I'm having a lot of problems with GMail delivery due to lack of "one-click unsubscribe" -- however that is quantified, which is not clear.
In particular, there is an issue with the fact that Google ignores dots in email addresses. So I have many (MANY!) subscribers who try to use the List-Unsubscribe header target, but because they are subscribed as "idiotsubscriber@gmail.com" rather than "idiot.subscriber@gmail.com" (which they have since changed their sender to) they get a reject that they are not subscribed. These people are also far too unobservant to read the footer of every message that reads "You are subscribed as idiotsubscriber@gmail.com".
Is there any way to provide personalized List-Unsubscribe header links, or have Mailman ignore dots in gmail.com addresses... or... anything? I'm finding reported spam percentages in the Google Postmaster Dashboard exceeding 0.1%, which causes massive delivery blocking to GMail-based subscribers.
While I would gladly ban everyone who uses gmail, that sadly accounts for about half of the Internet today and would be incredibly unproductive.
Thanks, --Jered
Jered Floyd writes:
Is there any way to provide personalized List-Unsubscribe header links,
Google should do it in their implementation -- they know which of dozens of equivalent addresses the post was sent to, and it's quite likely to be available in the header of the delivered post (and if not it's easy to add).
For Mailman, not without adding a new feature. The current approach takes the sender of the "unsubscribe" message as the address to unsubscribe. While this is not currently hard to spoof, it does cut down on mere mischief. If spoofing becomes a problem, it would be sraightforward to check for From alignment, which should make spoofing very hard, as the overwhelming majority of users use providers who DKIM sign and check the login. An URL which specifies the address to unsubscribe would need to be authenticated in a different way, requiring a different command for a MAILTO URL, or a different scheme such as HTTPS.
or have Mailman ignore dots in gmail.com addresses...
I think we already canonicalize addresses to lowercase, and I'm unaware of problems with that, as apparently essentially all providers ignore case. Theoretically we could do that, but ... catering to Google breakage?! I'll do it for money, maybe somebody else will volunteer.
If we're talking about a new feature, I think the most straightforward approach is to use RFC 8058[1] "one click" URLs. I believe it is already implemented by Gmail and Yahoo, I don't know about Outlook or the open source MUAs. This would require a substantial (but straightforward[2]) addition of code, and of course personalized delivery (I don't know if anyone balks at that any more, though).
or... anything? I'm finding reported spam percentages in the Google Postmaster Dashboard exceeding 0.1%, which causes massive delivery blocking to GMail-based subscribers.
That's obnoxious. If they can get reported spam rates down to 0,1%, almost certainly 90% of reports are subscriber malfeasance or incompetence!
While I would gladly ban everyone who uses gmail, that sadly accounts for about half of the Internet today and would be incredibly unproductive.
Aw, c'mon, be a hero! (^^) Gmail has gotten so enshittified, but it just doesn't seem to matter, does it.
Footnotes: [1] https://datatracker.ietf.org/doc/html/rfc8058
[2] That is, we'd need to add a new location in Postorius and code to accept POST access to it, encrypt/decrypt functionality to handle an opaque token (to prevent automated denial of service by folks without access to the person's email) or a table of one-time tokens with expiration (same purpose, and expiring so the database doesn't grow infinitely). What we wouldn't need to do is to change any exsting code.
participants (2)
-
Jered Floyd -
Stephen J. Turnbull