Will Apple Mail threaten the newsletter boom?

My work actually visits the url ahead of time.

This sucks when the link is a one-time-use only code.

If I can't unsubscribe with a single click then it's spam and I report it as spam. They don't give a shit about me, so I don't give a shit about them.

It's easy: I set a rule in Mail that flags every email containing "Unsubscribe" or related terms with a red flag, and I review and mark them as junk when they show up. Every newsletter is spam because I would never ever sign up for one, regardless of whether I do business with the sender. Either they are illegally mailing me spam from some list that they purchased, or they hid their "please don't send me bullshit" opt out when I signed up for their services, because I would never ask to receive marketing or product updates. It's all spam.

If something makes itself difficult to unsubscribe you could always feed it to the spam filter

And more and more often, unsubscribe links go 403 or even 500 when on Tor or well-known VPNs, while the rest of the site works fine on it. A great way to make me never want to deal with you again is to coerce me to doxx myself to unsubscribe from your newsletter.

It's not uncommon for the unsubscribe links to live on the same domain as the link tracking and other features of whatever email or marketing automation platform they are on, so if those are blocked to prevent tracking, the unsubscribe links would be as well.

I spend about 10 seconds at most thinking about if my bank sent me a spammy looking email and then separately go to the bank site and look for whatever they were supposedly talking about.

Rule of thumb: never click on the link.

The MFA we commonly use right now won't protect against phishing because, as I suspect you mean, the codes are not protected against being entered into the "wrong" site.

Proper MFA, like U2F/FIDO2/whatever-it-is-called-today, will protect against phishing because the visited site won't match the hash needed to complete the second-factor-auth-flow.

Yes it does, maybe not directly. Two examples, both 1Password and my Yubikey only autofill passwords based on the domain. I immediately get a tingle when I go to autocomplete a commonly visited website and it doesn't fill ... time to immediately inspect the URL for phishing etc. Those tools have definitely saved me multiple times.

You get what you measure, so relying solely on clicks to measure interest is going to drive email products toward more clickbait designs and content—reversing a nice trend over the last few years to put most/all of the content into the email itself.

> Likewise for engaging (or not) with emails at all. What setup do you have in mind where this is the case?

If you use IMAP (or basically anything else than POP) then your email client reports the read status back to the server.

Outlook killed NNTP 20 years ago by virtue of not supporting it (every other mail client at the time did).

it also suffered as a discussion medium because of the decentralized unauthenticated measure, for sure - I don’t think the global hierarchy would have done much better than it did.

But two companies I was consulting for around 2000 had very effective NNTP internal servers, and both switched them off around the same time because Outlook didn’t support them (Outlook Express did, but that’s not helpful)

One just went the “reply all” route. One used a mailing list (majordomo, iirc). Neither worked remotely as well as NNTP did.

Is this annoying? Do you still want it if there's nothing in it you want to engage with?

Or are you saying you want to read it, but take no related actions on it?

I would absolutely love to be automatically unsubscribed from everything I don't engage with.

I get tons of kinda-sorta-legit marketing emails due to a very old generic gmail address, and people being bad (or lazy) at entering addresses everywhere.

(Also tons of actual email meant for other people, but that's another story)

I feel like there is a body of literature waiting to be written about businesses refusing to take a hint in favor of user-hostile decisions. These things are conscious choices by the senders and they had several meetings about it.

The two best mail clients, mutt and whatever people like that runs as part of emacs now, don't have read receipts at all.

Even MS Outlook lets end users decline to send read receipts. There's probably some awful group policy system to force it, though.

I guessed it would just be some url variables on the end of each image, is that not how it works?

This is why a legit newsletter might have a confirm step:

https://news.ycombinator.com/item?id=27469535

I’ve had to deal with customers angry they did not get emails they wanted, and we tracked it back to a security service at their employer that auto-clicks all email links to check them. We had to add a confirm step to unsubscribe to keep it from happening. We’re B2B and I suspect it’s a much bigger issue than B2C because so many companies run custom email setups.

Which isn’t related to what you are replying to. We are talking of legit newsletter that offer 1 click unsubscribe.

Generally yeah some people will just hit spam as unsubscribe even to something they signed up for. A lot of people have email overwhelm. You gotta figure that a fraction of people on any service behave oddly.

I’ve even done it myself on occasion when I’m pretty sure I HAVE unsubscribed but I keep getting mail (from things I likely signed up for)

> Seems odd that people would go to the trouble of subscribing to a newsletter only to send it to the spam folder.

It happens. You have people in this thread explaining they hit the spam button when unsubscribe has a confirm step, even if they know they signed up.

There has also been long-standing advice not to hit unsubscribe on spam because all it does is confirm you’re there. A surprising number of people think that means never hit unsubscribe links at all, even in things you signed up for.

How would he know? How would anyone know??

I've seen people enter their email into those intrusive "sign up for our newsletter" popovers because they think that's the only way to bypass them. Which is probably one reason why sites keep using them. Not everyone is as web savvy as we like to think.

I report every newsletter and similar as spam because I have never knowingly or wittingly signed up for one. If I receive one, I was tricked into signing up for it (or never did), thus: spam.

workflow may be something like 1. Free music 2. required signup for band newsletter 3. Why am I receiving this newsletter? 4. Mark as spam

True, but that has nothing to do with the comment you responded to. Regardless of whether tracking pixels are blocked or not, scummy marketers are still going to do that.

The question is, will it hurt the indie newsletter guys and gals, the people sending stuff you actually want? Certainly yes. They won't know if they're still giving their audience something of value.

The bigger problem, in my mind, is the unintended consequences of this. Will blocking tracking pixels actually cause those scummy marketers to send even more emails? My guess is, absolutely yes.

Post-tracking, nobody can prove the marketing department emails are ineffective or hurting deliverability by oversending, so let's blanket inboxes with as many as we can!

The problem with RSS is you can’t force sign up people without them realising.

Almost all newsletters are spam and should be treated as such.

That is what will happen. Send an excerpt and to view the full post click on the link, which will be tracked along with the website which serves content filled with javascript trackers and cookies :(

Sure, and that’s not spammy at all

In this case and things like ATT, Apple is saying "you can no longer do this to our users unless they agree to it first". And they default to asking users. That users are the ones making these choices is an important point.

You know you can opt in and out of these features right? The whole point is to let the users pick themselves...

> These features Apple introduce sell well because people (including me) want them.

You want the service, you don't necessarily need it from Apple though. That's the crux of this entire argument: Apple's black-box model is terrible for the industry. Apple is opposed to any roads that don't run through taxable lands, so it should come as no surprise that they want to tear down everything that keeps the web currently working. The less functional the internet becomes, the higher pressure there is to use native apps: that's likely part of why Safari is woefully broken and outdated compared to Chrome and Firefox.

> If this is bad for journalism, we’ll end up in that crisis and figure out a way that doesn’t use these methods.

We are already in that crisis. Whenever a paywalled link crops up on Hacker News, the first comment is always an archived version for the 99% of readers who would otherwise be unable to read that. Compared to the past 15 years of reporting, that's a direct downgrade. Adding synthetic friction to the flow of information never works: games get cracked, movies get shared, shows get ripped and music gets leaked. It's nothing new, and pretending like it's somehow not going to affect the next decade of reporting seems a little disingenuous to me.

But they do? Apple is literally in the news business, the services business (many of which rely on ad revenue to compete with Apple's own services), increasingly in the ad business itself (revenue is expected to rise to 11 billion in 2025, growing quickly)[1], and as I just laid out in the post above, has a huge interest in just laying waste to independent revenue streams outside of their own channels, in the exact same way digital platforms overall benefited from laying waste to the small and mid-sized ad-industry.

[1]https://9to5mac.com/2019/11/15/apple-ad-revenue/

This asymmetry is already very real, and a quite dominant pattern of Apple's strategy is now to build mechanisms to protect explicitly their ability to monetize all aspects of their _users_, not so much their devices.

