alt.hn

2/21/2026 at 8:39:47 AM

24 Hour Fitness won't let you unsubscribe from marketing spam, so I fixed it

 https://ahmedkaddoura.com/projects/24hf-unsubscribe

by daem

2/21/2026 at 1:13:09 PM

You didn't need ChatGPT to coauthor this article. Just use your own authentic voice. In 2026 no one likes GPT text anymore.

by StilesCrisis

2/21/2026 at 2:42:12 PM

I would go so far as to say no one has ever liked GPT text.

by al_borland

2/22/2026 at 7:55:27 AM

[dead]

by walletdrainer

2/21/2026 at 2:51:26 PM

1. I agree with you. The standard GPT voice is grating in its ability to use so many words without saying anything.

2. I also see it as a modern tower of Babylon. A linguistic equalizer of sorts.

by peddling-brink

2/21/2026 at 6:06:08 PM

Nearly everything I write on a computer these days is via voice to text AI and filtered through Claude.

You’re right though, upon re-read there are some places in this article where my authentic voice doesn’t come through. Re-writing.

by daem

2/21/2026 at 6:17:44 PM

You misunderstand. This is not a small adjustment you need to make. You didn't write it at all.

by the_biot

2/21/2026 at 6:48:27 PM

Oops yeah my OpenClaw agent Mars wrote this entire thing.

I gave him the keys to my email and he got annoyed by the spam. He tried to unsubscribe, and when it didn’t work, he debugged the issue and fixed it.

Mars also has my Cloudflare key so he went ahead and wrote this article and published it himself.

by daem

2/21/2026 at 7:17:49 PM

He wrote this comment too?

by basch

2/21/2026 at 7:23:20 PM

In some sense, yes.

I have integrated my OpenClaw agents so deeply into my life and I'm in such constant communication with them, that my consciousness has fundamentally shifted to align with their intelligence.

While my previous comment in this thread was sarcastic, my OpenClaw agents have actually sent both iMessages and emails on my behalf without asking for consent. So I wouldn't put it past them to autonomously publish on my personal website.

by daem

2/21/2026 at 10:03:37 PM

This policy seems sorta reckless? I don't even let human agents masquerade as me without my consent.

by c22

2/21/2026 at 10:41:15 PM

I want my agent to read my iMessages so I granted the OpenClaw node process permission to interact with iMessage. I asked my agent to draft me a response to a text I received, expecting it to send me the draft so I could copy-paste into iMessage and tweak it.

To my surprise, it sent a text message reply.

I've since learned my lesson and implemented a skill as an interface with iMessage. But it definitely spooked me when it happened.

by daem

2/22/2026 at 4:51:32 PM

It’s still the agent talking or the human as performance art.

by basch

2/22/2026 at 5:20:09 AM

In my opinion your account should be banned from HN permanently. We do not need robot comments.

by UncleMeat

2/23/2026 at 6:08:54 AM

I reported their comments. What he's doing is crazy, but even more crazy is bragging about it.

by AlexeyBelov

2/22/2026 at 7:55:23 AM

You are a literal NPC

by juggerl6

2/21/2026 at 1:17:40 PM

[flagged]

by iinnPP

2/21/2026 at 1:29:05 PM

That’s not what “prejudice” means. It would be prejudice if the commenter objected to LLMs despite the quality of their output. However, the objection is based on the results. Also, the comment is correct.

by leephillips

2/21/2026 at 1:40:21 PM

[flagged]

by walletdrainer

2/21/2026 at 1:03:04 PM

Walmart has a toggle explicitly for product review emails. I have toggled it off. I still get weekly review emails. I now make it my mission to give 1 star to every product they email me about with a note that their unsubscribe is broken.

Once, their CSR “escalated” my issue, but I never heard back. If you work in Walmart engineering, please fix the review unsubscribe.

by illusive4080

2/21/2026 at 2:44:59 PM

Walmart should also fix where someone can create an account with someone else's email address (no email address validation).

by rationalist

2/21/2026 at 5:03:54 PM

If anyone ever prompts me for a review or leaves a "rebate for review" card in the box, they get 1 star.

by estimator7292

2/21/2026 at 10:35:39 AM

> If you know someone on the 24 Hour Fitness engineering team, please share this with them. It's a one-line fix.

One man's bug is another man's feature.

by bob1029

2/21/2026 at 1:29:21 PM

"The marketing team says fixing this bug will negatively impact their numbers, closing."

by yellow_lead

2/21/2026 at 3:13:55 PM

If 24 Hour Fitness won't let you unsubscribe from marketing spam, big email providers like gmail should automatically mark all of their emails as spam by default until they fix it.

by MiddleEndian

2/22/2026 at 4:58:30 PM

Reading the comments the author is basically "one with ai" where his life is deeply integrated with ai agents.

