Hacker News new | comments | show | ask | jobs | submit login
Show HN: Contacts finds email addresses (contactsanalytics.com)
47 points by wsieroci 1240 days ago | hide | past | web | 34 comments | favorite



Is this actually email address scraping as a service? This is going to be used to enable spam. Any email sent to an address acquired from this service will be, by definition, unsolicited. Thus, if the email is in any way bulk (and honestly, what will the addresses returned from your service be used for, if not for sending substantively identical content to multiple people?), then the email fits the commonly-accepted definition of spam[1]. This is not OK, and will only make things more difficult for people who do legitimate, consent-based, email marketing.

I'm glad you're respecting robots.txt, but please say what your bot's user agent string is, so site administrators can block specifically your bot.

I'm loathe to be so negative on a "Show HN" post, but I strongly believe that this business is disreputable and that businesses of this type cause harm to the Internet. There may be value in finding blogs/bloggers matching specific queries; perhaps take email addresses out of the equation?

[1] http://www.spamhaus.org/consumer/definition/

Edited to add: just yesterday I received an email from someone I don't know asking me to try out his "weather API." The same email was clearly sent to a lot of different people, and it was sent to an address I have posted on websites, so it must have been scraped. I suspect the sender didn't think his email was spam, since he didn't try to hide his identity or use a bot net to send it. But being unsolicited and bulk, it was spam. It was sent via Mandrill so I reported it to Mandrill's abuse team; most people would probably just mark it as spam, harming the reputation of Mandrill's mail servers, thus making it more difficult for Mandrill to be used for legitimate email sending. I have a feeling "blogger outreach" would follow a similar pattern as this.


Would you consider it spam if someone manually went to a site, found their contact information, and sent them an email by hand? It appears to fit the same definition as "unsolicited", and yet, that is one of the purposes of a business placing their email address on their website.

I work in b2b software, where it's common for sales and marketing people to use publicly posted contact information for outreach (both buying and selling products). IMO, the formal definition of spam as "unsolicited commercial email" is somewhat broken in b2b spheres -- it feels a lot like "it's spam if I publish my information and you send me something that I don't want." The problem is the "something I don't want" is only determined after the fact.


The definition is not "unsolicited commercial email", it's "unsolicited and bulk." In your example, if you send the same email to every address you collect by hand, it would be spam. But if you send a different email to each recipient, actually making it relevant to the recipient's identity, then it is not spam[1]. (You're likely to get a much better response rate too!)

If the OP's service wasn't focused on email addresses, and instead enabled the user to research similar blogs and tailor an individual outreach to each one, then it would not be a spam enabler.

[1] Edited to add: this is per the definition from Spamhaus. According to lutusp's comment below, the legal definition in CAN-SPAM is different. IANAL.


Gotcha, thanks for the clarification.

I agree with you on the email personalization, btw -- response rates skyrocket when an email is personally written, even if it has common snippets.

My personal hope is that we're entering an era where bulk and unsolicited email has such a low response rate compared to sending personalized emails that people will realize this and go for what's more profitable.

My cynical side says there will always be bottom feeders who take the easy route, even if they make less money.


> But if you send a different email to each recipient, actually making it relevant to the recipient's identity, then it is not spam.

Don't mislead your readers on legal issues. If the e-mail is unsolicited and doesn't contain an opt-out link, in most cases it meets the legal definition of spam and violates the Can-Spam Act.


Not a lawyer so don't count this as advice but as far as I know, there's no requirement under can-spam to provide an opt out link, just that you make it clear they can opt out (e.g. by replying). [1][2]

That's a big difference if you're using database's such as the OP to find contacts to email personally and individually but in a commercial context.

I might be missing something with can-spam though?

[1] http://www.business.ftc.gov/documents/bus61-can-spam-act-com... [2] http://en.wikipedia.org/wiki/CAN-SPAM_Act_of_2003


> Not a lawyer so don't count this as advice but as far as I know, there's no requirement under can-spam to provide an opt out link

Source: http://www.fcc.gov/guides/spam-unwanted-text-messages-and-em...

Quote: "Opt-Out – The email must provide easily-accessible, legitimate, and free ways for you to reject future messages from that sender"

Not "allude to", not "hint at", not "suggest." The law requires that the sender's email message provide an opt-out method.

> just that you make it clear they can opt out (e.g. by replying).

Absolutely false and universally discouraged -- never reply to a spam e-mail.

> That's a big difference if you're using database's such as the OP to find contacts to email personally and individually but in a commercial context.

Spam is spam, and it is clearly defined in the law. The reason for spamming the victims is irrelevant.

> I might be missing something with can-spam though?

I'll say.


I would consider saying "please reply to this message to unsubscribe" easily accessible, legitimate, and free.

I think spam is more complex than just saying "spam is spam". Especially in b2b (see the other comment about pharmaceutical reps).

There is a factor that includes relevance (negative correlation with spam). Another factor is automation versus doing it by hand. Another factor is the intent of the person who publishes their email. Another factor is whether the sender stops sending messages once requested. Another factor is the existence of a previous relationship.

Anyhow, I have one more question: can any message that is sent without automation (i.e., I type the message specifically to a recipient) be considered spam?


> I would consider saying "please reply to this message to unsubscribe" easily accessible, legitimate, and free.

You're missing the point that by replying, the recipient establishes a relationship with the spammer -- he confirms that his is a working e-mail address, and he invites more mailings to that address. This is why security professionals warn to never reply to a spam e-mail.

"Don't Reply to Spam - Spam Control Tip":

http://www.hoax-slayer.com/don't-reply-spam.html

"Don't Respond to Spam: Here's Why":

http://www.pcmag.com/article2/0,2817,2376031,00.asp

> I think spam is more complex than just saying "spam is spam".

It's very clearly defined, so there's no mystery about it. That's why I say it that way.

> Anyhow, I have one more question: can any message that is sent without automation (i.e., I type the message specifically to a recipient) be considered spam?

Yes, of course it can. Why? Because if that were accepted, spammers would hire poor third-world people to type out spam messages at one cent per message or less. Therefore, any unsolicited e-mail, meaning sent to someone who hasn't invited it, is spam.


"You're missing the point that by replying, the recipient establishes a relationship with the spammer -- he confirms that his is a working e-mail address, and he invites more mailings to that address. This is why security professionals warn to never reply to a spam e-mail."

Can you describe an opt-out mechanism that doesn't provide a spammer with exactly that same piece of "working email address" information?

If they're sketchy enough that they'd mis-use an "unsubscribe me" email as an "invitation to more mailings", surely clicking an "opt out" link would be treated the same?

(Personally, I'm happy to click opt out links for mail that's arrived by dedicated mass-mailing companies like MailChimp or Campaign Monitor - they've got a strong business case to not annoy email recipients, and although I as a Campaign Monitor user can easily generate a list of email addresses that have opted out of any of my mailing lists, if I were to abuse that list via Campaign Monitor, they'd shut me down pretty quickly)


> Can you describe an opt-out mechanism that doesn't provide a spammer with exactly that same piece of "working email address" information?

An opt-out link carries only the email address, not the entire email header, so it conveys the absolute minimum information (and it can be visited independently of the email, by copying the link out of the email). Also, visiting an opt-out page is different than replying to an email for some complex legal reasons.

If a spammer ignores an opt-out request delivered to a Web page, he is in a very different position than if he replies to an e-mail sent by someone who doesn't know to avoid replying to a spam mailing.

The bottom line is that a spammer can say, "they emailed me, then I replied to what I thought was a customer's email." And this has been tried countless times. With an opt-out link, this dodge is removed.


> Quote: "Opt-Out – The email must provide easily-accessible, legitimate, and free ways for you to reject future messages from that sender"

Precisely, there is no requirement for an opt out link. It seems hard to argue based on anything you've supplied there that replying to the email isn't covered by this. E.g. "Please reply to this email with the word unsubscribe" meets this guideline.

