Lashback’s UBL: Tracking Unsubscribe Abuse

Looking for a blacklist that helped you block mail from people who send mail to lists of people who have unsubscribed? Well, that’s what Lashback’s Unsubscribe Blacklist (UBL) does.

To find out how it works, I went straight to the source. Here’s how Brandon Phillips, Lashback’s CEO, described it to me during a recent email exchange: “LashBack continually places seed/probe email addresses on every suppression file we discover (300k+ so far). We do this so we can monitor to see when email addresses (consumer unsubscribe requests) are harvested from those files and start receiving email. This is one of many internal checks our systems perform in an effort to establish "Trust" with an advertiser/sender.

“We know that if those uniquely identifiable probes start receiving email it's because a specific unsubscribe request has been misused. The IP address of the sender who's sending to that probe then ends up on our UBL.”

Lashback’s in a unique position to help identify and track bad guys who misuse unsubscribe requests. Here’s how they can do that.

First, they provide a service called Unsub Monitor. If you’re a list manager, this helps to notify you if your unsubscribe processing system ever breaks. All modern list management systems are a combination of code and data, and like anything else, where code and data intersect, bugs and crashes can follow. It’s great tool to help you, as a list manager, make sure you’re not breaking the law. (As the Yesmail/FTC case showed, people with the power to fine you are indeed watching to ensure that people, once unsubscribed, stay unsubscribed.)

In addition to that, they offer the Lashback Toolbar for end user. This is an Outlook plug-in that gives email users a standardized unsubscribe link for emails. It links back to a specific unsubscribe process for a specific list, and Lashback is able to track which ones work, and which ones don’t. This enables them to be able to tellwhen somebody continues to send email to a user even after that user has unsubscribed. Bad senders who abuse their unsubscribe list by sending mail to it can then end up on the UBL.

They obviously haven’t listed every bad actor in the whole world, but the fact that they are tracking 130,000 bad senders in the UBL currently (as of March 29) suggests that they mean business.

If you want to use their blacklist on your own system, the DNSBL zone is You can also download a text or XML file of the listed IPs for use in other spam filtering applications. See their UBL Resources page for more information.