Steve Riley on Security

Formerly of Microsoft's Trustworthy Computing Group.

The opt-out from hell

The opt-out from hell

  • Comments 8
  • Likes

One problem with making your email address available (which I will continue to do, don't worry) is that folks with something to sell assume you're interested in their stuff. To wit, let's consider an email I received today (copied, headers and all, after my griping).

Note that if I want to opt out of further communications, I have to do two separate things -- which actually becomes three things.

  • First I have to click the last link to opt out of future TechTarget spam. (Yes, I deleted the actual links. But certainly none of my trustworthy readers would attempt to re-subscribe me, right...? <g>
  • But that isn't enough -- I also have to separately opt out of future Avaya spam! (Why does the no-more-from-Avaya link live on a techtargetmail.com server? Whatever.) Clicking on that link eventually does land me on an avaya.com page, where I have to confirm my email address and indicate they don't have my permission to send me spam. Hmm, too difficult to embed my email in that link, when the other techtargetmail.com link did embed my email?
  • Then after submitting it, another page pops up telling me that I'll soon receive an email with additional instructions! In this email there's a link -- to avaya.com with my email address embedded -- that I must click, I guess to double plus confirm that yes, I really really really do wish never to hear from you again. Clicking that link takes me to a page that promises my "permissions have successfully been set. Thank you."

A pox on both your houses, TechTarget and Avaya. I never asked for your stuff. Go away.

Spam, my friends, is only going to get worse. It was so easy to ban junk faxes in 1991. But even those regulations were weakened in 2005. So do you really think we'll see anything even remotely logical for outlawing spam? I doubt it, unless we the citizens foment a revolt. Let's get cracking!

 


Received: from SVC-EXGWY-E801.partners.extranet.microsoft.com (10.251.24.242)
by tk5-exhub-c102.redmond.corp.microsoft.com (157.54.18.53) with Microsoft
SMTP Server (TLS) id 8.1.291.1; Tue, 16 Sep 2008 11:27:56 -0700
Received: from mail139-wa4-R.bigfish.com (216.32.181.113) by
mail04.microsoft.com (10.253.160.184) with Microsoft SMTP Server (TLS) id
8.1.291.1; Tue, 16 Sep 2008 11:27:55 -0700
Received: from mail139-wa4 (localhost.localdomain [127.0.0.1])    by
mail139-wa4-R.bigfish.com (Postfix) with ESMTP id 018C11184C2    for
<steriley@microsoft.com>; Tue, 16 Sep 2008 18:27:50 +0000 (UTC)
X-BigFish: ps16(zz18c1K1936K2b7wcak69jzzzz2af1jz2fh6bh5eh65h)
X-Spam-TCS-SCL: 4:0
Received: by mail139-wa4 (MessageSwitch) id 1221589667478982_28100; Tue, 16
Sep 2008 18:27:47 +0000 (UCT)
Received: from pp.techtargetmail.com (pp.techtargetmail.com [65.211.80.227])
    by mail139-wa4.bigfish.com (Postfix) with SMTP id 46566978071    for
<steriley@microsoft.com>; Tue, 16 Sep 2008 18:27:47 +0000 (UTC)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=pp.techtargetmail.com; b=iOmibOrM91/1Ugy2gj3QbWo74T2m3GuhmwxZCXJQpFT+nwRES8QKg+4vjt48SNp7WWJExG61Ge+DtnKD3KVI3KwqTKzkPRVrEBF0DCHhYot6VAG/EyEr5vb5RhBz+91yvNhbIqITzGnuQ+uBDJzyc6gU0FHfBl0Fa3S/phcPELM=;
Message-ID: <a818b044.724694.236c8ee748f7dd97.1.n.4.2971370188@pp.techtargetmail.com>
Date: Tue, 16 Sep 2008 14:27:47 -0400
thread-index: a818b044.724694.236c8ee748f7dd97.1.n.4
Reply-To: Avaya <a818b044.724694.236c8ee748f7dd97.1.n.4@pp.techtargetmail.com>
From: Avaya <Avaya@pp.techtargetmail.com>
To: Steve Riley <steriley@microsoft.com>
Subject: 7 Tips to Ensure Readiness for UC Deployment
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4133
Return-Path: a818b044.724694.236c8ee748f7dd97.1.n.4@pp.techtargetmail.com
X-MS-Exchange-Organization-PRD: pp.techtargetmail.com
Received-SPF: Pass (SVC-EXGWY-E801.partners.extranet.microsoft.com: domain
of Avaya@pp.techtargetmail.com designates 65.211.80.227 as permitted sender)
receiver=SVC-EXGWY-E801.partners.extranet.microsoft.com;
client-ip=65.211.80.227; helo=mail139-wa4-R.bigfish.com;
X-MS-Exchange-Organization-PCL: 2
X-MS-Exchange-Organization-Antispam-Report: DV:3.3.6916.600;SV:3.3.6916.813;SID:SenderIDStatus Pass;OrigIP:65.211.80.227
X-MS-Exchange-Organization-SCL: 2
X-MS-Exchange-Organization-SenderIdResult: PASS

The following message was sent to you as a subscriber to third party offers from a TechTarget property, including our network of Search sites, Bitpipe.com, CIO Decisions Magazine, Information Security Magazine, Storage Magazine, KnowledgeStorm, TheServerSide.com and/or TheServerSide.NET. To unsubscribe, see below.
____________________________________________________________

How should you evaluate the move to unified communications (UC)? Who within which parts of an organization will benefit? Will UC reduce the time to market? Read this E-Guide for answers to these questions and a better look at how the value of UC will, at first, be less of a financial issue and more of a productivity improvement issue that translates into financial benefits. Download this white paper now: http://pp.techtargetmail.com/c.asp?724694&236c8ee748f7dd97&1

When implementing unified communications, there are a number of important issues to think about and questions to ask. This E-Guide analyzes seven phases to ensure you reap the full benefits of UC in each. If you're ready to take the plunge but you're not sure your business or your infrastructure is - download this E-Guide now.

Click here to learn more: http://pp.techtargetmail.com/c.asp?724694&236c8ee748f7dd97&1

"If you do not wish to receive future promotions directly from Avaya please forward this e-mail to {link removed} ; please note that there is a separate opt-out procedure below to be removed from the list from which this email originated."
____________________________________________________________

Please do not reply to this email.  To unsubscribe from all future third party offers from all TechTarget properties, simply click here: {link removed}

TechTarget | 117 Kendrick Street, Suite 800 | Needham, MA 02494


Comments
  • If you want spam to stop, start going after the companies that may benefit from it. Like phishing, MOST legit companies don't like their names being dragged into the mud so they often go after the spammers themselves. YMMV of course, I just make sure my work email address is not posted on any site in any way that bots can read it. In addition I have 4 other email addresses: 1 for personal stuff, 2 for honey pot purposes and 1 for my online gaming and forums presence.

  • here in australia by law everything has to be opt-in so by default i get nothing unless i tick the box, of course the geography of law comes into play here, however, i think spam is here to stay just like junk mail in the letterbox out front of my house, junk mail in the newpapers i get etc etc.  We just have to put effort into managing it [block it] as best we can.

    for example, when i signed up my hotmail account way back in the mid 90's it was not long before i was getting 20+ junk mails a day, now same account and address 10yrs later i get 1 maybe 2, so a lot has been done in the backend to manage it but i doubt it will ever go away altogether.

    CB

    p.s. sorry if i posted this twice but my pc borked.

  • The following message was sent to you as a subscriber to third party offers from a TechTarget property...

    ___________

    It's always amazing to me when people sign up for opt-in mailing lists, forget and claim it's spam. You've completely distorted the meaning of the term spam. Spam is unsolicited.

    Simply pay attention when you check off subscriber boxes on websites. If you don't know the frequency or scope, then don't sign up for it. Next you'll be saying you're not even a member of that website. Pul-leeze.

  • Hm, care to leave a name, Mr/Ms Anonymous Accuser? You bet yer ass I pay attention to those checkboxes on the rare occcasions when I do enroll a membership.

    After checking each of their numerous sites, I find that I am somehow enrolled in one of them -- unrelated to my interests. But it's an incomplete enrollment, with incorrect information even. Anybody care to place bets that hundreds of people got "enrolled" without their own permission? And they offer no way to close your account! Shameful.

    Fact is, TechTarget is guilty of all kinds of spamming. I routinely receive their dreck, and have availed myself of the "opt out" on every email they send. Yet it keeps coming and coming.

  • TechTarget is a big spammer.  Once they get your email address, you never get off their lists, no matter how many times you opt out.  If the spam law meant anything, they would have been jailed already.

  • Given the international nature of the internet, everyone is bound to eventually start receiving loads of spam, unless you change your address regularly.

    Proposals to solve this problem in ways that requires worldwide cooperation are unviable. The only way to solve the spam problem definitely is to adopt a practice whereby you can easily create unique and unpredictable variations on your email address and hand them out to people, and only those variations that you create will work. After doing so, you don't need to opt out of the stuff that people send you in the first place, you just cancel that one address.

    The nice properties of this solution are that (1) it gets rid of all your spam, (2) there is no false-positive problem, (3) anyone can start using it today, and it will be effective even if no one else does.

    The disadvantage of this solution is that it requires technology that mostly isn't there in most mail servers today. But this is a trivial problem compared to getting laws passed, enforcing them, and getting Russia to comply.

  • ������� �����, ����� ���� �����������

    [url=http://intim-msk.popka-rotik.ru/1-shluhi-g-krasnodar.shtml]����� � ���������[/url]

  • The corporate owner of SearchSecurity and SearchSecurityChannel (TechTarget) IS one of the worst proprietors of "Auto Opt-In" junk mail I have ever seen.  If you sign up for their Information Security magazine you will automatically be subscribed to more than 50 distribution lists.  Since you are inherintly subscribed this does not constitute spam (that would be "unsolicited" email).  Nonetheless, this constitutes the worst kind of hidden auto-subscription I've ever heard of.  

    TechTarget should be ashamed of these practices and should review their methods of subscription to their products to a more user-friendly model.  Wishful thinking?  Let's see!

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment