Yahoo Blocks Venerable Email List Over False Positives

RomulusNR writes "Yahoo has stopped delivering This Is True, Randy Cassingham's 14-year-old mailing list, because too many Yahoo readers have mistakenly or carelessly flagged it as spam. Yahoo readers make up over 10% of True's readership, slashing the ad revenue that keeps it going. And Yahoo doesn't negotiate with spammers. As Randy describes it: 'The yahoos... ask to be put on True's distribution, then confirm that request, and... then click the "This is Spam" button when they don't recognize the mailing or simply don't want it anymore. Yes, those yahoos have screwed thousands upon thousands of others who really do want my newsletter. Too bad: Yahoo is listening to the yahoos instead: they're blocking it. To them, we're "spammers" and no protestations from "spammers" count.' The irony is that This is True is one of the first profitable mailing lists, predating Yahoo! Mail by almost three years."

double standard

[nategoose (1004564)]

I'm all the time clicking "this is spam" on stuff that Yahoo sends to my yahoo account, but I still get it. What's up with that?

Re:double standard

[by Anonymous Coward]

Thats because they know you're p3n1s really is that small.

Re:double standard

[Shadow Wrought (586631)]

I'm all the time clicking "this is spam" on stuff that Yahoo sends to my yahoo account, but I still get it. What's up with that?

Me, too. They also started throwing all the moveon e-mails and tor e-mails into the spam folder as well. So is yahoo not delivering the mail at all, or just throwing it straight into folks spam folder?

Re:double standard

[Sleepy (4551)]

Hint: People are deliberately signing up for MoveOn lists, then flagging it as spam.

This is not news - it's a pretty well-known competitive dirty trick.

Re:double standard

[k8to (9046)]

1 - 1998-ish? I deliberately signed up for moveon.
2 - I read it for years, but it got more screechy.

3 - 2001-ish - I tried to unsubscribe, twice. Tis failed twice.
4- I began using "mark as spam" on moveon mail because it was UNWANTED bulk email, which is basically spam.

5- 2002ish - Bored of marking their mail as spam, I tried unsubscribing again and it worked.

That's the end of my story.

Re:Net Neutrality?

[perlchild (582235)]

It's common practice for larger email providers to treat any large movements of personal training as indicative of the nature of an email(if a bunch of people tag it as spam for themselves, it must be spam for everyone, going into dns-blacklists, etc, even if a few people tag it ham). This is a single-provider example of what people do when they report spam to spamcop, except spamcop's blacklist expands the concept to more than one provider.

Just because your personal training data is used in a personal context, it doesn't mean it cannot be used, statistically(99% of people marked this as spam, block it at the smtp level, we're wasting cpu cycles receiving this).

You should be using a filter, not the spam reporting feature for this... What people delete unread is not(yet) tracked. What's flagged has spam carries a black mark...

But...

[Kingrames (858416)]

Is this true?

Re:

[cp.tar (871488)]

It is.

It's just that Yahoo! users won't know it.

we need a receipt after confirmation

[Russ Nelson (33911)]

When somebody subscribes to one of my mailing lists, and confirms, we need a token from the mailbox provider which, when included on an incoming email means that the email is NEVER spam. Spam reports get converted into unsubscribe requests.

But there's no standard for this.

Oh, grow up.

[fm6 (162816)]

Spam filtering is a problem for all mailing lists. Simple solution: use newsfeeds instead.

I gave up on my Yahoo email account

[QuietLagoon (813062)]

I've had it for nearly 10 years. However, Yahoo's delivery of email into my account is sketchy at best.

.

Why can gmail (my new free email provider) do such a better job than Yahoo did?

idiots who click on "this is spam"

[by Anonymous Coward]

most of them think it's a way of unsubscribing from a list.

Causes blacklisting for domains and hosting companies. I had a guy who forwarded his email address to an external address, then clicked on "This is spam" for every message. My IP was in the header so I got blacklisted. I had to scare the shit out of him to get him to stop "now that I've warned you, if you continue, I'll sue and take your house." Needless to say the customer did not renew, saved me the trouble of TOSsing him.

