I created a similar service earlier this year which runs on exactly the same idea (forwarding emails to unsubscribe to them). It's nice to see some validation for the idea on HN.
I've attacked the problem from a different angle though - I've tried to automate the service a lot more. Automatically looking for the unsubscribe button and filling out any HTML forms that appear etc. It doesn't always work but it's been fun trying to work out ways to automate the different steps etc.
If anyone is interested in a similar product with a slightly different way of doing things, different pricing and a web UI, please check out:
https://www.stopthat.email/
Hopefully you don't mind the health competition ryanmjacobs.
While I do see the value of such a service, I wouldn't trust anyone with unsubscribe links I receive.
I have seen companies generating an API key for the unsubscribe button, where the key can be used to perform other actions and lead to account takeover
Btw, how specific is the American CAN-SPAM act in terms of how the unsubscribe link should work? In my country I sometimes get emails with unsubscribe links that require you to log in first, which can be a pain to pull out the credentials when you don't really remember signing up for it in the first place. Does CAN-SPAM specify, say, that an unsubscribe link 1)must not require a login? 2)must lead to completion of the subscribe process within x steps?
§ 316.5 Prohibition on charging a fee or imposing other requirements on recipients who wish to opt out.
Neither a sender nor any person acting on behalf of a sender may require that any recipient pay any fee, provide any information other than the recipient's electronic mail address and opt-out preferences, or take any other steps except sending a reply electronic mail message or visiting a single Internet Web page, in order to:
(a) Use a return electronic mail address or other Internet-based mechanism, required by 15 U.S.C. 7704(a)(3), to submit a request not to receive future commercial electronic mail messages from a sender;
Interesting. That means that Twitter's implementation is one that is against the law, as it required me to log in before I could unsubscribe. It also only unsubscribed me from "that type of email", so lo and behold, more spam arrived a few days later.
§ 316.5 Prohibition on charging a fee or imposing other requirements on recipients who wish to opt out.
Tell that to eBay. I cannot got them to leave me alone.
There is no unsubscribe link. Only “To change which emails you receive from eBay, go to Communication Preferences in My eBay.” But there is no such option in My eBay.
There is a “Communications Preferences” elsewhere, but there’s nothing in there to stop eBay spam. I have everything set to off, but they still keep coming.
I think he's talking about signing into a preexisting account. It maybe be illegal to require you to sign up, but I don't think it's proven that requiring preexisting customers to sign in to a preexisting account to adjust their communication settings.
Personally I'm all for requiring an automation enabled unsubscribe header and double opt in (requiring a response from a subscription confirmation email to subscribe in the first place).
I recently opted out of one where they gave me a list of opt-out choices, with the default being "I still wish to receive this information". If I was on autopilot I would have submitted it. It seems to follow the letter of the law but feels pretty sleazy.
If you did log in, whether you remember your credentials or not, a company can send you transactional emails, marketing emails, or both. CAN-SPAM does not cover emails that are “primarily” transactional, even if the email is part marketing. Companies are legally allowed to require authentication for updating the subscription settings of transactional email. And you wouldn’t want it any other way, otherwise someone could easily spoof you and unsubscribe you from notifications from your bank about your bank account, or other important email you depend on.
On top of that, rather often other people sign up for accounts using my email address, which is my first name + my last name at gmail. I'm guessing they missed a number or middle initial. I could password reset their account, but that seems legally/morally dubious.
Fortunately nobody's signed up for an account for anything I'd actually care to sign up for myself. It's usually some grocery store in Malaysia or something.
My e-mail address is on a 3rd party list that is sold repeatedly to marketers. The marketers do not employ unsubscribe links or provide a means to get off of their list in the e-mail. I'd rather not engage them and ask their source.
Is there a way to learn who the original list holder is and get my address off?
This is illegal in the US under the CAN-SPAM act, with severe penalties. No legitimate company will send marketing emails without an opt-out.
If you don’t want to engage them, you should mark the email as junk. This flags the email in their email provider. If their rate of junk email increases too high, they lose their ability to send email through that provider.
Afaik, there is no automated information flow to the provider.
It kind of works, but differently than you said.
Let's say, you flag a mail on GMail as spam.
GMail's filters will learn: both the spam filter for your inbox as well as a shared filter. If the shared filter learned that all mails from that provider are junk, then gmail may not accept any more mails from that provider.
But the provider is interested in his ability to send mails to gmail customers - because his own customers demand it.
So, a good provider would just kick out that rouge customer who sends junk.
And that's where the fun begins: A big provider can deliver spam, if it's only a small percentage of his usual volume (too big to fail). And not every provider is cooperative.
And the process is slow - some filter has to be fed a large amount of junk, so it finally rejects a large portion of of the valid mail.
A better way is: Get your provider to send an abuse mail to the origin. In my experience, it's still a fight against windmills, but every bit helps.
Your pricing model does seem to need some work. Credits would likely be a better match than a monthly service. It would better fit the nature of the problem. But, kudos on offering a manual service in a space where automation can easily fail.
Wow. Your comment is 2 hours old and it seems the model is already changed.
Kudos to the author.
> Note: After some input, I have decided to change billing to a credit-based system. Each unsubscribe uses 1 Credit. Over time, you should need this service less and less :)
Edit: Or go through each result, some email clients will highlight the search term "unsubscribe" after search, making the unsubscribe link easier to find.
Ha, interesting approach :) I like the idea, but I wonder if it might trash too many non-spam emails for me. Have you had any problems with false-positives?
Readit News
I've attacked the problem from a different angle though - I've tried to automate the service a lot more. Automatically looking for the unsubscribe button and filling out any HTML forms that appear etc. It doesn't always work but it's been fun trying to work out ways to automate the different steps etc.
If anyone is interested in a similar product with a slightly different way of doing things, different pricing and a web UI, please check out: https://www.stopthat.email/
Hopefully you don't mind the health competition ryanmjacobs.
I tried signing up on your website but I have the following error :
An uncaught exception happened while servicing this request
link to a screenshot : https://imgur.com/a/ph8RrO1
For some reason a deployment failed due to a dependency which caused some issues. Could you please try again and let me know if it now works?
Wondering if the HN Hug Of Death strikes again... can’t sign up due to an uncaught exception. Will try again later.
An automated system can't compare to an actual human, a human won't fail because the markup changed.
I have seen companies generating an API key for the unsubscribe button, where the key can be used to perform other actions and lead to account takeover
§ 316.5 Prohibition on charging a fee or imposing other requirements on recipients who wish to opt out.
Neither a sender nor any person acting on behalf of a sender may require that any recipient pay any fee, provide any information other than the recipient's electronic mail address and opt-out preferences, or take any other steps except sending a reply electronic mail message or visiting a single Internet Web page, in order to:
(a) Use a return electronic mail address or other Internet-based mechanism, required by 15 U.S.C. 7704(a)(3), to submit a request not to receive future commercial electronic mail messages from a sender;
[1] https://www.law.cornell.edu/cfr/text/16/316.5
Tell that to eBay. I cannot got them to leave me alone.
There is no unsubscribe link. Only “To change which emails you receive from eBay, go to Communication Preferences in My eBay.” But there is no such option in My eBay.
There is a “Communications Preferences” elsewhere, but there’s nothing in there to stop eBay spam. I have everything set to off, but they still keep coming.
Personally I'm all for requiring an automation enabled unsubscribe header and double opt in (requiring a response from a subscription confirmation email to subscribe in the first place).
Fortunately nobody's signed up for an account for anything I'd actually care to sign up for myself. It's usually some grocery store in Malaysia or something.
Is there a way to learn who the original list holder is and get my address off?
If you don’t want to engage them, you should mark the email as junk. This flags the email in their email provider. If their rate of junk email increases too high, they lose their ability to send email through that provider.
Let's say, you flag a mail on GMail as spam. GMail's filters will learn: both the spam filter for your inbox as well as a shared filter. If the shared filter learned that all mails from that provider are junk, then gmail may not accept any more mails from that provider.
But the provider is interested in his ability to send mails to gmail customers - because his own customers demand it. So, a good provider would just kick out that rouge customer who sends junk.
And that's where the fun begins: A big provider can deliver spam, if it's only a small percentage of his usual volume (too big to fail). And not every provider is cooperative. And the process is slow - some filter has to be fed a large amount of junk, so it finally rejects a large portion of of the valid mail.
A better way is: Get your provider to send an abuse mail to the origin. In my experience, it's still a fight against windmills, but every bit helps.
Source: I used to know a mid-sized spammer in Chicago. He saw nothing wrong with his business and was happy to answer questions.
When I receive a spam message, I get an in-message alert, I know instantly who leaked my email address, & I can shut it down with a single click.
Originally I used simple postfix virtual addresses but I since upgraded it to a SaaS with a browser extension and iOS/android app.
Email me for details if you want to beta test.
xe2g at proxyto.me
It supports masked phone numbers and credit card numbers as well.
So far none of the services I tried supported outbound mail / replies. Replying would reveal your real email address.
My service supports outbound mail and will properly rewrite the From address, etc.
Deleted Comment
Kudos to the author.
> Note: After some input, I have decided to change billing to a credit-based system. Each unsubscribe uses 1 Credit. Over time, you should need this service less and less :)
Or what about: 5 credits free, 2 free per month, XX additional credits per month through a subscription.
Then select-all and Mark as spam!
Edit: Or go through each result, some email clients will highlight the search term "unsubscribe" after search, making the unsubscribe link easier to find.
Same deal with my phone. Any private or unknown number gets the mail box which I never check and SMS trashed.