To quote the relevant section of the act:

"It is unlawful for any person to initiate the transmission to a protected computer of a commercial electronic mail message that does not contain a functioning return electronic mail address or other Internet-based mechanism, clearly and conspicuously displayed, that- (i) a recipient may use to submit, in a manner specified in the message, a reply electronic mail message or other form of Internet-based communication requesting not to receive future commercial electronic mail messages from that sender at the electronic mail address where the message was received;"

Which explicitly states that providing a reply-to address which the recipient can reply to in order to opt out is sufficient.

The full text of the act is available here: http://www.ftc.gov/os/caselist/0723041/canspam.pdf

> Absolutely false and universally discouraged -- never reply to a spam e-mail.

Bit of a myth, clicking an unsubscribe link gives the spammer basically the same information, e.g. that it's a valid email address. The spammer ignoring an email which meets this requirement is in exactly the same position as if they ignore an opt out link. Clicking on links in unsolicited emails is if anything far more risky than replying. Yes the link can be copy pasted but 99% of people won't know to do this.

>> I might be missing something with can-spam though? > I'll say.

Very much appreciate you taking the time to reply but based on the responses and reading through the site you reference it looks like my original interpretation of can-spam is accurate. If any lawyers out there who've been involved in cases care to weigh in I'd be very interested.

EDIT: Provide the relevant text from the act which confirms that an email reply is a sufficient opt out.


Thanks for pointing that out; I edited my comment to reference yours. To be clear, I am not claiming to inform anyone on legal issues, but rather on the industry definition of spam that's used by blacklists and email providers worldwide. Unfortunately, we must still obey applicable law even when it's totally stupid.


> Would you consider it spam if someone manually went to a site, found their contact information, and sent them an email by hand? It appears to fit the same definition as "unsolicited", and yet, that is one of the purposes of a business placing their email address on their website.

That depends. Clearly a business selling computers that posts its email address on its website does want to receive emails from people who want to buy computers. They maybe even want to receive emails from people selling computers. What they likely don’t want are emails from people selling cars.

Someone running a blog on X with an email address on the blog will likely want to receive comments about the texts he’s written there, but probably not an email on how to buy more X.

As a general rule, if you or someone else plans to make money from the action incited by the email, it is most likely spam (not from a legal, but ‘moral’ perspective). This is especially true if the recipient is a private person and and you (or the third party profiting from the email) are a business.

Or, put another way: If you wouldn’t be allowed to call them, you aren’t allowed to send them email (modulo the cases were people opted in to you contacting them by email but not by telephone).


There is definitely a difference between "cold calling" and "spam" when it comes to b2b solicitation. I'm sure pharmaceutical reps show up to doctors offices often unannounced, but is that IRL spam or would a doctor miss out on useful information (even if the noise ratio is high) if this weren't a common practice?

To me it boils down to whether the information could be useful or if the person sending the emails is running a spray and pray type of campaign. If you have built a useful product that could make a business more productive, you shouldn't be shunned for letting people know about it, especially if they have published their email address and gave an impression that they were interested in hearing about it.


My site, next to my email address, specifically says I do not want to be contacted about off-shore development, SEO, electricity contracts, etc. I get a lot of spam about these things regardless, including from locals who've manually gathered email addresses and not just bought a list.

There seems to be no recourse against many types of spam.


You are completely wrong, flat out.

Your argument is basically that "spam matters". This is false.

I am a gmail user. I get thousands of spam messages a month. In the course of a year, the number of those messages that make it to my inbox are less than 10. Most people these days use mail providers that offer excellent filtering. People in companies most certainly do. If you are one of the minority that host their own email, filtering options are readily available.

There is no benefit to masking your email. You just make it harder for real people to contact you.

Case in point: Send me an email if anyone wants to say hi, geuis.teses@gmail.com.

This service has a lot of benefit if I want to try finding someone under a type of description. Maybe I need a developer, or someone wants to contact me but didn't get my email at a conference we met at.

If someone contacts me that I don't want to converse with, it's just email. Delete and ignore, or mark as spam. Simple.

Hope this clears up your misconceptions.


> You are completely wrong, flat out. Your argument is basically that "spam matters". This is false.

You're right that contemporary email providers like GMail do a great job of filtering spam emails, but that doesn't change the fact that sending commercial emails to harvested addresses is illegal, per the CAN-SPAM Act.

The act clearly states that the destination address "cannot be sent to a harvested email address." More information (albeit paraphrased) is available here https://en.wikipedia.org/wiki/Email_address_harvesting#Legal... or you can read the full text of the act itself here: http://www.gpo.gov/fdsys/pkg/PLAW-108publ187/pdf/PLAW-108pub...

Just because spam filters work very well does not mean that creating a web application that enables illegal activity is a good idea.

1: https://en.wikipedia.org/wiki/CAN-SPAM#Sending_behavior_comp...


I'm a Gmail user who also gets thousands of spam messages a month. The number that get to my inbox, despite attempting to train it with classification of spam as such, would be 20+ per day. Despite training as "not spam", I end up with 10+ legitimate messages a month ending up in my spam folder.

Unsubscribing, shaming, reporting to the ACMA - none of these actions seem to have any noticeable effect.

Spam matters to me.


It's interesting to know. I haven't had that experience myself.


I don't understand your plan selection. "analyzing max. 600 phrases/mo" What does this mean? I get to query your database 600 times? I get 600 phrases which weren't in your database? I get analytic s/statistics on them?

If these e-mails aren't guaranteed to be "100%" useful, and seem not to be hand-selected or have any human element involved, this just seems to be payment for a mail crawler. It looks a bit too much for me like a spam enabler.

And as abcd_f already mentioned, the recurring payment may be a mistake. As a start-up, I wouldn't subscribe for more than my "launch" month (s).

Hope it helps, best of luck!


Ok, thanks for comment. I will think about that.


The concept is technically interesting, but I don't want my e-mail address to be harvested by third parties and sold for marketing purposes. I am not a lawyer, but in the EU (which is where I assume you are located) data privacy regulations require the user to consent to the use of their private data. The sites you collect the information from supposedly have permission to process private information by means of their privacy policy and relationship with the user; which as a third party, you don't have. One could argue the data is already public; but since the user can not consent – you have no relation to the user – you are going to find yourself in muddy legal waters, especially trying to base a business on that data.


Very nice concept indeed. The How it Works section is a kind of a bummer. No real info on how the selection of blogs is done or how they results are ranked. Also I find the color scheme makes text very hard to read.


I don't find this useful at all. I can easily get similar results searching for emails in Google. In fact, this service is probably best for people who don't know how to use Google at all.

If I wanted to find emails of Paleo bloggers, I'd just search for: paleo blogger "@gmail.com"

Also, good luck scraping Google if that's what you're doing. Even a few hundred proxies won't be enough after awhile as they're doing a very good job blocking scrapers.


This is presumably to be used during PR stints and, given the $20 price point, this isn't aimed at PR agencies, but smaller companies. As such, a one-time fee would be a far more sensible option.

I realize that you have bought into the service hype and now probably dreaming of recurrent revenue and lingering subscriptions, but in your case it's really trying to fit a square peg in round hole.


I think you're pretty spot on. A PR agency might pay 10x times this, but for a one off use by a startup or SMB a monthly charge doesn't make sense. Maybe offer pre-paid credits as well?


Can you explain your reasoning behind this?


Give me a free trial and I dont get how it works from the how it works section. Just figured it's a scrapper of some sort.. looks cool.


"For every e-mail we show you where we have found it - this way you can check if this is good contact or not."

Adding a comma after "For every e-mail" will make this sentence much more clear.


How can I, as an individual (or perhaps a company) opt out? I'm sure some people would benefit from this service, but as others pointed out, I do not want my emails being harvested.


Looks awesome - good luck :)


thank you :)


Hey this is pretty cool! I'll find this useful soon.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: