Hacker News new | comments | ask | show | jobs | submit login
Would you kindly stop spamming me? (guifort.org)
64 points by StarkOverflow on May 20, 2014 | hide | past | web | favorite | 33 comments

I am not 100% sure why recruiters are still tolerated in technology positions. It's time for the model to change - maybe engineers should have agents? If an engineer chooses to use an agent they could build a personal relationship with that person, who knows their skills and what they like to do, and avoid wasting time with positions they don't want to know about and are not suited for. Or not - handle job search in the normal way without recruiters.

We seem to always hear about the terrible shortage of engineers and related fields, so how is it that recruiters add any value?

I have never taken a position where a recruiter contacted me first. I've never even done an interview in that situation because they always see to be shotgunning jobs at everyone they possibly can - email costs nothing so why wouldn't they? I have always found a job rather than been found by the recruiter.

Monster.com and LinkedIn seem to be wretched hives of scum and villainy. The best advice I can give is to never use any "service" that makes it possible for everyone, without qualification or your explicit permission, to contact you. Build your personal networks. Apply for the jobs you want. You won't be losing anything. I never had a Monster.com presence but I did have LinkedIn - since removing it I have lost nothing but unsolicited contacts from recruiters who want me to look at jobs I don't want, and then for me to give up the contact details of anyone else I might know...

There are a few recruiters I like and trust, but the ones spamming like this need to be spoken to very sternly indeed.

I don't know if agents would work - they work in movies because you shoot one, then wrap and move on to the next one. An agent can be constantly looking out for new films to work in. Unless you're exclusively seeking short-term contract positions, will you actually communicate with the agent frequently enough to build a relationship? If an agent keeps placing you in companies that either implode or make you want to leave, it doesn't seem appealing to work with them again. If they do place you in a job that you stay at for multiple years, will they be available when you want to move on?

I could see it working with the best recruiters, like the few I mentioned. They call every six months or so, ask how things are going and chat about technology, that's fine with me. Sometimes they have something really good to discuss, and if I'm happy where I am then I am always willing to recommend someone I know. Those recruiters are acting like an agent already. They rarely collect a fee but when they do I feel they deserve it, unlike the chancers who harvest phone numbers from web sites and work the percentages.

There doesn't have to be an agent relationship. I guess what I am really saying is that the only recruiters worth talking to are the ones that do the work to find the best fit for both parties. The rest add nothing.

Slightly off-topic rant.

Can someone explain to me why it is necessary to have the entire webpage refuse to render (white page (with scrollbar, "amusingly" enough)) if JS is disabled?

As far as I can tell, the entire website is slapped into a series of "<meta property=" tags and then converted to HTML using Javascript (from another site, no less!)

Whatever happened to progressive enhancement? Say... Actually using HTML and CSS? Maybe converted from markup on the server, or when the post is created?

There are any number of reasons not to do things this way, and any number of alternatives that have advantages over this.

I too find this annoying, its apparently a "feature" using squarespace. Even squarespace's own website won't load without JS enabled.

This absolutely. I flag such submissions (this one included).

People still care about this? I thought JS was just an accepted requirement of browsing the web these days.

You thought wrong.

Thank you

I get spammed in a whole different way. I share my name with an organisation: The Firstname Lastname Organization. Every so often, some recruiters email me résumés of people hoping to work at the Firstname Lastname Organization. Every time, I reply asking them to stop sending me these résumés, explaining that I am not the Firstname Lastname Organization and I am not hiring.

Even being told that they have the wrong address seems to be no deterrent for some recruiters. One day soon, even the richest YC alumni are going to be eclipsed by whoever figures out how to disintermediate these pricks into oblivion.

I had a similar situation occur after taking the GRE exam, after which they ask whether they can share your contact info with interested schools. Of course this sounded like a great idea when I was still deciding where to apply, but it turned into a major annoyance when I'm still receiving spam from these backwoods colleges more than a year after accepting an offer. And like the article, there's no global unsubscribe; I have to unsub from each school's list individually. Moral of the story -- be careful because you can't unspill the milk.

Use a different email address just for the particular promotion then dump it at the end.

Normal users don't have the ability to give themselves an unlimited number of email aliases. You need to own your own server/domain to do that. Gmail has a nice feature, but it doesn't obscure your real email address and it is trivial to strip away the extra tag.

The issue here I think is that the average mail user needs some kind of filtering language to control their own inboxes.

There is no standardized way to do this, which is a shame. I would really like for their to be a standardized server-side mail filtering language for mail services, where you can take your rule set from one mail server to another.

Personally, I have my own mail server and it has it's own mail filter system and language, but I am not always on the command line with my mail client to modify those filters.

Outlook, Thunderturd/Seamonkey, and other clients have some client-side rules, but those rules don't work if my desktop is offline I am reading those messages on my phone.

I hope in the future well-regarding developers who don't have a private interest will take a look at email again and make the improvements needed to continue to support this standard communication format.

Egos and private-self interest is not what made the internet great, but there is little shortage of it these days amongst us. Where will the Tim Berners-Lees, Richard Stallmans, John Postels of the future come from? These people didn't get rich. We did.

> Normal users don't have the ability to give themselves an unlimited number of email aliases.

I don't agree. No one said it had to be on the same domain as ones regular address. Sign up for a new account with Gmail or Yahoo or any of the others. Use that address when filling out a "please spam me" form. Check it for a while. Then forget it when its usefulness ends.

I think these types of emails would be fairly easy for a spam filter to catch. They likely use many of the same words.

Another such organization is Cyber Coders. They constantly keep spamming me even after I unsubscribed, sent them email asking me to remove from their list and clicking 'Report Spam' many a times on GMail. I don't know their email always gets through. I was completely surprised with number of recruiters [1] they have on board. I guess spamming must work for them to have so many 'recruiters' on their staff.

[1] http://www.cybercoders.com/recruiter/

I'm glad you've mentioned this. They keep coming up in my area for Ruby On Rails job listings on LinkedIn. I'm glad to find out they're a scam before I "apply" to them.

Same here. I blacklisted their domain after awhile.

Yeah this is a really frustrating flaw in online job markets. I knew this would happen and never posted my stuff online; but it's also frustrating to go through job postings by hand to find ones that fit you. I ended up writing near regex complicated search filters on places like Indeed to get what I wanted.

Allow me to plug tagging addresses when you give them out. The right way depends on your mail server, but if your email address is example@gmail.com, you can give out example+monster.com@gmail.com so that you know who's leaking your address. And when they do, you can set up a filter to junk anything.

This is great even if you have hosted email. But it's even better if you run your own mail server. I now have dozens of sold/leaked/stolen addresses that all feed directly into my spam trainer. Anything sent to the stolen addresses not only gets junked, but helps prevent any other address from getting spammed.

The problem is that it is trivial to delete anything after (and including) the + from an e-mail address. I've had this happen when trying to use this approach.

What I do instead is this: I have a subdomain of my regular domain, say "me.example.com." That subdomain is a catch-all; anything sent to it goes to my regular account at "example.com," though I have a Sieve rule to filter those messages to their own folder. Companies and so forth get addresses like companyname@me.example.com or, if I'm giving one in person, myname3@me.example.com so it doesn't seem odd.

At that point, they can't tell the difference between that being a tagged address or not, so the entire address has to be sent untouched. I can then do whatever I like with it, namely trashing the message in a rule. Using a subdomain is preferable for keeping the generic spam down since those aren't as easily discovered.

That can definitely be better if you have full control over a domain. But what stopped me from going that far is dictionary attacks. There are plenty of spammers who will just try hundreds of common-ish addresses at a domain.

I considered going even further and building something where I'd register each new address as I gave it out, but for now, just adding a tag on to my regular address has been good enough for me.

I wonder how long until these spammy sites get wise to this (or how many already have) and start stripping off the tag portion of the address.

I've been doing this a long time, and I haven't caught anybody doing that yet. Generally spammers are a) not so smart, and b) all about volume.

The delimiter character on one system is a legitimate component on another, so stripping like that will fix some addresses but break others. Could they increase their total address count by 0.2% trying to strip tags? Possibly. Is it worth the effort? I doubt it. People who tag addresses are also the most likely to report spam and raise a ruckus.

Good points, especially that last one. There's probably zero (or negative) benefit for them ending up in the inbox of anyone who would filter with tags.

Assuming you run your own mail server, you don't necessarily have to use the +tag. You could use any schema you want. For instance, you might give out the address me.1408@yourdomain.com, which automatically expires in August 2014 (after which any mail sent to that address gets nuked).

Ya, I remember an amusing story from someone who would register to stores with <storename>@<hisdomain>.com. Then he got a C&D letter from one of the stores demanding that he stop using their trademark in his email address.

Numerous email systems refuse to accept "+" as a valid email address character.

Increasingly, I simply use mailinator for throwaways (and, of course, don't provide personal information).

I had an especially frustrating run-in with the Origin gaming system where they accepted the +origin form of my email for sign-up, but neither their website nor their program would allow a + in the sign-in form-- effectively sticking me with an unusable account. (Phone support did clear it up)

For what it's worth, I use a dash, and I've never had a problem.

But yeah, throwaway email addresses are another good solution for some use cases. It doesn't cover everything, though. A lot of my spamtrap addresses are non-throwaway ones, where I actually want to stay in touch with the company. E.g., Adobe's compromise a while back.

I used to run my own mail server and just configured it to use . instead of + for the wildcard. Now I'm using gmail for my domain and just have a catchall rule that forwards it to me.

Another tip is to add dots in your username on gmail. You can send emails to:

e.x.a.m.p.l.e@gmail.com, example@gmail.com, ex.am.ple@gmail.com

Every one will be sent to the username "example"

I would like to know how to set these people on fire.

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact