Is it safe to click the unsubscribe link at the bottom of an email ?

The answer is that it depends. There are 3 types of SPAM:

1. Legitimate marketing company or bulk sender that has your address on a list and will remove it if you ask them to do so. These spams typically are more professional looking and may have Constant Contact or Vertical Response in the mail headers. The goal of these spam messages is to get you to buy a legitimate product. The companies are engaged in an irritating way of selling the products and services but basically everything is legitimate. This kind of spam is never sent via a zombie computer (i.e. a broadband dsl or cable modem pc that has been cracked), or an open relay. Typically the headers of this message make sense - you can follow who the message is from and the mail servers that relayed the message will often match the from: domain or again it will be a known bulk mailing sender.

2. Black hat spam that is also trying to sell a product or service, but this spam will often be selling sex enhancements, pills, or other sketchy offerings. The headers on these messages won't make sense, as these messages are almost always relayed through accounts on stolen computers (PCs and or servers). When you look closely at the headers, the From, the To and the envelope sender won't match, or will be illogical - like the message will claim to be from someone you know to live down the street but using an email from Korea, or China, or in the Rcvd headers the message will go thru several hops in other countries that don't make sense. Remember, these spams are messages sent by spam gangs that are using stolen services, so the messages are often rushed out, which means they have typos and other grammatical errors that professional marketers and ad copy writers would not make. The quality of images is often cruder, and links that are in the message will use free web service providers that don't match where the email came from. The reason for this is that the websites that are setup to capture clicks (lets say for example Viagra orders) are setup just as quickly and torn down quickly to evade ISP security officers.

3. Phish / scam emails. These are the most dangerous kind of emails. In order for spam gangs to be able to send messages in group (2) above they have to have cracked/stolen accounts on personal computers and servers. This is how they get them - they trick users into clicking links that install software via holes in the web browser (typically but not always MS Internet Explorer). These messages will not usually have un-subscribe links anyway, as they are trying to be personalized (you just won the email lottery, 15M USD was found in a barrel in the bushes of Africa and we need you to help launder it, etc).

4. Mailing List Messages for lists you no longer want to get - This is not SPAM technically, but it can be a problem for users that don't understand how email and email marketing companies work. Subscribing to a mailing list and forgetting how to un-subscribe or being too lazy to do so is a major problem for legitimate list operators. Do not report these messages as SPAM - in most cases these messages will have clear instructions on how to get off the list and they will list your name and email in the body as a subscribed user. The reply-to and from addresses on these messages will make sense - if you are subscribed to a sports website of a US college for example, you wont be getting legit emails from that list that come from Russia or Korea.

You, of course, never want to click any link on a type 3 message, and would be best to avoid type 2 messages as well since any links related to unsubscribing will not work. In fact whether you order the pills or try to un-subscribe to a type 2 message your email will be added to their database as either a paying sucker OR as a working email, in which case they will sell your email address to other spammers.

Type 1 messages are safe to click, and generally they will work. Within 2 to 4 days they should have removed you from their list. Of course your email may still get bought and sold to other companies.

Type 2 and Type 3 messages will often have BAYES poison in them. This is text that is non-sense - random words and phrases, current events snippets, or often classical British literature excerpts. Mr Darcy and other Jane Eyre characters seem especially popular. In html emails this text will be be in a super small font, or colored to try to invisible or very hard to notice. But when you view the source (html code) of an email you can see it.

For text emails the poison will be at the bottom of the message. You may have to scroll way down to view it.

The line between a type 1 and a well-done type 2 message can be somewhat blurred. Typically type 2 messages use a graphic for the footer message. The footer message is in small font and it usually tries to excuse the message or provide some fake way of getting off this "list" that you never asked to be on in the first place. If you drag your mouse across the text and you can copy individual characters, then the message is not a graphic. If the block of text moves as if it were a picture then its a graphic. If you can right click on it and save it as a gif, jpg, or png then its a graphic. If it has a url that has a lot of characters like /images/128318383AB12.gif then its a graphic common to a lot of type 2 spam.

The reason type 2 spams use graphics is that Mail Scanners cant scan the graphics as easy for spam phrases and spam links. So if you see images where text would have worked fine, its 99% likely that this is a type 2 message.

Type 2 messages will also often ask you to send an email, or write (snail mail!) to get off the "list". Legitimate senders (type 1) will never do this - they typically provide a single click link that you can use to un-subscribe directly. And pay attention to the unsubscribe url - if the sender is a type 1 and the sending domain was vertical response, the unsubscribe link should match exactly. Remember domains are rooted from right to left, not left to right.

So if the spam was from massmailsender.com, and the un-sub url is:

www.massmailsender.com/unsub.cgi?email=yourmail@yourdomain.com

thats a good sign.

If the unsub url is:

www.massmailsender.freewebs.moscow.ru/u?e=abc

or similar then thats not a good sign. A legitimate sender spends a lot of money crafting the ads and the message and would not host the unsubscribe tool on a free russian website provider or anywhere else but where their main servers live.

So in summary:

Never ever click on any link in an email that has BAYES poison. A legit sender would never use Bayes poison to evade or confuse a spam filter.

Clicking an unsubscribe link for type 1 or type for messages should work.

if you are not sure what type of message you have on your hands, then report it as suspicious to us and we will take a look for you.

Just follow these steps to report the message:
http://www.richweb.com/spam_steps

If you are getting persistent spam of any type (more than 2 or 3 a week) let us know and we will create rules that can squash that spam for good.