Re:idiots who click on "this is spam"

[Just Some Guy (3352)]

I'll gladly do it from now on, even if it banishes legit mailings. It's not my problem!

There you have it, ladies and gentlemen: the asshole who ruins good things for everyone.

Yahoo is dead, get out while you can

[by Anonymous Coward]

I gave up on Yahoo several months ago after an unknown person hijacked my account and changed the password. I don't log in from other computers, I only log in from the Mac in my bedroom, so it's not like I was creating a risk. I was paying Yahoo for a personalized "business" email address, yet it took three hours of phone calls, several emails and over three days to get them to turn my account back over to me. At one point, they told me they could not verify my identity with my name, phone number, mailing address and the credit card number they were billing. They said they couldn't unlock the account without me telling them what my security question was (which I chose 10 years ago), and the answer to that question. I told them, "that's not how security questions work. You ask me the security question and unlock my account when I provide the correct answer." When I finally did get back into my account, I discovered the hijacker had been contacting women through Yahoo personals posing as me, and in some cases telling them to "reply to my other Yahoo address." There were a few different addresses he was pointing people to. I notified Yahoo about this and asked them to investigate the fraud, and they told me it wasn't a priority for them. I migrated everything important to Google, and called Yahoo to cancel my account and transfer my personalized domain, but after hours of waiting on the phone, again, and again, they tell me they don't have the ability to release my domain. It's like dealing with a car salesman. As the company fails, it resorts to shadier practices to hold onto what it has, like AOL before it.

Such irony

[Reality Master 101 (179095)]

The irony is that This is True is one of the first profitable mailing lists, predating Yahoo! Mail by almost three years.

What's ironic about it?

[rhetorical question to highlight "irony" word abuse]

systemic problems with yahoo inbox delivery

[NynexNinja (379583)]

I stopped using Yahoo about 4-5 years ago because of problems with inbox delivery. After many tests, their mail servers would respond that the message was Sent when in fact it was never delivered. I've tested it about 20-30 times since then and have the same issues. Even if you send mail from supposedly vanity domains like Gmail.com, the mail still never gets delivered. Yahoo has had problems before with the profiles.yahoo.com site getting infiltrated by spammers about 5-7 years ago, a problem they never solved. It seems like the problems don't go away -- they only get worse. This story is just one example.

AOL has a similar problem

[John3 (85454)]

I run a relatively small (2,000 subscribers) email discussion list for hardware store owners. I'm signed up as a mailing list provider with AOL's mail system, and I receive notifications when subscribers submit my list messages as spam. Apparently AOL's DELETE and REPORT AS SPAM buttons are relatively close together, though I can't verify this. I do know that I get notifications from AOL that a user has reported a message as spam, and when I contact the user they tell me it was a mistake and they didn't realize they had reported the message as spam.

My guess is that you have to reach a fairly high "critical mass" of spam reports before AOL will actually take action and block list messages. I've never had my list blocked by AOL (or Yahoo for that matter) so the occasional erroneous report doesn't seem to have much effect.

I wonder if Yahoo has a similar program for mailing list admins?

Something I've noticed...

[NerveGas (168686)]

From both Yahoo and AOL users: If they don't want something, they just mark it spam, even if they signed up for it.

In fact, we have customers that pay us money every month to send them leads on their inventory, and ever month, we have a few of them (AOL users) mark legitimate inquiries as spam. And they not only asked us to send them to them, they're PAYING US to send them to them!!!

Re:So, what is the problem?

[moreati (119629)]

The person being hurt is the mailing list owner, who isn't a customer of Yahoo. The Yahoo subscribers, who marked it as spam will be quite happy, they're no longer receiving this email they forgot subscribing to. The remaining Yahoo subscribers may or may not notice they ceased receiving it. Many will assume that the mailing list has closed all together.

So I don't see any market pressure to force Yahoo's hand. Other than what little publicity the mailing list owner can generate.

Re:So, what is the problem?

