Thanks to tips by a couple blog readers and some clients, I have been looking into Yahoo disabling links in the bulk folder. It does appear Yahoo is no longer allowing users to click on links in emails that Yahoo places in the bulk folder.
In fact, some of the spam in my Yahoo mailbox even has a notice about this.
One of the interesting questions I’ve gotten about this is how it affects unsubscribes. Yahoo is disabling the unsubscribe links in emails that go to the bulk folder. This includes unsubscribe links. And, unlike other webmail providers, Yahoo doesn’t appear to have a way to see the full email. This means that recipients can’t unsubscribe from mail in the bulk folder.
The real question is does this action by Yahoo result in the sender violating CAN SPAM? Anyone have an opinion?
If the message is CAN-SPAM compliant when it leaves the senders network then the sender isn’t violating CAN-SPAM with that message, I’d say.
I agree with Steve on this one. If the recipient uses some obscure email client that doesn’t make links clickable in the first place, or allows you to turn clickable links on and off, the effect is the same.
The interesting question; why is yahoo forcing a judgement call without access to links? have privacy issues been raised about tracking opens and clicks to rate engagement? seems like this keeps all the info within yahoo walls.
@Jim: a lot of today’s spam links to malware (usually via drive-by downloads; Blackhole etc.). Until not too long ago, if you got a suspicious looking email (e.g. one that claimed to come from Paypal) you could just click the link and verify whether the landing page was genuine. Now it’s usually too late: by the time you’ve opened the link, the payload has already been activated.
Not sure what Gmail’s policy on this is, but in some spam emails the links aren’t clickable either, while in others they are.
@Martijn: so basically what you are saying is that Yahoo thinks it is better for someone to move the Phish or malware email to the inbox before they click the link. That doesn’t sound like a great solution to malware, but thanks for the info on today’s spam.
There’s also the issue of false positives where legitimate email is sent to the bulk folder. If the user moves that mail to the inbox it provides information to the spam filters that it was miscategorized, while if they just read it in the bulk folder it doesn’t.
Most false positives tend to be commercial “grey” mail, where much of the content is behind links rather than in the mail itself. Forcing the user to move such mail to the inbox if they want to interact with it seems like it’ll improve the quality of user feedback.
@Jim: it’s not a solution. But it does it a little less likely that someone clicks the link. Ultimately, it’s the user’s responsibility which links to click or not and the user also has the final say on what is spam or not, but making links in the spam folder non-clickable seems like a sound thing to do.
It’s clearly a good idea, particularly given the amount of drive by malware that’s being advertised in spam.
In fact the real question is: Do yahoo violate CAN-SPAM ?
If the sender is CAN-SPAM and put an unsubscribe link to the message, it should be clickable.
If this new changes were made in place for fight malware spam it is generally a good idea.
But if theses changes was made in order to reduce unwanted / unsolicited or spam volume to yahoo server, that’s a very bad idea.
Cause people won’t be able to unsubscribe and even click “report as spam” (because they are in bulk or spam folder), so the senders will keep sending mail to people which in other case probably unsubscribe. This affect the whole process of letting the user choising if he want to be removed or not.
I don’t believe Yahoo can violate CAN SPAM as they are not sending the message and the law puts no restrictions on ISPs.
On the whole, this change helps align the recipient’s filtering preferences with their actions: moving to the inbox gives Yahoo the data that it should be delivered to the inbox in the future. However, Yahoo! should provide a prominent notice of this new behavior when viewing mail in the spam folder. I think most users will just assume that the email is broken.
I find it more odd that yahoo made these changes and does not provide notification of this. Their web mail client will notify the user that images are blocked but not links..
Given the proliferation of spam being sent from Freemailers like Yahoo! via compromised accounts (like http://send-safe.com for example) I can understand why Yahoo! is showing confidence in their filtering decision by rendering the URLs null, but hedging their bets, as Steve notes, due to false positives of greymail by not deleting them outright.