ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Adding a spam button to MUAs

2010-02-09 06:36:58
from [Rich Kulawiec] [Permanent Link] 
On Fri, Feb 05, 2010 at 12:25:05PM +0000, David Wilson wrote:

Some messages had List-unsubscribe headers. However, some were mailto:
URLs, which is probably the best. Others were http: URLs. Most of these
took you to a page where you had to enter information in order to
unsubscribe.


They should all have email addresses of the form

        listname-request(_at_)example(_dot_)com

which support this function per RFC 2142.  Other addresses, as well
as web-based mechanisms, are fine too, but this is something that
every mailing list should support.  (As an aside, it's quite remarkable
how many supposedly-professional mailing list operations fail to
pass this rudimentary test of their baseline expertise.)


Related to this is the common folklore that you should not attempt to
unsubscribe from a spam, as this could tell the spammer that the email
address is 'live', thus exposing you to more spam. Is there actually any
evidence that this is true? It certainly does not seem to be the case
that spammers remove from their lists unresponsive email addresses.


Yes, there is conclusive evidence that this is true *of some spammers*.
Carefully-constructed experiments have repeatedly demonstrated that while
in some cases the result of such will be an unsubscribe, in other cases
it's led to (a) more spam from the same spammer, same domain (b) more
spam from the same spammer, different domain, (c) more spam from a different
spammer (d) various combinations and variations of (a)-(c).  This is
entirely sensible on their part of course: anyone so helpful as to
respond to spam is not only providing this information to the
enemy, but is signalling that they make a suitable victim.  And while
there are of course many clueless spammers out there who won't
recognize the opportunity thus presented, there are some who will.

But the more general principle that this falls under is that it's a
strategic error to provide spammers with any usable intelligence, as
they've long since displayed both the inclination and the ability to
aggregate it and process it.  And of course it's laughable to even
suggest to that they will do so in any way that benefits us.

---Rsk
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Generally workable ways of adding a spam button to MUAs, Ian Eiloart
Next by Date:  Re: [Asrg] who has the message (was Re: Consensus Call - submission via posting (was Re: Iteration #3)), Ian Eiloart
Previous by Thread:  Re: [Asrg] Adding a spam button to MUAs, David Wilson
Next by Thread:  Re: [Asrg] Adding a spam button to MUAs, John Levine
Indexes:  [Date] [Thread] [Top] [All Lists]