Slashdot Mirror

← Back to Stories (view on slashdot.org)

AOL Bans Mail From DSL-Hosted Servers

Posted by timothy on from the because-individuals-should-not-have-them dept.

kmself writes "As first reported at linux-elitists by Aaron Sherman, and with a demonstration of the denial at zIWETHEY, AOL has begun blocking mailservers identified with residential DSL lines as an anti-spam measure, apparently heedless of the huge collateral damage this move imposes (and guess who can't send mail to Mom...). This action was unannounced, and has received virtually no coverage, spare an oblique mention at News.com. It also violates SMTP RFCs, as Aaron points out, not to mention the 'good neighbor' conventions of Internet communications. Mail to AOL's postmaster is also bounced -- this is RFC-ignorant. I strongly recommend that as a compensatory measure, non-AOL MTAs be configured to deny all incoming mail from AOL's domain."

5 of 882 comments (clear)

  1. Good move by Adnans · · Score: 5, Informative

    If you have DSL you should still use your upstream SMTP server for outgoing mail. About 90% of incoming SPAM on my box originates from Windows boxes on DSL lines with open relays. I've set up exim to ignore all incoming SMTP calls from dsl hosts (*.dsl.*) and also to block hosts without proper reverse-DNS. These 2 simple steps take care in blocking a huuuge quantity of incoming SPAM at the doorstep...It's not fullproof, but it helps a great deal.

    -adnans

    --
    "In short: just say NO TO DRUGS, and maybe you won't end up like the Hurd people." --Linus Torvalds
  2. You want these rights for *YOUR* MTA, right? by Cirkit · · Score: 5, Informative

    I'd expect users of RBLs (see http://www.spews.org) and certainly the denizens of NANAE to argue that they have the right to refuse to receive email from anyone, for any reason, since that mailserver is private property.

    It can be used in ways you like (refusing emails from Verizon's corporate HQ because they refuse to kick their spammers) or in ways you don't like (making it more difficult to send outgoing mail), but I don't see how you can reasonably kick and scream against one and not the other.

    Actually, several providers have been refusing email from dial-up pools for a year or more, which is what caused me to decide that I would need to send outbound email through my ISP. IIRC, attbi refused email from my server on my ISDN line over a year ago.

    The solution isn't difficult - go dig around on your ISP's website (or call them) and figure out the mailserver that you'd be using if you WEREN'T running your own MTA. Set your mail server to relay outbound emails through them. (See your man pages - it isn't difficult.) There's NO way your ISP's mailserver is going to refuse to accept your email, since if they did, no one not running an MTA could get email out. Sure, you'll have an extra line of headers in your outbound email, but it doesn't seem like such a big deal. Was the location of your mail server a secret anyway?

    Of course, if your ISP is a notorious hoster of spammers, you're going to need to find a new ISP. You didn't really want to support those spammers anyway, did you?

  3. Re:bouncing mail to postmaster? by Zocalo · · Score: 5, Informative
    Nope. It's actually in RFC2821 section 4.5.1 - Minimum Implementation:

    Any system that includes an SMTP server supporting mail relaying or delivery MUST support the reserved mailbox "postmaster" as a case-insensitive local name. This postmaster address is not strictly necessary if the server always returns 554 on connection opening (as described in section 3.1). The requirement to accept mail for postmaster implies that RCPT commands which specify a mailbox for postmaster at any of the domains for which the SMTP server provides mail service, as well as the special case of "RCPT TO:" (with no domain specification), MUST be supported.

    SMTP systems are expected to make every reasonable effort to accept mail directed to Postmaster from any other system on the Internet. In extreme cases --such as to contain a denial of service attack or other breach of security-- an SMTP server may block mail directed to Postmaster. However, such arrangements SHOULD be narrowly tailored so as to avoid blocking messages which are not part of such attacks.

    Note that there are no punitive measures are listed at all, in fact the worst that can happen for bending an RFC is that you will be named and shamed on a site like www.rfc-ignorant.org and maybe be blocked by some system admins. If you actually *break* the protocol on the otherhand, then things will probably get a little more ugly... ;)
    --
    UNIX? They're not even circumcised! Savages!
  4. Re:ummmm... by darkonc · · Score: 5, Informative
    One thing that you can do is foreward your email through your ISP. If you're using Sendmail this is done with the smarthost entry:
    # "Smart" relay host (may be null)
    DSmail.MyISP.net
    would forward youre spam (er, email) through the box mail.myISP.net . Most ISPs have a designated server that will allow email forewarding from anybody in their network space.
    --
    Sometimes boldness is in fashion. Sometimes only the brave will be bold.
  5. Re:bouncing mail to postmaster? by ajs · · Score: 5, Informative

    It's worse. Here are the ways that I know AOL is violating RFCs for valid mail traffic:

    1. Mail bound for postmaster@aol.com is not accepted.

    2. They issue a 550 response before the client has a chance to issue a greeting. There are two allowed responses at that point: 554 and 220. 550 is right out.

    3. They disconnect before the client issues a "QUIT" command or times out. Also bogus.

    AOL is playing a game of chicken here to see how much of the net will blacklist them for breaking the RFCs. Once they smell blood in the water because not enough sites care, they can pretty much start writing their own book....