[D'Sphitz (699604)]

If no one is upset over its absence, then it indeed was spam. The determination of spam is based on whether you want it to continue or not. The lack of complaining subscribers suggests it wasn't.

Huh? It's an OPT IN MAILING LIST, with a very deliberate signup process, you can't inadvertently or accidentally sign up. You have an interesting definition of what spam is, well not so much interesting as stupid.

Re:So, what is the problem?

[Rary (566291)]

An unsubscribe process takes more clicks then hitting 'mark as spam'. That's all the reason people need to use the spam button. Can you honestly say you've never done it?

Um, yes, actually. I'm kind of shocked that you even consider it a valid option. Does it not occur to you that this has the potential to impact other people, too? I mean, I can be as lazy as the next person sometimes, but how hard is a couple fucking clicks of a mouse?

Re:So, what is the problem?

[JustinOpinion (1246824)]

I agree that people shouldn't mark as spam things they voluntarily signed up for (unless attempts to remove oneself from the list fail).

However, I think this also points out a way in which email could be made better. There should really be a standardized way to unsubscribe from mailing lists, so that every mail client automatically shows an "unsubscribe" button inside any mailing list email. The problem with current unsubscribe methods is that they require too much effort (even clicking a few links is "too much effort" in comparison to the "spam" button... moreover many sites make you go through numerous confusing web-forms). Also, an integrated "unsubscribe" button in an email client would send the "please unsubscribe" signal, and simultaneously add the address to a personal blacklist (but not add it to the spam detection list).

If you make it easy for people to use, then they will. The present problem arises largely from people's laziness. But you can't prevent people from being lazy, so instead the tools should adapt to people's common usage.

Re:So, what is the problem?

[Maestro4k (707634)]

There should really be a standardized way to unsubscribe from mailing lists, so that every mail client automatically shows an "unsubscribe" button inside any mailing list email.

There is, and This is True uses it, it's called the "List-Unsubscribe:" header.

Some sites make it deliberately hard

[grahamsz (150076)]

If something has single click unsubscribe then i'll happily use that.

However too many sites expect that you figure out what username and password you used to sign up and then somehow manage your subscriptions via their website.

If i cant get off a list in under 30 seconds, then i'll spam filter it in google

Re:So, what is the problem?

[Free the Cowards (1280296)]

This is fundamentally a Human-Computer Interaction problem. Namely, the button is built to mark mail that is unsolicited advertisement, but is being used to mark any mail that is unwanted.

And it's a truism that in HCI you never blame the user. Not because it's never the user's fault, but because blaming the user is pointless. You can't change the user. You can't make him behave differently. You usually can't even educate him (they never read manuals or help or tooltips or any other form of instructions).

So yeah, you can say that it's the user's fault for using "Mark as Spam" instead of unsubscribing. But the fact is that they're doing it, and they're going to keep on doing it no matter what you say. Blaming them isn't going to fix anything. Instead, Yahoo needs to adapt to this and fix their code so that users who use "Mark as Spam" as a general "unwanted mail" button don't screw up the system.

Re:So, what is the problem?

[deepgrey (1246108)]

Yeah, but blaming them makes me feel better.

Re:So, what is the problem?

[Beardo the Bearded (321478)]

As someone who's been on Randy's list for 10+ years, I can tell you it's easier to remove yourself from his list than anything else. It's literally just one click to unsubscribe.

In fact, it's easier to get off his list than it is to get on.

Some people do pay for the upgraded "Premium" This is True, and those people are not getting a paid-for-service.

What if yahoo decided that announcements from /. were spam? What if you were a subscriber?

Re:So, what is the problem?

[HeronBlademaster (1079477)]

I want my spam filter to be accurate. I would not mark something "spam" if it were not actually spam - and certainly not if it were from a mailing list I deliberately subscribed to.

That's a terrible idea, and the fact that people do it irritates me. I'm sure it's the reason Google's spam filter is not as accurate as it used to be.

Re:So, what is the problem?

[lena_10326 (1100441)]

The reason people don't use the unsubscribe link is due to trust. Do you trust a spammer? Why would you when they've demonstrated they're untrustworthy. Even if they're not a spammer, you believe they are so the thought process is the same.

You click the Spam button instead. You trust your email provider more than a spammer. That's why.

Re:So, what is the problem?

[Maestro4k (707634)]

An unsubscribe process takes more clicks then hitting 'mark as spam'. That's all the reason people need to use the spam button.

BULLSHIT

I get This is True, I have for over a decade now, and on my latest issue there's this tidbit available from one keypress (enter) at the bottom:

Message 4,496 has information associated with it that explains how to participate in an email list. An email list is represented by a single email address that users sharing a common interest can send messages to (known as posting) which are then redistributed to all members of the list (sometimes after review by a moderator).

List participation commands in this message include:

* A method to remove yourself from the list (Unsubscribe).

Select HERE to UNsubscribe.

One more keypress and I'd be unsubscribed. In fact it's easier than reporting it as spam is. People just don't CARE. Or they're just stupid, or perhaps both.

Can you honestly say you've never done it?

Yes I can, I'm not an idiot nor am a lazy asshole. If I can't get a list to unsubscribe me I'll report it, but at that point it IS spam. (And violating the toothless CAN-SPAM act to boot.)

Just because you're lazy and/or stupid doesn't mean most of us are.

Re:So, what is the problem?

[Maestro4k (707634)]

Because TIT is indicative of every single unsubscribe method, amirite?

Why no, it's not, in fact most of the legit mailing lists make it harder. But this is also irrelevant as the list in question here IS This is True, and its unsubscribe method is as easy (and often easier) than marking it as spam. That was the point.

As others have pointed out, it's easier to unsubscribe from all of Randy's lists than it is to subscribe to them. Subscribing requires the user to confirm that they indeed submitted their address to be subscribed, and it's always been that way.

Re:So, what is the problem?

[SanityInAnarchy (655584)]

I have no problem doing this at home, where the only account that it affects is my own. It's useful, for example, to avoid those mailing lists that people who know you inevitably put you on -- you know, the "Random link I found" list, the "Same Goddamned Joke I Just Got From Everyone Else, And Wasn't That Funny Last Year, Either" list, the "Upcoming Torah Services At Your Synagogue" list, the "Yet Another Attempt To Unsubscribe By Spamming The Whole Fucking Mailing List" crap, etc.

That is, not actually spam, because they actually know me, and must think I want to receive this stuff. But it's often easier to simply mark it as spam than to have to explain myself.

And I know that with my own filter, it will actually learn based on content -- so I won't get the Same Goddamned Joke, but I will get things I care about from the same person.

However, at work, we're on Gmail, so I don't do that -- especially because the signal/noise ratio isn't bad, and it's usually easy enough to create labels and filters. Amazon stuff goes in Amazon.

Part of the problem...

[shmlco (594907)]

If the site was so bad that you only visited it once, why did you give them your friggin' email address?

They didn't just grab it out of thin air, you know. You're the one that went through their registration process and agreed to their terms of service, in which case any email they sent to you WASN'T unsolicited and WASN'T spam.

In short, you're one of the idiots who're causing all of the problems. Just click the "unsubscribe" link at the bottom of the email next time.

Re:Part of the problem...

[Fred Ferrigno (122319)]

I think the users are fully aware that it isn't spam and they did request it. They mark it as spam because they want to stop getting the email and marking it as spam is the best way they know how.

This list is legitimate and I suspect it's easy enough to unsubscribe, but we've all been trained to be wary of "unsubscribe" links in email. I don't know if the request will be honored or if I'll have to jump through a lot of hoops. I've seen unsubscribe pages that say I'll be removed from their list "in 2-3 weeks", obviously just so they can send me another few emails.

The spam button has a known functionality: it keeps emails out of the inbox. If it has the side-effect of mistraining the spam filter, so be it. In fact, that's better for the user if all they care about is getting rid of emails they don't want to see, solicited or not.

Re:So, what is the problem?

[mysidia (191772)]

You gave them their e-mail addresss. They disclose how they will use your e-mail address if you provide it.

The messages are solicited.

Unsolicited is not a codename for anything I don't want.

Unsolicited means they found you and contacted you without you directly providing them with your contact information to 'subscribe' or as part of a business transaction.

Generally, solicited messages cannot be considered spam, except under extreme circumstances.

(Where the contact information is misused to send a massive volume of messages over a short period of time, without permission, for instance)

Re:So, what is the problem?

[zippthorne (748122)]

Because you're an ass. I've used the mark spam bit, too, but only for emails for which the unsubscribe link is neither present in the email, nor apparent on the website. In my view, if they obscure or don't even have a way for me to stop receiving emails, they become spam the moment I no longer desire to receive them.

Because I'm also an ass. Although slightly less of one.

Re:So, what is the problem?

[pimpimpim (811140)]

Some years ago I subscribed to an IBM mailing list, just to see if anything interesting was on it. My subscribe e-mail had a link to the unsubscribe page on a server, all later e-mails didn't. That already isn't a very good way of doing it. Last month I wanted to get rid of it, searched for my first e-mail, followed the link, 404 error. By being so sloppy with their mailing list practices, there is no better way then using the "this is spam" link.

Other example: my Gmail address is apparently very equal to the ones of some philippinan users and I get many subscribe e-mails and invites to mailing list that are popular in that community. Of course I never confirm those things, but in the case of Multiply "Secure and family friendly social networking", I got not only signed up without having to confirm, I also had no way to unsubscribe, and got all of a sudden a lot of e-mail from that multiply user's friends. I had it forwarded to the spambox. Then after a while, I got the mail from the "forgot password" button, and out of curiosity found that I could indeed log in with this. These are pretty amazingly bad internet practices, I contacted the site owner and actually got a reply back, apparently they had deliberately chosen to have users be able to log in for the first few weeks without them having to confirm their e-mail address. Web 2.0: the same mistakes all over again, but with new paint.

Re:

[dbcad7 (771464)]

Not sure why you are marked "off topic".. What you say is true from a receivers point of view.. What I would do if I was the sender though, is create a little informative email telling the Yahoo users what the deal is, and recommending that if they wish to continue getting the newsletter that they new a new email provider.. and then send to the Yahoovians using a different email address.. for irony, maybe even use Yahoo to send it.

Re:Mailing list receipts

[PC and Sony Fanboy (1248258)]

the REAL story here is ... "How do I poison the yahoo spam list to ignore email from large, legitimate companies?" ... because it seems to be working well by accident. Maybe someone could monetize this? (Of course, that makes it a denial of service attack, and probably not legal... but...)

Re:Mailing list receipts

[rfuilrez (1213562)]

Simple.

• Create thousands of Yahoo mail accounts,

• Subscribe to said companies mailing list

• Mark as spam

• ???

• Profit!

Re:Mailing list receipts

[dstates (629350)]

Well it may not work for money, but it can be a successful way to suppress opposition information in a political campaign.

Tell your followers to subscribe to your opponents blogs and mailing lists

Wait for a big event

Put out your press release

Tell all of your follows to hit the "This is SPAM" button on all of the opposition blogs and mailing lists

Voila - your message goes out and the opposition is silenced for at least few days until they get their mailing lists and blogs back on line.

Re:Mailing list receipts

[strabes (1075839)]

I wish we had some widespread way of verifying a mailing list subscription, or cessation thereof.

Don't RSS feeds accomplish this because people can subscribe and unsubscribe at will? I'm on the mailing list of several missionaries from my church but would much prefer them to just open a blog and let me subscribe via RSS instead of sending me emails. Easier for me (fewer emails to check), easier for them (no need to maintain a large database of contacts & email addresses, many of which are probably out of date.) With RSS feeds, nothing is ever out of date and you can be sure everyone that is supposed to be getting your content actually is getting your content. I guess the only disadvantage of RSS feeds is that one has to be reasonably technologically savvy to even know what they are, let alone use them.

Re:Bulk mail is still spam, even if it's "wanted"

[One Childish N00b (780549)]

Bulk mail is still spam, even if it's "wanted"

Actually, no it isn't. Unsolicited mail is spam, a mailing list you consciously signed up for isn't. Just because you're too lazy to properly unsubscribe and thus reach for the 'This Is Spam' button to make it disappear doesn't make it spam.

Re:

[daeg (828071)]

For things like True, it's perfect. It's what RSS was designed to do. True is not a mailing list like users@httpd is -- it's a bulk mailing, plain and simple.

I wonder if the author even tried to contact Yahoo. Some of my messages were being flagged as spam, I contacted Yahoo, and got a very easy tip on making sure my headers are all correct on outbound mail. I'm no longer flagged as spam via Yahoo. That was a year or so ago, though.

Re:List-Unsubscribe?

[Opportunist (166417)]

Umm... no.

I get a lot "to unsubscribe, mail to blah@blub..." spam. The reason is simple, when you do unsubscribe from the spam list, they know it's a valid and still active mail address.

You have no idea how much that increases your value as a spam target!

So when spamfilters automatically write to some unsub address instead of flagging something as spam, be prepared to be flooded with spam.

Re:List-Unsubscribe?

[FlyingBishop (1293238)]

Isn't Yahoo in an ideal position to make this sort of probing useless? Just redirect all non-existent traffic with an unsubscribe header to a daemon that requests to be unsubscribed... then if you keep getting mail, you either ignore it or you use it, since you have the largest pool of honeypot email addresses on the planet.

Likewise they could in theory hit unsubscribe on behalf of their customers and then grab the resultant traffic. Of course, this is more open to attack, as the attacker can just switch email addresses. But if you're also unsubscribing all non-existent traffic, I'd say this will actually begin to get a lot more expensive for the would-be spammer than Yahoo, and the spammer would just stop trying to brute-force Yahoo.

Re:120,000 subscribers total

[lena_10326 (1100441)]

Yea... only if it's 1 guy.

120,000 subscribers probably means 5% paid, 95% unpaid: so a 1 year signup is $24, then 6000 * $24 = $144,000 per year, plus ad revenue, let's use a conservative 2.5% email click-thru and another 2.5% ad CPA (and averaging a 50 cent CPC), 1 email per user per week: 115,000*0.01 = 28,750 clicks * 7,187 * 0.50 ~= $3500 per month (approx), about $186k gross per year. There's probably additional banner click revenue, but his site is sure to be low-volume, negligible profit there.

So.. he's probably pulling about $175-200k a year (give or take, but I'd be surprised if it was more than $250k), but consider you need to subtract ISP costs of about $1k a month, lawyer & accountant fees, advertising costs, which usually runs very high, maybe 30% (conservative since I've seen ad costs up to 50-75%), he's probably clearing $100k to $150k per year. Not much left over to hire a secretary. Very small time operation.

Re:Subscription confirmations need to be standardi

[bhtooefr (649901)]

List-Unsubscribe: is defined in RFC 2369...

And, irony of ironies, Yahoo! Groups actually uses it in their messages.

Re:Seems to me ...

[arth1 (260657)]

When we start blocking legitimate email, the spammers win.

How the hell can this be considered insightful? When we start blocking legitimate e-mail, people will no longer read their e-mail, and the spammer loses.
The spammer doesn't win anything by you not getting a legitimate e-mail. She wins only if you read and act upon her e-mail.

Re:Seems to me ...

[Free the Cowards (1280296)]

People confuse effects with motivation.

For example, terrorists couldn't possibly care less about our freedoms. Their goal is not to destroy the 4th amendment or whatever else. That's just a side effect. Their goal (speaking of the standard Islamic terrorist here) is to get Western troops out of the Arab countries.

In this case, spammers just want to make money. But as a side effect to this, they end up destroying the utility of e-mail. So people start thinking that destroying the utility of e-mail is actually their goal, when it couldn't be further from the truth.