussions, it would be appreciated. Lastly, kindly forgo all civility in your discourse . . . you are, after all, anonymous.

35 Responses to “My New Approach to Spam (Also, Constant Contact Sucks)”

  1. Note:

    Several of the forums discussing spam and constant contact have alleged that the CC staff will post comments under various names, and not disclose their affiliation with the company.

    That behavior is unacceptable. Thus, I have cranked the comment blocker up to 11.

    Hence, anyone wishing to post a comment should be prepared for a thorough vetting prior to the comment appearing. If you have a non corporate or disposable email address, expect long delays before the comment shows up.

  2. Richard R says:

    I hope you will stop linking to spam sites. This means you Zacks! Just try to get off their list.

  3. Petey Wheatstraw says:

    Good morning, BR.

    Oh, the freekin’ uselessness and counter-productivity of spam marketing.

    That said, any blog post that includes the words/terms: “fucktards,” “corporate cornholes,” and “shit farms” is worthwhile Sunday morning reading.

    On a related note, make sure you take a couple of aspirin — wouldn’t want you to blow a cardio gasket over this shit.

  4. Dennis says:

    At the ISP level, you should have a filter

    You can add keywords there and can also block specific domains and email addresses.

    Try blocking “.RU” and “Hotmail.com” — then add “constantcontact.com” and “linkedin.com” to your filters. You just ended at least 75% of your spam.

    Your welcome

  5. I just did “.RU” and “constantcontact.com” and “linkedin.com”

    Lets see what happens . . .

  6. BusSchDean says:

    Thank you. I think we use constant comment in some places on campus. I will bane it from the business school.

    At the professional level I apologize for marketers being the first to find a way to abuse a media.

  7. BusSchDean says:

    ..ban and bane it….

  8. Greg0658 says:

    constant linking will provide pings and (I’m not advanced trainied in all things computer code) but I’m sure (& not sure) exactly what can be transfered at the machine code level in the back end of software programs …. another reason in a very long list of why I’d like to see a someday move away from our present form of capitalism

    Firefall – Someday Soon
    http://www.youtube.com/watch?v=zW06mF6oAQU

    ps – the song doesn’t open but redirects (copyright and a bypass) … which helps explain the dilemma > find, promote & pay talent > and that move forward without the destructive aspects of the ‘isms

  9. Greg0658 says:

    psst – I missed a Rahm opportunity > EDUCATE “find, promote & pay talent”

  10. theexpertisin says:

    While we’re addressing this issue, let’s not forget the South African Prince with $10 million dollars he must transfer immediately to a safe haven if only provided with our checking account information. Or is the poor soul now from Ghana?

    And how about that Seeking Alpha crap I’ve ben receiving via e-mail lately? Who cares if some idiot “lifetime dividend champion” tout advises chides me for calling him out? Does that require I be notified? WTF, the stupid “daily briefing” is bad enough. Amatuers, all.

    Maybe changing one’s email address regularly is the only answer to this increased clutter.

  11. zdog says:

    Here’s my approach to spam.

    Aliases.

    I setup a new alias for each and every business that wants my email address. E.g. yourcompany@mydomain.com gets forwarded my myemail@mydomain.com.

    If I start getting new spam in myemail@mydomain.com inbox, I look at the full headers for the original to: email address.

    If I see that yourcompany@mydomain.com is the intended email address I:
    (a) delete the alias = no more spam to that email (and my inbox)
    (b) know your an unscrupulous POS and don’t do business with you and recommend others do the same.

  12. Scot says:

    For e-mail Spam, I also subscribe to Postini (owned by Google) and it has a remarkable ability to get rid of spam. It then sends you one e-mail a day showing what it quarantined. It allows you to add senders as you go so once you confirm the e-mail address, it’s good to come into your mail. You can also put in words (like Constant Contact) that will put those e-mails into quarantine. The best part? It takes less than ten minutes a day to quickly review the quarantined e-mail.

    http://www.google.com/postini/index.html

    And for WordPress users and spam on the site, I use WP-Spamfree, a totally amazing plugin that gets rid of 100% of the machine generated spam coming to sites (originally developed because e-mail was so bad with spam).

  13. jbminn says:

    The opt-out crap is horrible.

    What’s easy, tho, is submitting the address(es) to the real time black list (RTBL) servers that *lots* of email admins use for their site spam prevention. Looks like you’re already doding that (‘Report them to every registry of spammers known’).

    Let me know if you need specific advice on how to tune spamassassion or sendmail, in the event you use either of those.

  14. Robert M says:

    I wish you luck.
    The one thing I would add is ban any site using ping.chartbeat. net. it is for monitoring your usage. I swear all it does is open you up to spam and viruses.

  15. whskyjack says:

    I’ve noticed the same trend. I use a yahoo account for all internet stuff. Real spam has dropped but this junk mailer type spam is filling my spam box. Yahoo has a nice little button that lets you mark a message as spam and from then on that email address goes to the spam box. Then once a week I go through with a quick scan to see if there was anything I wanted to see. I’ve even done this to friends and family that forward junk emails all the time.