These small steps taken under the banner of "preserving the users' privacy" are also steps to make sure that all those clumsy users don't get offered something without giving Apple the opportunity to profit from it first.

And the only disarming response to this so far is "yeah, but that's fine for me. I WANT Apple to take control, they're the good guys with the cool products!"

It's believed Apple generates ~$2B per year from advertising revenue (through Appstore PPC) and that could increase to over $10B in 2025. [0]

[0] https://9to5mac.com/2019/11/15/apple-ad-revenue/

You're not wrong; it's not like industry constantly lobbies against regulation because they'd be _more profitable_.

Maybe it's called for and in the consumer's best interest, but let's not pretend Apple is doing this for industry's bottom line.

It forces publishers into closed gardens. I am willing to bet Apple's work here will have the same effect that advertising did on RSS, which is that newsletters will turn into truncated notifications designed to bring you to a website where they can get the business metrics they "think" they need.

I actually think there is a nice middle ground for something like a basic view counter, and some open rate data to be available in an aggregated, anonymous way.

>Gmail and similar providers proxy all image URLs they receive at the time they receive the email, so you can't tell when a user later opens the email.

I searched around and found some articles that makes the same claim[1], but in my own testing that doesn't seem to be the case (ie. I had to click on the email before image would start loading).

[1] https://sendloop.com/articles/the-effect-of-gmail-image-prox...

This is not correct. They load the URLs at the moment you open the e-mail. You are still trackable. It's just that they open it on backend, so they don't get your IP, but they still know that you opened it.

Gmail’s proxy only requests and caches the image when the user does. It does not hide anything other than the user’s IP address.

No, you’re missing the difference. Gmail requests the embedded resources when you open the email. So it’s still possible to track open rates through it, even if the proxy obscures your IP address. Apple Mail requests the embedded resources without you opening the email, so you cannot use it for tracking open rates.

A lot of people assumed this is what Gmail did, but it wasn’t actually the case.

> if your country has lax privacy laws Apple will exploit it till the law says otherwise

Given the wretched state of privacy laws in the U.S. that seems an uncharitable position. Apple has far more business motivation to treat its customers well in that regard than to try to squeeze money out of their data.

Although you’d think they’d have motivation to treat developers better than demanding a 30% cut, so there’s that.

If Apple re-uses iCloud Private Relay for this feature, which they might or might not be doing, then there are actually two entities involved and Apple presumably knows what user made the request but not what URL was requested: https://appleinsider.com/articles/21/06/10/how-apple-icloud-...

Typically they have an off switch for things that are considered sensitive data, and when they don't they seem inclined to course correct. If they don't have an off switch in the WWDC developer betas, that would be a bug for everyone to report via Feedback Assistant.

This is absolutely correct. Because you can connect Apple Mail to non-Apple servers, they are missing out on a lot of telemetry that Gmail gets by default (because it already goes through Gmail's servers.) This gives them an excuse to proxy non-Apple email. (on another note, it sure seems like most of Apple's moves are dual-purpose now, and I don't think that was the case in the days of Jobs.)

However, I'd like to see the Privacy Policy (if it's available and in plain English) for this feature before concluding that they're not immediately discarding this data (or even just where I get my mail from, which is also very useful information to further lock me in.)

When I started my newsletter, I was seemingly the only person using email for long-form. Now everyone’s doing it.

The situation with Outlook should hopefully improve in the next year, as Microsoft is planning to make different versions of Outlook work basically the same, with the web version as the baseline: https://www.techradar.com/news/microsoft-wants-to-unite-all-...

The downside of this whole saga with Apple is that other than this Apple basically renders emails better than just about every other service—rendering essentially using the Safari engine. Gmail has improved but inlining CSS is still required because of it.

If everyone was working to a unified standard life would be easier for email senders … possibly even recipients.

Casey’s are fairly stuffed with links. The format is generally: main article; multiple sets of links to other articles; funny tweets. He might be more mindful these days of how many links he includes, because at the beginning he seemed quite alarmed that many readers couldn’t see the whole email without a jump.

That is ... not reliable tracking.