Opting Out Increases Spam? 481
J. L. Tympanum writes "I used to ignore spam but recently I have been using the opt-out feature. Now I get more spam than ever, especially of the Nigerian scam (and related) types. The latter has gone from almost none to several a day. Was I a fool for opting out? Is my email address being harvested when I opt out? Has anybody had similar experience?"
Well... (Score:5, Informative)
Re:Yes (Score:5, Informative)
You don't even need to opt out -- if you leave graphical preview options turned on in your html, the spammers can use uniquely named graphical images to confirm your email address is valid.
Absolutely. (Score:3, Informative)
The only opt out links worth following are ones you know the source of; i.e. something you once opted in to, or did not opt out of when you bought something.
e.g. Bought something at newegg and did not uncheck the box about mailing you about specials and deals.
Essentially, opting out only works for non-spam mailing lists. Spammers don't care and just use it to acknowledge a good target.
Re:Well... (Score:5, Informative)
Re:Yes (Score:5, Informative)
True enough. Luckily, Gmail's default is to not download images. And in fact, I think you can't even override that global default - only on a sende-by-sender basis.
Which is great.
No doubt I will be roasted but... (Score:2, Informative)
I actually did this on my mothers computer.
I looked at each spam message and made a call if I could trust the opt out, and I I went through her whole inbox. Result? Smap mail dropped from 100ish/day to less than 10 on average. And it stayed that way for near a year with a small trickle increase.
Re:Yes (Score:4, Informative)
if you leave graphical preview options turned on in your [email], the spammers can use uniquely named graphical images to confirm your email address is valid.
Which is another reason why I hate iphone's mail.app
I can't believe you fell for that (Score:1, Informative)
Opting out only validates that your email address is valid. It is a sucker bet.
These people are not honest. And even if 19 of them are and 1 is not, guess what he will do? Add your address to a list and sell his list of valid addresses for 49 dollars to all takers.
NEVER opt out.
Opt Out? You mean "Let me validate my address" (Score:3, Informative)
The Opt Out "feature" is simply a way spammers can discover if the addresses on their list are active. The spamed can then be moved to a premium "active" list so the email harvester can make more money selling the address again.
Re:Well... (Score:5, Informative)
Don't take this personally, 'cause it really isn't - and I know I'll be modded down for this - but I must say this story has the greatest concentration of the lamest "Informative" posts, ever.
I'm thinking that it's maybe just a gigantic troll, and the submitter is LOLling his ass off as I post this. Timothy maybe in on the joke.
And you know what? THIS is the kind of shit that should be submitted on April Fool's Day.
Re:Yes (Score:5, Informative)
Yes.
The case in which opting out can help (Score:3, Informative)
It's been years since they were relevant, and they last updated in January 2008. However, they've been featured on Slashdot before and that January 2008 update his close to the mark on this one.
Clueless Mailers [cluelessmailers.org] is the group that mapped the flow of spam, tracking email addresses as they were sold from one company to another to another until they mapped who fed what.
That "recent" article covers the current problem of (supposedly) reputable companies buying mailing lists from clueless clowns, and the troubles that ensued.
If it's a company you've heard before, and you can verify that the "opt out" will actually go to them, then opt out that way. If you don't see why you got on their list, tell them so, and they may twig onto the fact that their list wasn't all that hot.
If it's a company you've never heard of or there's something in it that smells hinky, just delete it, let it slide, and let them think that the message sailed off into the æther, never to be heard from again.
That third case? If it looks like a reputable company but the opt-out goes someplace apparently unrelated, do not simply opt out. Send a copy of the message to the people at the real company complaining of the deception. And that one's the one to hope for. Because if you can point out to the home office either (a) that someone is using their name poorly or (b) if they are authorized agents, they're getting bogus email addresses from somewhere, then they'll stop buying those discount lists of bulk email addresses and start doing their own damn work.
Re: bouncing (Score:2, Informative)
To do it mostly properly you need to "bounce" at SMTP time. (Actually, you are refusing to accept the spam.)
So, in simple terms: set up your own email server, install an SMTP spam filter and give that delete button a rest.
In Debian, for example, apt-get install exim4 sa-exim spamassassin.
Direct Answers... (Score:2, Informative)
"I used to ignore spam but recently I have been using the opt-out feature. Now I get more spam than ever, especially of the Nigerian scam (and related) types."
Yeah, those come and go. But I get a lot of them.
"The latter has gone from almost none to several a day. Was I a fool for opting out?"
Well, I'm too polite to tell someone they were a fool, but yeah basically. A few spammers follow the law, they're allowed to take 10 days though.. some some are classy about it and shut it off right away, the others turn it off on like day 9. But for anyone that's not, that opt out means you have a *verified* E-Mail address and the spammers sell it for more than an unverified E-Mail list. Oh yeah, some used claim they aren't selling the addresses, they are "renting" them for some reason.
" Is my email address being harvested when I opt out?"
Yeah see the above.
" Has anybody had similar experience?"
I have an E-Mail address going back to like 1994. My original ISP contract included a NSF Network contract that we wouldn't send commercial traffic over the network (UUNet, MCI, etc. had not built backones yet so almost all traffic hit the National Science Foundation's mighty 45mbps T3 backbone. It was T1s (1.5mbits/sec) up to about 1992.
OK back on topic.. my spam on there steadily increased, I started using my own spam filter in like late 1990s. My ISP got one, then much more recently made the spam filtering like a $3 a month extra (after they replaced their custom-massaged in-house spam filter with some commercial setup). I get 200-400 a day typically. spamprobe traps them pretty well after about a week of training, only like 4 or 5 a day get through, some days it's actually 0!
Before I set up my spam filter, I used to file a report with the upstream ISP's abuse contact, sometimes I'd get an automated reply and occasionally a "thanks" or "yes we're shutting down their account now". One the ISP sent me back a note saying the spammer claimed I'd signed up for it. (The spams *did* have a note saying "you signed up from this IP at this date".) I pointed out the whois info showed the IP was bogus, and never heard back. I started getting like 20x more spam right after that though and have ever since. Ubuntu makes this look very different, I use alpine.. on my ubuntu box all the russian, japanese, korean, umm, I Thai?, etc. spam subject lines actually look "right" in alpine (a reimplementation of Pine.) In alpine on my gentoo boxes those spams are all "?? ????? ??"...
With something like alpine, to filter spam, set up spamprobe, you have your inbox, "spam", "nonspam", "remove" and "spamprobe". Your spam goes into spamprobe, other stuff in inbox. If you have spam in your inbox, you move it to "spam". If you find a message in "spamprobe" that *wasn't* spam put it in "nonspam" (The only false positive I had, my sister wrote me an e-mail about how funny some spam she got was and forwarded it.. so I can see it marking that spam. The spam was in fact funny.) I guess remove removes the mail's words from the spamprobe database entirely.
I guess modern graphical E-Mail clients have spam filters integrated that can be set up, as does GMail.
Re:Well... (Score:3, Informative)
But how many scams and spams do you see that even have opt-out instructions? If it is zombie-spam they usually don't even bother. Why pretend if they are untouchable anyway. I doubt a known good address that is known to not want it is a better prospect than the next bazillion addresses that are free to attempt to sell/scam to.
Re:Spam vs. unwanted e-mail (Score:4, Informative)
I divide "spam" e-mail into three categories:
For #2 I just use the unsubscribe function. I've asked for the e-mail, it's up to me to tell them if I don't want it anymore. For #1, I report the e-mail as spam through the regular channels. If it hurts a legitimate company's reputation and makes it harder for them to deliver e-mail, maybe they'll think twice about sending e-mail without asking whether the recipient wants it first. I didn't ask for it, I'm not obliged to put extra effort into being nice to them. For #3, I go out of my way to report it as spam in a way that'll cause the worst possible problems for the originator (once I've confirmed who it really came from, if I'm going to go to the trouble of breaking out the big guns I'm not going to let them go to waste on the wrong target and there's plenty of joe jobs out there). Once it's knowing and willful, the Marquis of Queensbury can go pound sand.
Outlook imap bug. (Score:4, Informative)
Outlook has a cute little bug associated with IMAP folders and using more than one mail client..... Outlook will send a "The email was not read" read receipt if the email is deleted from the imap folder before you've read it in Outlook... even if you tell Outlook not to send read receipts. This is rather annoying if you routinely use an alternative email to delete your spam. The next time you load Outlook it sends out a load of read receipts to the spam merchants, therefore confirming you (my!) email address.
P.S. Check out:
here [slipstick.com],
here [emaildiscussions.com],
and
here [outlook-tips.net]. It's not just me!
Re:Well... (Score:4, Informative)
From their page:
Slopsbox is your temporary mailbox, the e-mail address you use to register for random services. It's a long-finger up the butt to spammers who wants your real e-mail. Slopsboxâ is the inbox you don't care about. But Slopsboxâ cares about you, your privacy and we want your spam, because we think it's tasty!
Well, d'uh! (Score:3, Informative)
I hope you've learned from your mistake clicking on that opt-out link. There might be other reasons for the increase in spam, but opting out is likely a major one.
That said I often do opt-out of e-mail newsletters of websites that I've had prior business with. But not with every website *cough*classmates.com*cough*
Re:Well... (Score:2, Informative)
Answer: itsatrap (Score:3, Informative)
Most spammers are doing so outside the law anyways, why would the stop just because you asked them? Unless its a legit newsletter, I say avoid the "opt out" thing.
It's simple... (Score:3, Informative)
... if you opted in, it's safe to opt out. If you didn't opt in, opting out just tells the spammer that they have a live person at that address.
I did spam admin for many years back in the 90s, that was even the standard advice then.
If you want to end the spam for a bit, delete the account for a month or two or fake reject messages convincingly.
Re:Well... (Score:5, Informative)
My ironimeter just exploded.
Sorry... couldn't resist.
Re:Well... (Score:2, Informative)
The jury is still out on this one. I opted in a free report by Bob Allan (sp?), the real estate guru, and I got a slew of unwanted email by dozens of different companies from all over the US over the next few weeks. I opted out every single one of them, and still more are coming. The spam volume is decreasing thankfully. They look semi-compliant with the CAN-SPAM. I suspect I would get more spam if I didn't opt out. So these guys are just overzealous marketers, and not blatantly brute force spammers... oh well.
Re:Well... (Score:5, Informative)
What are the moderators smoking (see parent score)?
Re:Yes (Score:3, Informative)
Don't worry. Gmail only block linked images. The ones you saw were surely just embedded image. No outbound connection (except to gmail) is required to display those, so nobody (other than gmail) will even know you looked at them.
Opt-out as a by-product of CAN-SPAM (Score:3, Informative)
If you ever wonder why so many spammers couldn't possibly care less about CAN-SPAM, just consider this:
Re:Well... (Score:3, Informative)
From their page:
Slopsbox is mailinator.
FTFY.
Re:Well... (Score:3, Informative)
"Your" mailbox is the property of the Federal government. So in the case of the US mail, depositing "junk" into a mailbox is not a property rights issue, as the mailbox is not your property in the first place.
Wasting the computing resources of a privately owned computer system is a different story. That IS your property.
Opting out (Score:3, Informative)
Re:Well... (Score:5, Informative)
Hey, I'm a prison snitch. Mod me informative too!
Just As It Is When Your Router Is Pinged... (Score:4, Informative)
...the correct answer is no answer at all.
Opting out or responding to spammers in any way other than silence or bouncing is asking for trouble.
Different classes of spam (Score:5, Informative)
As for opt-out, the remaining spam comes from what look like legit marketers. I definitely did NOT opt in to their list, but once one crooked spammer sells his "double opt-in email list", you're on it for good. The legit marketers send their mail from different domains, but if the spam has a good SPF record, and the opt-out notice goes to the marketing company and not the domain of the sender, I click on the opt-out link. Incoming mail that fails SPF is rejected. No SPF record and I don't opt out. And after a few weeks, I see a negligible amount of repeat email from these marketers, and overall the incoming spam has been reduced over 90%.
Re:Well... (Score:4, Informative)