    Jack

  16. Dylan says:

    This kind of things happens to little people all the time, your response made me feel human. It is still the wild west in cyberspace, no ethics, and untill there are serious consequences for those that show lack of morals it will not change. Do software engineers have moral codes of practice?

  17. Bruman says:

    I always wondered how you manage to filter spam. I ultimately had to turn off comments on my wordpress blog because I couldn’t afford to spend several hours a day deleting my ads for viagra and the like. Even with filtering, they kept coming in.

    I used to have a separate “spammable” email that I use when I need to give an address and I don’t trust the company asking, and that has worked pretty well, but over time, real mail from the legitimate people starts arriving there.

    Lately I have found my regular email bombarded by what I call quasi-spam. It’s newsletters and stuff that I have marginal interest in, but it’s coming in so rapidly that even with filters, it’s starting to swamp my real conversations, and I’ve been looking for automated ways of doing thing.

    The last frustration is when spammers spoof your own address. I’ve had people complain that my ordinary email has landed in their spam folders. As far as I can tell, what’s happened is that some spammer has spoofed my regular, business-use email, and now it’s sitting on some dynamic list of “known spammers.”

    It might be time to go back to stone tablets. At least you can sue for assault if you get hit with too many of those.

  18. b_thunder says:

    Pogue is a tool. He never fail to mentions hos love for everything apple, even when he writes about something that’s totally unrelated. It’s as if he gets “apple points” for each “plug.”

    Also , I don’t think you should have mentioned the word “jihad” on your blog – now you’re gonna get a whole “different kind of attention.”

  19. Marcus says:

    Bravo on your nuisance spam blog!

    Add phone solicitations, where those automated, pre-recorded phone calls, are an equal invasion of privacy, and an act of vicious time destruction.

    The perpetrators of both forms of torture deserve to be shot, or even better, they should be incarcerated for life, the punishment being to read spam emails, with pre-recorded phone messages as their only distraction. That punishment should be continued for an eternity in hell after their earthly punishment is complete.

  20. Janie Farner says:

    OUCH!!!! How do you REALLY feel about it? It’s hard to decipher between all the swearing and complaining! I agree that spam is an extreme time-waster and an irritant most times, but how do you propose solving the problem at its core vs. just deleting/blocking every person on your contact list???

    ~~~

    BR: If they are on my contact manager, they are whitelisted.

    What I am describing are all the productivity killers: The jackholes, IR weenies and douchebaggios that waste everyone’s time with unsolicited opt out spam.’

  21. TerryC says:

    Makes you long for the good old days when you came home, checked the mail, and only had to take two seconds to throw a few pieces of junk mail in the round file.

  22. morgen says:

    Barry, I have something I think you’re going to like. If you never want to worry about unsubscribe again, check out http://leemail.me.

    It’s a venture I’ve been working on with a small team in London, and we recently went into private beta. leemail.me let’s you sign up for any website and never give them your email. And best of all, you can turn off those same websites if you don’t want you to email you. (kind of like nuclear unsubscribe)

    If you’re interested send me a note and I’ll get you on the beta.

    -morgen

  23. Jason G. says:

    You should try Unsubscribe.com – it has worked very well for me.

    https://www.unsubscribe.com/

  24. Mike in Nola says:

    This all stems from evey PR person telling people they have to be on linked in, Facebook, etc if they want to succeed. Instead, the clients often just look like foolish hustlers. It’s like mediocre financial advisors telling clients what they should invest in. Have gotten several emails from Linked In recently on behalf of friends and acqaintances asking me to join that spam magnet. As a natural recluse, I have little trouble declining.

    I’ve done hosting for a few old clients and been through trying to handle it myself: blocking domains, etc. The battle is much more like that between the malware authors and the antivirus people with changing tactics. It’s a lot easier on the blood pressure and more effective if you have a good spam filtering service.

    The one I’ve been using for years is Katharion. Think it’s been bought by someone but service seems the same. It is only sold through their partners. You do need some control over your own mail server to get it set up and you probably need a nerd (think Barry would qualify) to get it going, but it works well. What it does is receive all your mail, filter it for spam and viruses and pass on the legit mail to your mail server. It will save everything it thinks is spam for ten days in case you think something has been mistakenly blocked so you can retreive it. If you want, it will send you a digest serveral times a day showing what it is withholding as spam in case you are worried about false positives (very few). Each email account is separate, with both domain wide and individual blacklists and whitelists you can copy and past into. Many more features than I can list here.

    The partner I get my service from is http://sbbs.com/ If you have multiple domains you might be able to get a discount, depending on how much hand holding you need.

  25. Ivan says:

    I tried the keyword filtering route once. Beware of unanticipated consequences — check your spam folder; you might see an email like this in it:

    Dad:

    Why are you ignoring all my emails? I remind you in each one that YOU are the one who asked me to stay in constant contact with you, but you seem to be ignoring me?

    Love,
    Your increasingly frustrated child

  26. iavatar says:

    AARP has to be the worst about giving your email address to spammers. I made the mistake of joining so that I could see their Plan D options (I became Medicare-eligible about three months ago). AARP wouldn’t provide any info unless I was a member. Within a couple of days — I’m not kidding, it was breathtakingly fast — my intray started filling up with crap like scooters for mobility-impaired, stairway elevators, bathroom remodelers, security companies, online dating services for seniors, etc. etc. etc. All stuff targeting old people, the same kind of crap you see advertised on late-night tv and the evening news. I cancelled my AARP membership less than a week later (and, btw, the info they provided was nearly useless), but the spam continues unabated — about 50/day. Every day. No matter what I do — unsubscribe, bounce, add to spam list, whatever — it just keeps coming.

  27. Orange14 says:

    Because I’m a MSFT stockholder I get to use the super spam blocker that comes with MS Office ;-) Seriously, it works quite well and I really don’t get much spam at all in my Inbox. I do use LinkedIn to keep track of colleagues but that’s it. No Facebook or other SN for me

  28. The Window Washer says:

    Oddly I just read this last night.
    The Bloggess started a version of “Rick Rolling” in response to bad PR emails.

    http://thebloggess.com/heres-a-picture-of-wil-wheaton-collating-papers/

    I think TBP could get on board with this.

  29. CitizenWhy says:

    Thanks, Scot, for the very useful info on Postini.

    My experience is that opting has worked. When I was an MSN subscriber I’d report a site and never hear from them again. Right not a big problem for me = opting out seems to work – but I plan to keep that info on Postini.

  30. CitizenWhy says:

    iavatar … Don’t trust AARP on anything. You can get better deals on anything by a little internet research. AARP is just a sales channel.

  31. DeDude says:

    We need to charge people for each email they send. If people sending 1 million emails had to pay $100K then the spam problem would disappear.

  32. Renting in Mass says:

    Yes, but would you like to hear about my new Assistant Vice President of the Free Beer and Chicken Wings division?

  33. cmor says:

    1. Get your own mail domain (ritholtz.com)… most web hosting packages include 1000 or more mailboxes and unlimited forwards.

    2. Make your “real” inbox an unintuitive username: beowulf@ritholtz.com (example)

    3. Set a catchall forward: *@ritholtz.com ==> beowulf@ritholtz.com

    4. Now, when a website or other business wants your email address, you can make one up on the fly: joesquestionablewebsite.com@ritholtz.com and the catchall will deliver it to your “real” mailbox. You never give out the real address, and everybody you do give an address to gets a different one.

    5. If you start getting spammed YOU WILL KNOW who has sold your address… and even better, you can then set up a specific “forward to nowhere” for the address that is attracting spam.

  34. [...] The war on spam is not over.  It has simply gone corporate. (Big Picture) [...]

  35. esburke says:

    One additional suggestion for your spam process – and one which, I suggest, should be the very first thing you do.

    Disclosure: I’ve met several people who work for constant contact, though I’ve never worked for or with them, nor had any business with them.

    Step 1 for any email which you think is spam which contains “safeunsubscribe” should be to send it to abuse@constantcontact.com. They have a number of people dedicated to anti-spam compliance, whose entire job is identifying accounts which send opt-out email or otherwise violate their acceptable use policy, and they often won’t hesitate to terminate clients found to be in violation.

    Despite the way it may seem, they actually do spend a lot of time and effort on stopping spam – but more often than not, they need people to report it in order to put a stop to it.

    It helps to describe why you think a given message is spam, to give their compliance team some additional context – e.g., “Never gave permission”, “Harvested my address off my website”, etc. Including this will make your complaint more effective and more likely to result in action against the spammer.

    With regards to SafeUnsubscribe, it would be illegal to use that to verify & continue to spam an email address; again, if you report suspected mishandling of unsubscribes to constantcontact via their abuse@ account, they will research them and take action against a client if they are found to be in violation of the law.

    A few comments on the rest of your process, from the perspective of someone with experience in this sort of thing:
    - Very few public spam databases, with the possible exception of Spamcop, actually matter for overall spam filtering or blocking. Generally speaking, it’s much more effective to send mail to the responsible abuse@ address.

    - The CAN-SPAM act in the US actually allows opt-out email, sadly. The FTC isn’t likely to do much in response unless the email is also deceptive or misleading, or has a broken unsubscribe, etc.
    However, the Canadian anti-spam law going into effect early next year does have certain prohibitions on opt-out spam. There are cross-border enforcement provisions as well, so with any luck that will help cut down on sleazebag spammers in the US who toe the line as much as possible.

    - There are plenty of legitimate businesses using constantcontact who respect the concept of permission; in fact, I’d say that’s probably the majority of them. The problem is just that PR spammers etc. are more visible – selection bias, I think you’d call it.