Yahoo Blocks Venerable Email List Over False Positives

RomulusNR writes "Yahoo has stopped delivering This Is True, Randy Cassingham's 14-year-old mailing list, because too many Yahoo readers have mistakenly or carelessly flagged it as spam. Yahoo readers make up over 10% of True's readership, slashing the ad revenue that keeps it going. And Yahoo doesn't negotiate with spammers. As Randy describes it: 'The yahoos... ask to be put on True's distribution, then confirm that request, and... then click the "This is Spam" button when they don't recognize the mailing or simply don't want it anymore. Yes, those yahoos have screwed thousands upon thousands of others who really do want my newsletter. Too bad: Yahoo is listening to the yahoos instead: they're blocking it. To them, we're "spammers" and no protestations from "spammers" count.' The irony is that This is True is one of the first profitable mailing lists, predating Yahoo! Mail by almost three years."

double standard

[nategoose]

I'm all the time clicking "this is spam" on stuff that Yahoo sends to my yahoo account, but I still get it. What's up with that?

Re:So, what is the problem?

[moreati]

The person being hurt is the mailing list owner, who isn't a customer of Yahoo. The Yahoo subscribers, who marked it as spam will be quite happy, they're no longer receiving this email they forgot subscribing to. The remaining Yahoo subscribers may or may not notice they ceased receiving it. Many will assume that the mailing list has closed all together.

So I don't see any market pressure to force Yahoo's hand. Other than what little publicity the mailing list owner can generate.

Re:Bulk mail is still spam, even if it's "wanted"

[Anonymous Coward]

Fine, but I don't want my email provider deciding something is spam because other users have marked it as spam. Unless I mark it as spam, it is not spam to me.

Re:Mailing list receipts

[PC and Sony Fanboy]

the REAL story here is ... "How do I poison the yahoo spam list to ignore email from large, legitimate companies?" ... because it seems to be working well by accident. Maybe someone could monetize this? (Of course, that makes it a denial of service attack, and probably not legal... but...)

Re:Bulk mail is still spam, even if it's "wanted"

[daeg]

For things like True, it's perfect. It's what RSS was designed to do. True is not a mailing list like users@httpd is -- it's a bulk mailing, plain and simple.

I wonder if the author even tried to contact Yahoo. Some of my messages were being flagged as spam, I contacted Yahoo, and got a very easy tip on making sure my headers are all correct on outbound mail. I'm no longer flagged as spam via Yahoo. That was a year or so ago, though.

Re:Bulk mail is still spam, even if it's "wanted"

[VGPowerlord]

p.s. You can cry me a river about your lost ad revenue. I don't care. Get a new business model.

I would assume their ads are text these days, since all (well, most) modern email clients block images by default. Switching to RSS won't make text ads go away.

Re:Mailing list receipts

[rfuilrez]

Simple.

• Create thousands of Yahoo mail accounts,

• Subscribe to said companies mailing list

• Mark as spam

• ???

• Profit!

120,000 subscribers total

[lena_10326]

Cassingham reports that there are over 120,000 subscribers to the mailing list for True from over 200 countries

Or so wikipedia claims. http://en.wikipedia.org/wiki/This_is_True [wikipedia.org]

Do you have any idea how utterly small that is? I'm surprised they can pay their bills with a list that small--even with a fraction of those being paid subscribers.

we need a receipt after confirmation

[Russ Nelson]

When somebody subscribes to one of my mailing lists, and confirms, we need a token from the mailbox provider which, when included on an incoming email means that the email is NEVER spam. Spam reports get converted into unsubscribe requests.

But there's no standard for this.

I gave up on my Yahoo email account

[QuietLagoon]

I've had it for nearly 10 years. However, Yahoo's delivery of email into my account is sketchy at best.

.

Why can gmail (my new free email provider) do such a better job than Yahoo did?

Re:So, what is the problem?

[phagstrom]

A valid point. However, from personal experience I can tell you that when [place name of any webmail service] users no long get the mail they expect, they don't blame said webmail service - they blame the company or person that *should* have sent the mail. Because we all know that mail *always* gets through and that Yahoo, Hotmail, Google et al *always* work as they should.

The problem is compounded by the fact that answering angry support mail from users demanding to get their newsletter might be impossible, because that too may be blocked.

So while I agree with you that this could be solved by getting the webmail user to shift over to a new provider, the user may never be aware that the mail provider is the problem.

I guess solving the spam problems is not an easy task :-)

Re:List-Unsubscribe?

[FlyingBishop]

Isn't Yahoo in an ideal position to make this sort of probing useless? Just redirect all non-existent traffic with an unsubscribe header to a daemon that requests to be unsubscribed... then if you keep getting mail, you either ignore it or you use it, since you have the largest pool of honeypot email addresses on the planet.

Likewise they could in theory hit unsubscribe on behalf of their customers and then grab the resultant traffic. Of course, this is more open to attack, as the attacker can just switch email addresses. But if you're also unsubscribing all non-existent traffic, I'd say this will actually begin to get a lot more expensive for the would-be spammer than Yahoo, and the spammer would just stop trying to brute-force Yahoo.

Sue 'em for Libel

[Anonymous Coward]

Don't fart around and don't wait. Accusations of being a SPAMmer with real negative economic consequences can easily be construed as libel, as SPAM has a legal definition. False accusation, leading to economic loss=decent probability of a win in a libel case. Yahoo allegedly has at least one or two professional people in their organization, and they fail to differentiate between a button for SPAM and something else, like an additional "just stop delivering this" button as an alternative. Tough shit for them and the cluless lusers who marked it as SPAM when it clearly wasn't. The list owner could sue both yahoo and individual numbnuts who were too lazy to follow the opt out link.

And I hope it carries over to those horribly maintained RBL lists as well, just try to plead your case to them when falsely accused of spamming.

Time to start nailing computer idiots and computer company professional idiots where it hurts. If you honestly and really just cannot use a computer, or are just too lazy to follow a few simple steps, just get the F off the net. Just get off. Some people just never can learn to drive, some people are just never going to be able to use the net. Just reality. This coddling of idiots has gone on too long, with widespread malware from the beast's bogus products making it easy to get pwned all the way to stuff like this where a big fat professional computer/internet company can't be arsed to do five minutes work before labeling something as SPAM and then costing some little guy his loot.

Re:double standard

[Sleepy]

Hint: People are deliberately signing up for MoveOn lists, then flagging it as spam.

This is not news - it's a pretty well-known competitive dirty trick.

Re:So, what is the problem?

[Beardo the Bearded]

As someone who's been on Randy's list for 10+ years, I can tell you it's easier to remove yourself from his list than anything else. It's literally just one click to unsubscribe.

In fact, it's easier to get off his list than it is to get on.

Some people do pay for the upgraded "Premium" This is True, and those people are not getting a paid-for-service.

What if yahoo decided that announcements from /. were spam? What if you were a subscriber?

Re:double standard

[k8to]

1 - 1998-ish? I deliberately signed up for moveon.
2 - I read it for years, but it got more screechy.

3 - 2001-ish - I tried to unsubscribe, twice. Tis failed twice.
4- I began using "mark as spam" on moveon mail because it was UNWANTED bulk email, which is basically spam.

5- 2002ish - Bored of marking their mail as spam, I tried unsubscribing again and it worked.

That's the end of my story.

Re:So, what is the problem?

[SanityInAnarchy]

I have no problem doing this at home, where the only account that it affects is my own. It's useful, for example, to avoid those mailing lists that people who know you inevitably put you on -- you know, the "Random link I found" list, the "Same Goddamned Joke I Just Got From Everyone Else, And Wasn't That Funny Last Year, Either" list, the "Upcoming Torah Services At Your Synagogue" list, the "Yet Another Attempt To Unsubscribe By Spamming The Whole Fucking Mailing List" crap, etc.

That is, not actually spam, because they actually know me, and must think I want to receive this stuff. But it's often easier to simply mark it as spam than to have to explain myself.

And I know that with my own filter, it will actually learn based on content -- so I won't get the Same Goddamned Joke, but I will get things I care about from the same person.

However, at work, we're on Gmail, so I don't do that -- especially because the signal/noise ratio isn't bad, and it's usually easy enough to create labels and filters. Amazon stuff goes in Amazon.

systemic problems with yahoo inbox delivery

[NynexNinja]

I stopped using Yahoo about 4-5 years ago because of problems with inbox delivery. After many tests, their mail servers would respond that the message was Sent when in fact it was never delivered. I've tested it about 20-30 times since then and have the same issues. Even if you send mail from supposedly vanity domains like Gmail.com, the mail still never gets delivered. Yahoo has had problems before with the profiles.yahoo.com site getting infiltrated by spammers about 5-7 years ago, a problem they never solved. It seems like the problems don't go away -- they only get worse. This story is just one example.

Re:Net Neutrality?

[perlchild]

It's common practice for larger email providers to treat any large movements of personal training as indicative of the nature of an email(if a bunch of people tag it as spam for themselves, it must be spam for everyone, going into dns-blacklists, etc, even if a few people tag it ham). This is a single-provider example of what people do when they report spam to spamcop, except spamcop's blacklist expands the concept to more than one provider.

Just because your personal training data is used in a personal context, it doesn't mean it cannot be used, statistically(99% of people marked this as spam, block it at the smtp level, we're wasting cpu cycles receiving this).

You should be using a filter, not the spam reporting feature for this... What people delete unread is not(yet) tracked. What's flagged has spam carries a black mark...

AOL has a similar problem

[John3]

I run a relatively small (2,000 subscribers) email discussion list for hardware store owners. I'm signed up as a mailing list provider with AOL's mail system, and I receive notifications when subscribers submit my list messages as spam. Apparently AOL's DELETE and REPORT AS SPAM buttons are relatively close together, though I can't verify this. I do know that I get notifications from AOL that a user has reported a message as spam, and when I contact the user they tell me it was a mistake and they didn't realize they had reported the message as spam.

My guess is that you have to reach a fairly high "critical mass" of spam reports before AOL will actually take action and block list messages. I've never had my list blocked by AOL (or Yahoo for that matter) so the occasional erroneous report doesn't seem to have much effect.

I wonder if Yahoo has a similar program for mailing list admins?

Exceptions List?

[Digicrat]

I would presume that interested subscribers (particularly paid ones) would still find a way of receiving their messages. EVERY spam filter has an exceptions list, to explicitly specify addresses that you want to receive messages from, even if the filter thinks they are spam. Yahoo's prefes might be a bit more hidden, but I'd be surprised if adding this 'blocked' mailing address to that list wouldn't let the messages through. Presuming the mailing list is linked to an actual website letting his users know to add the address to their exceptions list, it doesn't seem like this should be more than a temporary problem if his viewers are actually dedicated. Spam is a problem. Idiots incorrectly using spam filters is another one. But that's how things are, and until some spam-proof Internet 2.0 comes along, we just have to deal with spam or inaccurate filters as they stand - or change mail providers if becomes annoyng.

Re:Mailing list receipts

[dstates]

Well it may not work for money, but it can be a successful way to suppress opposition information in a political campaign.

Tell your followers to subscribe to your opponents blogs and mailing lists

Wait for a big event

Put out your press release

Tell all of your follows to hit the "This is SPAM" button on all of the opposition blogs and mailing lists

Voila - your message goes out and the opposition is silenced for at least few days until they get their mailing lists and blogs back on line.

Re:idiots who click on "this is spam"

[Anonymous Coward]

I click "this is spam" because when you attempt to unsubscribe, it rarely works and just proves that you're a real live mailbox. Clicking "this is spam" removes them for sure :o) I'll gladly do it from now on, even if it banishes legit mailings. It's not my problem!

Re:120,000 subscribers total

[lena_10326]

Yea... only if it's 1 guy.

120,000 subscribers probably means 5% paid, 95% unpaid: so a 1 year signup is $24, then 6000 * $24 = $144,000 per year, plus ad revenue, let's use a conservative 2.5% email click-thru and another 2.5% ad CPA (and averaging a 50 cent CPC), 1 email per user per week: 115,000*0.01 = 28,750 clicks * 7,187 * 0.50 ~= $3500 per month (approx), about $186k gross per year. There's probably additional banner click revenue, but his site is sure to be low-volume, negligible profit there.

So.. he's probably pulling about $175-200k a year (give or take, but I'd be surprised if it was more than $250k), but consider you need to subtract ISP costs of about $1k a month, lawyer & accountant fees, advertising costs, which usually runs very high, maybe 30% (conservative since I've seen ad costs up to 50-75%), he's probably clearing $100k to $150k per year. Not much left over to hire a secretary. Very small time operation.

Whine, complain, whine.

[Anonymous Coward]

Five things they can do that will be more constructive than whining about it:

• Implement DomainKeys. Make sure that they sign outgoing mail, so it is far less likely to be caught as spam.
• Reduce the amount of graphics and "noisy" HTML content in the newsletters. Stuff that easily triggers spam filters.
• Make sure their sign-up process is a double-confirmation step. ie: submit email; click on received link to validate the request. Put a very clear "unsubscribe" link in the start of the email.
• Honor bounces. Stop sending to unknown recipients.
• Whitelisting. In the sign-up instructions (and at the bottom of the mail), make sure there are clear "add this address to your email address book" instructions.

Re:So, what is the problem?

[zippthorne]

Because you're an ass. I've used the mark spam bit, too, but only for emails for which the unsubscribe link is neither present in the email, nor apparent on the website. In my view, if they obscure or don't even have a way for me to stop receiving emails, they become spam the moment I no longer desire to receive them.

Because I'm also an ass. Although slightly less of one.

Re:So, what is the problem?

[synfrog]

However, I think this also points out a way in which email could be made better. There should really be a standardized way to unsubscribe from mailing lists, so that every mail client automatically shows an "unsubscribe" button inside any mailing list email. The problem with current unsubscribe methods is that they require too much effort (even clicking a few links is "too much effort" in comparison to the "spam" button... moreover many sites make you go through numerous confusing web-forms). Also, an integrated "unsubscribe" button in an email client would send the "please unsubscribe" signal, and simultaneously add the address to a personal blacklist (but not add it to the spam detection list).

There is already a mechanism for this. It's called the List-Unsubscribe header, though only Hotmail does anything with it. The problem is a question of trust. A spammer can put in an unsubscribe link that says "Hey, this guy read my email, let's send him more crap!" Not only did you not unsubscribe, you just telegraphed the fact that the spam got to your inbox.

Re:So, what is the problem?

[MightyYar]

guilty. not of this particular list but of countless others

Rather than call you an inconsiderate ass like the others here, I'd point to you as an example of how IT doesn't take human nature into account when setting up systems. In this case, Yahoo was naive to think that they could depend on (L)user input to create a decent anti-spam system. AOL does the same stupid thing, BTW - even to the point where Florida's hurricane alerts were being flagged as spam. [usatoday.com]

Re:Seems to me ...

[Free the Cowards]

People confuse effects with motivation.

For example, terrorists couldn't possibly care less about our freedoms. Their goal is not to destroy the 4th amendment or whatever else. That's just a side effect. Their goal (speaking of the standard Islamic terrorist here) is to get Western troops out of the Arab countries.

In this case, spammers just want to make money. But as a side effect to this, they end up destroying the utility of e-mail. So people start thinking that destroying the utility of e-mail is actually their goal, when it couldn't be further from the truth.

Re:Part of the problem...

[Anonymous Coward]

The problem is that "mark as spam" button. It shouldn't be there in the first place. Anyone using AOL and Yahoo doesn't have any idea what's spam and what isn't and doesn't care. That call should only be made by those competent to make it, and that excludes users. It's one thing to let them mark mail for review by some competent party, but to allow them to directly influence the mail stream of everyone else using the service is just gross negligence on the part of ISPs.

Re:So, what is the problem?

[Anonymous Coward]

You miss the point. The user would still recognize the difference between unsolicited email and email from a list they no longer wish to receive and click the correct button. It's a solution to the convenience problem whereby a user clicks the spam button just to make the email go away.

It's a good idea. It would be even better implemented if the List-Unsubscribe header were to be checked even when the spam button is clicked, querying the user if unsubscribing is really what they intended. The spam button doesn't need to be very convenient.

Equivalences

[AdamWill]

From the original article, by the owner of the list:

"It's like shooting a gun into a crowd of people, then walking away before seeing what happened."

So, marking an email as spam accidentally is "like" cold-blooded indiscriminate murder.

No, hold on a minute, I know -

it isn't!

Grow a sense of perspective, you self-important blowhard.

Re:So, what is the problem?

[Maestro4k]

Because TIT is indicative of every single unsubscribe method, amirite?

Why no, it's not, in fact most of the legit mailing lists make it harder. But this is also irrelevant as the list in question here IS This is True, and its unsubscribe method is as easy (and often easier) than marking it as spam. That was the point.

As others have pointed out, it's easier to unsubscribe from all of Randy's lists than it is to subscribe to them. Subscribing requires the user to confirm that they indeed submitted their address to be subscribed, and it's always been that way.

Re:So, what is the problem?

[pimpimpim]

Some years ago I subscribed to an IBM mailing list, just to see if anything interesting was on it. My subscribe e-mail had a link to the unsubscribe page on a server, all later e-mails didn't. That already isn't a very good way of doing it. Last month I wanted to get rid of it, searched for my first e-mail, followed the link, 404 error. By being so sloppy with their mailing list practices, there is no better way then using the "this is spam" link.

Other example: my Gmail address is apparently very equal to the ones of some philippinan users and I get many subscribe e-mails and invites to mailing list that are popular in that community. Of course I never confirm those things, but in the case of Multiply "Secure and family friendly social networking", I got not only signed up without having to confirm, I also had no way to unsubscribe, and got all of a sudden a lot of e-mail from that multiply user's friends. I had it forwarded to the spambox. Then after a while, I got the mail from the "forgot password" button, and out of curiosity found that I could indeed log in with this. These are pretty amazingly bad internet practices, I contacted the site owner and actually got a reply back, apparently they had deliberately chosen to have users be able to log in for the first few weeks without them having to confirm their e-mail address. Web 2.0: the same mistakes all over again, but with new paint.