Yahoo Blocks Venerable Email List Over False Positives

RomulusNR writes "Yahoo has stopped delivering This Is True, Randy Cassingham's 14-year-old mailing list, because too many Yahoo readers have mistakenly or carelessly flagged it as spam. Yahoo readers make up over 10% of True's readership, slashing the ad revenue that keeps it going. And Yahoo doesn't negotiate with spammers. As Randy describes it: 'The yahoos... ask to be put on True's distribution, then confirm that request, and... then click the "This is Spam" button when they don't recognize the mailing or simply don't want it anymore. Yes, those yahoos have screwed thousands upon thousands of others who really do want my newsletter. Too bad: Yahoo is listening to the yahoos instead: they're blocking it. To them, we're "spammers" and no protestations from "spammers" count.' The irony is that This is True is one of the first profitable mailing lists, predating Yahoo! Mail by almost three years."

double standard

[nategoose]

I'm all the time clicking "this is spam" on stuff that Yahoo sends to my yahoo account, but I still get it. What's up with that?

Re:double standard

[Sleepy]

Hint: People are deliberately signing up for MoveOn lists, then flagging it as spam.

This is not news - it's a pretty well-known competitive dirty trick.

Re:double standard

[k8to]

1 - 1998-ish? I deliberately signed up for moveon.
2 - I read it for years, but it got more screechy.

3 - 2001-ish - I tried to unsubscribe, twice. Tis failed twice.
4- I began using "mark as spam" on moveon mail because it was UNWANTED bulk email, which is basically spam.

5- 2002ish - Bored of marking their mail as spam, I tried unsubscribing again and it worked.

That's the end of my story.

Re:So, what is the problem?

[moreati]

The person being hurt is the mailing list owner, who isn't a customer of Yahoo. The Yahoo subscribers, who marked it as spam will be quite happy, they're no longer receiving this email they forgot subscribing to. The remaining Yahoo subscribers may or may not notice they ceased receiving it. Many will assume that the mailing list has closed all together.

So I don't see any market pressure to force Yahoo's hand. Other than what little publicity the mailing list owner can generate.

Re:Mailing list receipts

[PC+and+Sony+Fanboy]

the REAL story here is ... "How do I poison the yahoo spam list to ignore email from large, legitimate companies?" ... because it seems to be working well by accident. Maybe someone could monetize this? (Of course, that makes it a denial of service attack, and probably not legal... but...)

Re:Mailing list receipts

[rfuilrez]

Simple.

• Create thousands of Yahoo mail accounts,

• Subscribe to said companies mailing list

• Mark as spam

• ???

• Profit!

120,000 subscribers total

[lena_10326]

Cassingham reports that there are over 120,000 subscribers to the mailing list for True from over 200 countries

Or so wikipedia claims. http://en.wikipedia.org/wiki/This_is_True

Do you have any idea how utterly small that is? I'm surprised they can pay their bills with a list that small--even with a fraction of those being paid subscribers.

Re:120,000 subscribers total

[lena_10326]

Yea... only if it's 1 guy.

120,000 subscribers probably means 5% paid, 95% unpaid: so a 1 year signup is $24, then 6000 * $24 = $144,000 per year, plus ad revenue, let's use a conservative 2.5% email click-thru and another 2.5% ad CPA (and averaging a 50 cent CPC), 1 email per user per week: 115,000*0.01 = 28,750 clicks * 7,187 * 0.50 ~= $3500 per month (approx), about $186k gross per year. There's probably additional banner click revenue, but his site is sure to be low-volume, negligible profit there.

So.. he's probably pulling about $175-200k a year (give or take, but I'd be surprised if it was more than $250k), but consider you need to subtract ISP costs of about $1k a month, lawyer & accountant fees, advertising costs, which usually runs very high, maybe 30% (conservative since I've seen ad costs up to 50-75%), he's probably clearing $100k to $150k per year. Not much left over to hire a secretary. Very small time operation.

we need a receipt after confirmation

[Russ+Nelson]

When somebody subscribes to one of my mailing lists, and confirms, we need a token from the mailbox provider which, when included on an incoming email means that the email is NEVER spam. Spam reports get converted into unsubscribe requests.

But there's no standard for this.

I gave up on my Yahoo email account

[QuietLagoon]

I've had it for nearly 10 years. However, Yahoo's delivery of email into my account is sketchy at best.

.

Why can gmail (my new free email provider) do such a better job than Yahoo did?

Re:List-Unsubscribe?

[FlyingBishop]

Isn't Yahoo in an ideal position to make this sort of probing useless? Just redirect all non-existent traffic with an unsubscribe header to a daemon that requests to be unsubscribed... then if you keep getting mail, you either ignore it or you use it, since you have the largest pool of honeypot email addresses on the planet.

Likewise they could in theory hit unsubscribe on behalf of their customers and then grab the resultant traffic. Of course, this is more open to attack, as the attacker can just switch email addresses. But if you're also unsubscribing all non-existent traffic, I'd say this will actually begin to get a lot more expensive for the would-be spammer than Yahoo, and the spammer would just stop trying to brute-force Yahoo.

Re:So, what is the problem?

[Beardo+the+Bearded]

As someone who's been on Randy's list for 10+ years, I can tell you it's easier to remove yourself from his list than anything else. It's literally just one click to unsubscribe.

In fact, it's easier to get off his list than it is to get on.

Some people do pay for the upgraded "Premium" This is True, and those people are not getting a paid-for-service.

What if yahoo decided that announcements from /. were spam? What if you were a subscriber?

Re:So, what is the problem?

[SanityInAnarchy]

I have no problem doing this at home, where the only account that it affects is my own. It's useful, for example, to avoid those mailing lists that people who know you inevitably put you on -- you know, the "Random link I found" list, the "Same Goddamned Joke I Just Got From Everyone Else, And Wasn't That Funny Last Year, Either" list, the "Upcoming Torah Services At Your Synagogue" list, the "Yet Another Attempt To Unsubscribe By Spamming The Whole Fucking Mailing List" crap, etc.

That is, not actually spam, because they actually know me, and must think I want to receive this stuff. But it's often easier to simply mark it as spam than to have to explain myself.

And I know that with my own filter, it will actually learn based on content -- so I won't get the Same Goddamned Joke, but I will get things I care about from the same person.

However, at work, we're on Gmail, so I don't do that -- especially because the signal/noise ratio isn't bad, and it's usually easy enough to create labels and filters. Amazon stuff goes in Amazon.

systemic problems with yahoo inbox delivery

[NynexNinja]

I stopped using Yahoo about 4-5 years ago because of problems with inbox delivery. After many tests, their mail servers would respond that the message was Sent when in fact it was never delivered. I've tested it about 20-30 times since then and have the same issues. Even if you send mail from supposedly vanity domains like Gmail.com, the mail still never gets delivered. Yahoo has had problems before with the profiles.yahoo.com site getting infiltrated by spammers about 5-7 years ago, a problem they never solved. It seems like the problems don't go away -- they only get worse. This story is just one example.

Re:Net Neutrality?

[perlchild]

It's common practice for larger email providers to treat any large movements of personal training as indicative of the nature of an email(if a bunch of people tag it as spam for themselves, it must be spam for everyone, going into dns-blacklists, etc, even if a few people tag it ham). This is a single-provider example of what people do when they report spam to spamcop, except spamcop's blacklist expands the concept to more than one provider.

Just because your personal training data is used in a personal context, it doesn't mean it cannot be used, statistically(99% of people marked this as spam, block it at the smtp level, we're wasting cpu cycles receiving this).

You should be using a filter, not the spam reporting feature for this... What people delete unread is not(yet) tracked. What's flagged has spam carries a black mark...

AOL has a similar problem

[John3]

I run a relatively small (2,000 subscribers) email discussion list for hardware store owners. I'm signed up as a mailing list provider with AOL's mail system, and I receive notifications when subscribers submit my list messages as spam. Apparently AOL's DELETE and REPORT AS SPAM buttons are relatively close together, though I can't verify this. I do know that I get notifications from AOL that a user has reported a message as spam, and when I contact the user they tell me it was a mistake and they didn't realize they had reported the message as spam.

My guess is that you have to reach a fairly high "critical mass" of spam reports before AOL will actually take action and block list messages. I've never had my list blocked by AOL (or Yahoo for that matter) so the occasional erroneous report doesn't seem to have much effect.

I wonder if Yahoo has a similar program for mailing list admins?

Re:Mailing list receipts

[dstates]

Well it may not work for money, but it can be a successful way to suppress opposition information in a political campaign.

Tell your followers to subscribe to your opponents blogs and mailing lists

Wait for a big event

Put out your press release

Tell all of your follows to hit the "This is SPAM" button on all of the opposition blogs and mailing lists

Voila - your message goes out and the opposition is silenced for at least few days until they get their mailing lists and blogs back on line.

Re:So, what is the problem?

[zippthorne]

Because you're an ass. I've used the mark spam bit, too, but only for emails for which the unsubscribe link is neither present in the email, nor apparent on the website. In my view, if they obscure or don't even have a way for me to stop receiving emails, they become spam the moment I no longer desire to receive them.

Because I'm also an ass. Although slightly less of one.

Re:Seems to me ...

[Free+the+Cowards]

People confuse effects with motivation.

For example, terrorists couldn't possibly care less about our freedoms. Their goal is not to destroy the 4th amendment or whatever else. That's just a side effect. Their goal (speaking of the standard Islamic terrorist here) is to get Western troops out of the Arab countries.

In this case, spammers just want to make money. But as a side effect to this, they end up destroying the utility of e-mail. So people start thinking that destroying the utility of e-mail is actually their goal, when it couldn't be further from the truth.

Re:So, what is the problem?

[Maestro4k]

Because TIT is indicative of every single unsubscribe method, amirite?

Why no, it's not, in fact most of the legit mailing lists make it harder. But this is also irrelevant as the list in question here IS This is True, and its unsubscribe method is as easy (and often easier) than marking it as spam. That was the point.

As others have pointed out, it's easier to unsubscribe from all of Randy's lists than it is to subscribe to them. Subscribing requires the user to confirm that they indeed submitted their address to be subscribed, and it's always been that way.

Re:So, what is the problem?

[pimpimpim]

Some years ago I subscribed to an IBM mailing list, just to see if anything interesting was on it. My subscribe e-mail had a link to the unsubscribe page on a server, all later e-mails didn't. That already isn't a very good way of doing it. Last month I wanted to get rid of it, searched for my first e-mail, followed the link, 404 error. By being so sloppy with their mailing list practices, there is no better way then using the "this is spam" link.

Other example: my Gmail address is apparently very equal to the ones of some philippinan users and I get many subscribe e-mails and invites to mailing list that are popular in that community. Of course I never confirm those things, but in the case of Multiply "Secure and family friendly social networking", I got not only signed up without having to confirm, I also had no way to unsubscribe, and got all of a sudden a lot of e-mail from that multiply user's friends. I had it forwarded to the spambox. Then after a while, I got the mail from the "forgot password" button, and out of curiosity found that I could indeed log in with this. These are pretty amazingly bad internet practices, I contacted the site owner and actually got a reply back, apparently they had deliberately chosen to have users be able to log in for the first few weeks without them having to confirm their e-mail address. Web 2.0: the same mistakes all over again, but with new paint.