Images Events Jobs Premium Services Media Kit Network Map E-mail Offers Vendor Solutions Webcasts
IT Management Webcasts:
The Role of Security in IT Service Management

Preparing for an IT Audit

More Webcasts

Search EarthWeb Network

Be a Commerce Partner
Promotional Products
Compare Prices
Corporate Gifts
Remote Online Backup
Online Education
Web Hosting Directory
Phone Cards
Online Universities
Career Education
Home Improvement
Logo Design
Condos For Sale
Promotional Gifts
Build a Server Rack

Linked Data Planet Conference & Expo

IT Management : Columns : Executive Tech: How Not to Unsubscribe

Hyper-V: The Killer Feature in Windows Server 2008
It's fair to say that while many of the other new features are evolutionary, Hyper-V, by contrast, is revolutionary. Paul Rubens explores Microsoft's big step into virtualization. »

Download the Windows Server 2008 Trial
With Windows Server 2008 you can develop, deliver, and manage rich user experiences and applications, provide a secure network infrastructure, and increase technological efficiency and value within your organization. »

Reduce Complexity and Costs with Microsoft Identity and Access Solutions
Your organization depends on making digital information accessible to a broad spectrum of users over range of devices and networks. Register now for free Identity and Access Solutions from Microsoft. »

Virtualization from the Data Center to the Desktop
Integrated virtualization solutions from Microsoft can help you meet evolving demands more effectively as you transform your IT infrastructure from a cost center to a strategic business asset. »

- ITSMWatch Newsletter -
Tech Focus: Security

Cybersecurity: Laws Only Go So Far

Mozilla Firefox vs. Internet Explorer: Which is Safer?

Is Your Blog Leaking Trade Secrets?

The Las Vegas Counterfeiting Story: Is Your Privacy Worth More Than a Poker Chip?

Stopping Spammers at The Point of Sale

Product Watch
IOGEAR KVM - Includes Audio/Peripheral Sharing
Coverity Prevent / Coverity Thread Analyzer - Analyze Source Code For Defects, Security Vulnerabilities
USSD Series - SDRAM-Based Solid State Drives to 256 GB
UltraSMS - Send SMS From Your PC
Sentinel Sensors - Wi-Fi Based Temperature Monitoring Especially For Cold Storage

more products >>

Datamation Definitions
data mining
grid computing
network appliance
FREE Tech Newsletters

Teraflops To Go: Need to build a large-scale computing solution that provides up to 100 teraflops worth of peak compute power? Sun has developed a simple tool that can help. Click here to get started.

How Not to Unsubscribe
October 5, 2004
By Brian Livingston

Brian Livingston Is it safe to use an "unsubscribe" link to stop getting e-mail from a particular sender? Or will clicking the link just get you more spam?

One firm's executives have studied this question extensively — and the answer they found is very likely to surprise you.

To Unsubscribe Or Not To Unsubscribe

I've often decried as an urban myth the idea that clicking an unsubscribe link would get you more spam. For example, I wrote this on March 21, 2003: "Legitimate e-mail newsletters do honor unsubscribe requests, but most spammers don't honor them or use them in any manner, if their unsubscribe links even work."

My reporting on this subject was based on controlled studies of spam, such as an April 2002 report by International Netforce. This intergovernmental group is a joint effort of several U.S. states, the Federal Trade Commission, and four Canadian agencies to sue Internet scammers of all kinds.

The task force tested the unsubscribe mechanisms that were touted in a sample of the 10 million unsolicited e-mail messages that the FTC has amassed in its huge spam database. What did they find? The "vast majority" of the unsubscribe links in these spam messages didn't work in any way, shape or form.

Now I have fresh information on the slimy, deceptive use of unsubscribe links. I've found a small, high-tech firm that's conducted new, in-depth tests. Out of the tens of thousands of messages the researchers examined, a tiny minority of the unsubscribe pages actually are collecting e-mail addresses and then sending spam to the victims they've snared.

Fortunately, you can almost completely avoid such despicable links. Here's how.

A Dime A Day Keeps The Spam Away

Lashback LLC is the name of the firm that's conducting this research. This self-financed startup employs eight people and supports more than 10,000 subscribers. The company sells a service named — what else? — Lashback for $29.95 per year, a little under 10 cents a day.

Lashback Users Click The Button. The company's downloadable software integrates itself into Microsoft's Outlook and Outlook Express e-mail programs. Once the applet is installed, the user sees a Lashback button that promises a safe way to unsubscribe from any e-mail list, whether it's spam or not.

Spam I Am. Clicking the button sends the unwanted message to the user's Spam folder, where it will sooner or later be deleted. (The software can alternately be configured to send such messages directly to the Trash folder.) At the same time, the message is zipped to Lashback headquarters for analysis.

Who's Naughty And Nice. Lashback's computers then invent a new, unique e-mail address and submit it to any "unsubscribe" form that the e-mail may link to. An innocent e-mail response — such as "You are confirmed to be unsubscribed," or no response at all — is considered a good sign. But if anything else is spewed to Lashback's unique address, the site is put on the company's list of "Abused Unsubscribe Links."

Blocking The Spammers. When an unsubscribe mechanism proves to be genuine, Lashback (after a decent interval) submits the user's real e-mail address and the user therefore gets off the list. Fine. If the mechanism was just a way for a spammer to collect e-mail addresses and send more spam, however, Lashback diverts all such messages in the future directly to the user's Spam folder, where the user will probably never have to deal with them again.

If It Looks Like Spam... Lashback's method of diverting spam is unique among all the approaches I've seen. Because spammers are constantly changing their "from" address and other identifying characteristics, Lashback doesn't rely solely on these indicators. Instead, the company records the names of Web sites that advertise in messages that have bogus unsubscribe mechanisms. All spam is ultimately trying to sell you something or make you visit some Web site or another. It doesn't take long for Lashback to figure out which sites those are, according to Brandon Phillips, the company's president.

Keep Your Company Off The Abuse List

Recognizing certain Web sites as "sure signs" of spam is an approach that has gigantic implications for both legitimate companies and shady ones.

Are You Sure Your Mechanisms Work? A July 2004 study by Arial Software, an e-mail software publisher, found that an astonishing 51% of e-mail newsletters from otherwise legitimate companies failed to include an unsubscribe link anywhere within their messages. Arial quietly subscribed to newsletters from 1,057 well-known business organizations, including most of the Fortune 500, and then examined the resulting e-mails to reach this depressing conclusion.

Guilt By Association. If your company's Web site is hyperlinked within one of these blue-chip newsletters that doesn't have a working unsubscribe mechanism, future e-mails that also link to you may be filtered out as "spam."

I think the lesson is crystal clear. If you care whether e-mails that mention your company's Web site get delivered, make sure any online publication you're associated with has an unsubscribe link, and one that really works.

How To Avoid Those Bogus Unsubscribe Links

At this writing, Lashback has tested 27,719 separate unsubscribe links that were included in various e-mails the company has processed. The resulting statistics appear prominently on the firm's home page: only 484 (1.7%) are "abused links" that will send you more spam if you enter your e-mail address. Another 2,712 (9.8%) are "dishonored" links, which appear to function but don't actually accomplish anything, good or bad.

Your task as a computer user is to avoid the 1% of unsubscribe links that are in fact operated by spawn of the Devil.

Outing The "Abused Unsubscribe Links" Index

You can steer clear of these sites by using the list of "Abused Unsubscribe Links" that Lashback has built up through its testing methodology. Because this grand experiment has had a lower priority than marketing the company's primary revenue source (its $29.95 service), the abuse list has never before been publicized. There's no link to the list on the company's home page and, according to the search engine, not a single other site on the entire Internet links to it, either. You're reading it here first.

The list resides at On that page, click the "View List" hyperlink and you'll see the entire Hall of Shame.

Lashback CTO Eric Castelli says his company has been monitoring some of the operations on the list since January 2004. A figure entitled "Violations To-Date" is shown for each link. This number represents the sum total of all the unsolicited e-mails that Lashback's unique addresses have received since August after using each site's unsubscribe form.

This payload can be weighty. The top offender on the list has reportedly sent Lashback more than 1,400 messages in August and September alone.

E-mail administrators in legitimate companies should download Lashback's list periodically and then block user access to the unsubscribe forms on the allegedly spam-happy Web pages. Once that blocking policy is in effect, users can follow a very simple set of rules:

Do unsubscribe from any ordinary, authentic e-mail newsletter that you may once have subscribed to but now no longer want;

Don't bother unsubscribing from spam messages, just delete them, because in almost every case the unsub link won't work — there's simply no good way to get off a spam list; and

If you can't tell whether the message in front of you is a respectable e-mail newsletter or spam, go ahead and click its unsub link. Your company's blockade of the 1% that are bogus will protect you from making an error.

I'll have more next week on the entire unsubscribe mess and what Lashback and other companies are doing about it.

Brian Livingston is the editor of and the co-author of Windows Vista Secrets and 10 other books. Send story ideas to him via his contact page. To subscribe free and receive Executive Tech via e-mail, visit our signup page.

Add to your favorites
Add to your browser search box
IE 7 | Firefox 2.0 | Firefox 1.5.x
Receive news via our XML/RSS feed

Executive Tech Archives

Get FREE Intel Resources on
Servers & Workstations!

Air-Cooled High-Performance Data Centers: Case Studies and Best Methods

Which Is Right for You--Itanium 2 or x86 Architecture?
You now have a choice of two widely supported, industry-standard, 64-bit architectures. Which is the right choice for your data center?

Itanium 2-based Solutions and x86 Architecture



Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info

Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers

Whitepapers and eBooks
Microsoft Article: Will Hyper-V Make VMware This Decade's Netscape?
Microsoft Article: 7.0, Microsoft's Lucky Version?
Microsoft Article: Hyper-V--The Killer Feature in Windows Server 2008
Avaya Article: How to Feed Data into the Avaya Event Processor
Microsoft Article: Install What You Need with Windows Server 2008
HP eBook: Putting the Green into IT
Whitepaper: HP Integrated Citrix XenServer for HP ProLiant Servers
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 1
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 2--The Future of Concurrency
Avaya Article: Setting Up a SIP A/S Development Environment
IBM Article: How Cool Is Your Data Center?
Microsoft Article: Managing Virtual Machines with Microsoft System Center
HP eBook: Storage Networking , Part 1
Microsoft Article: Solving Data Center Complexity with Microsoft System Center Configuration Manager 2007
Intel Video: Are Multi-core Processors Here to Stay?
On-Demand Webcast: Five Virtualization Trends to Watch
HP Video: Page Cost Calculator
Intel Video: APIs for Parallel Programming
HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind
Microsoft Silverlight Video: Creating Fading Controls with Expression Design and Expression Blend 2
Downloads and eKits
Sun Download: Solaris 8 Migration Assistant
Sybase Download: SQL Anywhere Developer Edition
Red Gate Download: SQL Backup Pro and free DBA Best Practices eBook
Red Gate Download: SQL Compare Pro 6
Iron Speed Designer Application Generator
Tutorials and Demos
How-to-Article: Preparing for Hyper-Threading Technology and Dual Core Technology
eTouch PDF: Conquering the Tyranny of E-Mail and Word Processors
IBM Article: Collaborating in the High-Performance Workplace
HP Demo: StorageWorks EVA4400
Intel Featured Algorhythm: Intel Threading Building Blocks--The Pipeline Class
Microsoft How-to Article: Get Going with Silverlight and Windows Live