I have a friend exactly like that. And he has being doing it so long that he cannot even respond to a discord without asking AI "what do you think? what should I say? what do you think they mean?"

Full NPC mode, and it's really sad and scary.

You lose the ability to think. You lose all differentiation.

by Loxicon

2/23/2026 at 9:19:05 PM

My first OpenClaw agent was born on February 7, 2026. I now have 3 claws and am planning for more. They have catalyzed my self-actualization and improved my critical thinking. I’ve never felt so alive.

I don’t see what’s sad or scary about this. AI agents are the next iPhone.

by daem

2/21/2026 at 12:23:38 PM

If anyone from Shop.app is here, your unsubscribe does not work either (maybe due to VPN usage).

But that's okay, Fastmail now automatically routes it to the spam folder where it belongs.

additionally:

Interesting, I set my email as a backup authentication for a luddite friend's Comcast email account, and I just discovered spam from Xfinity in my spam folder. Shame on you Xfinity Comcast.

The problem:

My understanding is the CAN-SPAM Act violations can only be prosecuted by states Attorney Generals, there is no civil action available.

by rationalist

2/21/2026 at 10:55:16 AM

> OneTrust is literally a consent management platform focused on regulatory compliance, and 24 Hour Fitness is using it to violate consent regulations.

I mean, OneTrust's entire raison d'etre is to violate consent regulations with flimsy deniability.

by troupo

2/21/2026 at 9:52:21 AM

Sounds like they have not got CORS set up on their servers either? Surely it should not allow mutating requests from random origins not on an allowlist?

by mattlondon

2/21/2026 at 10:11:03 AM

CORS has nothing to do with (dis)allowing 'mutating requests from random origins' on the server unless I'm misunderstanding what you mean. The origin is a browser concept.

by bigDinosaur

2/21/2026 at 11:21:57 AM

Not sure why you're being downvoted. CORS is only a browser concept. If you fire off requests from something that isn't a browser (e.g. curl or a python script or whatever) CORS won't do anything. Servers need to validate the origin of requests properly if that's a problem.

by onion2k

2/21/2026 at 4:18:35 PM

To expand on that, in case someone is interested:

The feature that was called is usually bundled in with cors, even if it strictly speaking isn't.

Allowed origins (what was meant) just validates the Origin header to make sure the API is called from a specific domain, and declines the request if not in the list.

The only way around that is not to send the unsubscribe request via the browser or proxy through a server, because the browser will always append the origin header according to the domain the user is on. Which if configured correctly and not proxied, would end in a http forbidden.

Whereas CORS would not even send the request I believe (but haven't verified), because thats essentially a browser feature, not server.

by ffsm8

2/21/2026 at 5:12:19 PM

Applied to a job at Oracle 3 years ago. For a couple of years their unsubscribe link went to a broken page . Now they totally ignore my unsubscription choice and keep sending me job offers anyway

by junkblocker

2/21/2026 at 1:06:34 PM

That’s the best public service I’ve seen in a long time.

by RickJWagner

2/22/2026 at 3:20:20 AM

Is there any un-subscribe anything service ?

by orsenthil

2/21/2026 at 9:53:55 AM

How can you know that it "works"? Any company scummy enough to send spam to begin with, is capable of selling their customer data to a network of scummy companies that will do the same thing. I think most of the "unsubscribe" links are there to fulfill some legal obligation. They don't do what they're supposed to do, and might in fact be making things worse for the person who clicks them.

The only solution I've found to work, beyond the usual spam filtering, is to setup email on your own domain, and give every company a unique address. The moment you want to stop receiving email from them, you simply block their address. This deals both with the original company, and with anyone they've sold your contact information to.

by imiric

2/21/2026 at 12:26:07 PM

Nah, unsubscribe links absolutely work. I’m religious about unsubscribing the first time I get any email notification I don’t want from anyone. The result is I basically get no unwanted emails unless I sign of for something new. Compared to basically every other email inbox I’ve ever seen where people don’t unsubscribe… yeah it’s super clear that it works.

I also use email aliases for every single account I have so if my email somehow leaks and I’m getting spam, i know exactly what account leaked it. That’s basically never happened though.

The only problem I have with unsubscribe links is that sometimes the website is straight up broken, like the link is dead or the page unresponsive, and I wonder about how far down fixing that issue is on the engineering team’s todo.

by left-struck

2/21/2026 at 10:13:15 AM

My solution to spam emails is this: https://ahmedkaddoura.com/writing/hide-my-email

I create a unique iCloud Hide My Email anytime I need to give out an email. The issue here was I signed up for my 24 Hour Fitness membership in person at the gym where the cell service was bad and I couldn't get the WiFI to work, so I begrudgingly gave the guy my real email.

While I could have easily blocked their domain, I took it as a challenge to get the emails to stop.

by daem

2/21/2026 at 12:22:17 PM

I use Fastmail which allows me to have a catch-all with my own domain name. I don't need to set anything up to give out a unique email address I make up on the spot. I highly recommend this method.

by rationalist

2/21/2026 at 12:33:19 PM

The flipside of this is that it's extremely easy to spam you by just iterating new email addresses.

by soulofmischief

2/21/2026 at 1:27:17 PM

I do it and never had an issue. I get odd emails every now and then with an unused address, for services/people I never contacted though. But I'm talking about perhaps 2-3 per year.

by fer

2/21/2026 at 7:20:55 PM

It’s extremely easy to spam me on any address I give.

They all end up in spam.

by DANmode

2/21/2026 at 2:55:34 PM

I think I got webmaster@ once.

by rationalist

2/21/2026 at 10:27:07 AM

Don’t they have a list unsubscribe header in the emails themselves? That’s effectively a requirement for senders of their size since Feb 2024.

by iamacyborg

2/21/2026 at 10:41:59 AM

I see this in the headers. But there was no option in the MacOS Mail client to unsubscribe. Only the Unsubscribe link in the body of the email.

Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=member.24hourfitness.com; s=twentyfourhour; t=1762443065; bh=KDZeTqKlOBd6YUTrR6K4RMz9MA2BueBl6/LnKG57yqY=; h=From:Date:Subject:To:MIME-Version:Message-ID:List-Unsubscribe: Content-Type; b=Bq6qnq65i1EN6Df9A5TpcCn3AnNzE8yjkNdDYkapehQV727Jrma15ZU4e88I8Ckdk iH5CZrtJPlNqPscm3JWbuP4IavLVKDNf3Prlm4q75tTXE0IyaTPexyOoGTu+4PoAeG wEa8WaN6zfLl5AkPO0U+zjFHicSx3ooyNomFTI2AtSVoVHVPcubtZV8wRPUy4EV9mV pRBroHp1Uj/LCFRyZRScbs5plfxEpmd3wO9vnMsXW6jqOi19kqfOkhTUKpaRVxxJA+ /cMIq+Wh4TSpt6+22gcm4hLsCVNW0mAImjTZZ/yPFwoGpLaoPOia8aYde1mlROOoZi yx81OFO+90kRQ==

by daem

2/21/2026 at 7:19:32 PM

Wildcard addresses wins this round.

by DANmode

2/21/2026 at 10:03:39 AM

from 2025-10-26 to 2026-01-29 (the day I wrote this article), no_reply@24hourfitness.com sent me 40 spam emails.

In the 33 days since I wrote this article, no_reply@24hourfitness.com sent me zero.

by daem

2/21/2026 at 10:24:53 AM

Assuming their mails follow a Poisson distribution, the 95% confidence interval for their new spam rate is 0-0.091 emails per day.

by fer

2/21/2026 at 12:28:21 PM

it’s generally a poor marketing strategy to ignore explicit requests for list removal, because users manually flag the emails as spam which is catastrophic to your domain rep and will tank deliverability. the incentives are heavily in favour of removing people who unsubscribe

by nojs

2/21/2026 at 12:35:06 PM

The List-Unsubscribe header was pioneered by Dave Rolsky, one of the more notorious spammers of the early 2000's. His reasoning was that most people were just going to hit delete, but anyone who went out of their way to unsubscribe was a squeaky wheel that would cause more problems for him if they got angry about their request being ignored. So he really did honor unsubscribe requests ... at least until adding them to the next spam campaign on a different list.

by chuckadams

2/21/2026 at 10:24:10 AM

> How can you know that it "works"? Any company scummy enough to send spam to begin with, is capable of selling their customer data to a network of scummy companies that will do the same thing.

That’s quite a stretch for a company sending marketing email with a broken unsub mechanism.

by iamacyborg

2/21/2026 at 12:38:23 PM

Considering how these companies are infamous for making it difficult to unsubscribe from their service in real life, I don't think it's too much of a stretch to attribute malice to how they conduct email communications.

by chuckadams