Hacker Timesnew | past | comments | ask | show | jobs | submitlogin

They haven't "gone bananas". Removing double opt-in means more subscribers, which means higher revenue for them. Their revenue is based on subscriber counts, no matter how they were obtained.

I hope everyone else does what I do: any bulk emails I did not subscribe to get marked as spam in gmail. Even a company the size of mailchimp can't cycle and "warm" email servers fast enough if a critical mass of people are tagging unsolicited emails.



It doesn't matter if they believe that it's higher revenue, GDPR requires consent from the data subject [1] to process personal data. An email address is personal data under GDPR. You can't guarantee consent with single opt-in.

[1] https://gdpr-info.eu/art-7-gdpr/


Even without GPDR single opt-in is already insufficient in e.g. Germany. If you send a newsletter to some lawyer and can't prove consent you might just get a C&D with statutory damages back.


Does this fall under mailchimps responsibility or the company using their services?


The short answer is both.

There's a somewhat longer answer about how MailChimp would need to make the company agree to a separate contract around liability issues, as per GDPR requirements.


Yup, the "Spam" button is a true signal. A company I worked for had problems with the number of times people hit 'spam' on the emails (not even a newsletter, but transactional emails), and AWS SimpleEmailService put us on probation. I got to write a worker task that would consume the queue of "someone marked you as spam" from SES and remove them from our email list.


Forgive the naivety, can you explain a little? From what I understand from this:

You sent emails from AWS to subscribers.

Some recipients hit the spam button in Gmail.

You received a message for every email that had been flagged as spam, including the recipient details.

Is that correct? What exactly happens when I hit the spam button in Gmail?


Yes that’s correct. Email senders are informed when you mark email as spam so they can add you to an unsubscribe list automatically.


This is very odd. I thought the "mark as spam" button was entirely within Gmail. I had no idea it sent a message to the email sender. Is this standard? It seems counter productive, since it confirms the spam was received. I want it to fail silently and disappear forever.

What should I be doing, to achieve silent spam disposal within Gmail?

I hope I don't have to set filters myself, that would defeat the entire purpose of a smart system that learns to recognise spam.

Edit: we're talking about "mark as spam", not "unsubscribe", right?


Yep.


Sounds like an easy way to verify active email addresses.


It is! But it's better just to check the SES queue for "email was delivered".


Yeah the SMTP protocol handles verification of mailbox existence already.


Gmail parses the email for an unsubscribe link and asks if you want to unsubscribe. If you say yes, it follows the link for you.

See this: https://lifehacker.com/5319723/gmail-offers-to-automatically...


Yes, although I'm asking about marking spam, not unsubscribing.


That's when Gmail prompts you...when you initially mark it as spam.


The next time you get such an e-mail, look through the headers (available via "Show Original" in Gmail, IIRC) for a "List-Unsubscribe:" header.

This value will usually be an HTTP URL (it can also be a "mailto:"). That (unique) URL (which is tied to your e-mail address) is then followed in order to unsubscribe you from the list.


Apologies, I'm a little confused. How would a transactional email put somebody into a mailing list so that they could be removed? Shouldn't they not be in the list in the first place?


The transactional email wasn't adding someone to a newsletter. But you can mark 'spam' on any email at all, and some people felt that our anniversary-of-them-signing-up emails or "you've had a problem being billed" emails were spam, so they hit the button. idk man! People are crazy.

We also had marketing emails through mailchimp, but they were totally separate systems.


Ah. I'd have marked the former as spam too (it's an advertisement reminding the recipient you exist, not something in response to a transaction just committed / something they did), but the latter seems plenty safe.

But then, I have no idea how you'd be correlate the transactional mail to the marketing mails anyway (I'd use separate addresses for that). If somebody added my address to a list I didn't sign up for, any mail from them would just be a reminder they did so... It wouldn't be hard to imagine somebody marking everything in the future as spam automatically after glancing at the sender name.


As someone who gets a lot of newsletters from idiots who still think they own the GMail address I've had for 13 years, I'm always afraid marking things as Spam will hurt my experience more than the spammers -- eg, I'm worried it'll lower my account's spam threshold and cause more false positives in my spam folder (which i never, ever check.. and on the rare occasion I do, I occasionally notice I've been 'missing' a newsletter I should have been getting for years).

Any comments as to how this works? I've happily used the spam button on many occasions, but I'm always a little gunshy.


Are there actually any newsletters that you genuinely _want_ to receive?

Personally I’d be really pleased if I could tell Gmail to simply ignore anything even remotely newsletter-related, as I would never voluntarily subscribe to one.


Yes. Just searching "mailchimp" alone in my gmail inbox, I see stuff from a couple of local wineries of which I'm a member, another winery which I used to buy a gift subscription for my mom, a distillery, a couple of local running groups I sometimes participate in, ... the list goes on.


In the short term, probably more revenue. But once they race to the bottom of deliverability rates (like SES, for example), MailChimp will forever have lost it’s major defining feature: emails that actually make it to the inbox.


I suspect they would use different IP addresses for deliverability depending on a single or double opt-in subscription in order to manage that risk. That would be the sensible think to do at least.


That might work against the primitive RBLs like SpamHaus, that rely on DNS-style blacklisting.

In the world of carrier-grade email providers, they outsource spam scoring to one (or more) of a selection of about 3 vendors (Symantec, CloudMark come to mind). These systems also score against the sending domain, among a number of other factors. Source: my best friend is a lead engineer at a carrier-grade email provider.

And playing whack-a-mole with changing sending domains is ill advised as that will lose the benefit of any whitelisting occurring client side.


What exactly is a carrier-grade email provider?


ISPs/free email at scale (Gmail, etc). Think billions of messages per day. Or where the majority of any audience of an email list receives their email.


I'm curious to see how many of their German customers don't realize they have to explicitly set this now. Here, your competitors can you sue/"fine" you for having single opt-in only.


By observing the behavior of Google’s spam filters (what lands in the spam folder and what doesn’t) you can clearly see that Google is not doing an effective job at applying generally to all users what it learns is deemed spam by some other users. Otherwise it wouldn’t flag its own Google News Alerts emails for example and many other legitimate emails as spam. So your efforts might not be having as great an effect as you think. But it should affect your own mailboxes at least, and maybe that’s enough.


Agreed and worth noting that companies could always elect to use single opt-in with MailChimp lists by running sign up forms via the API.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: