Slashdot Mirror

← Back to Stories (view on slashdot.org)

AOL Bans Mail From DSL-Hosted Servers

Posted by timothy on from the because-individuals-should-not-have-them dept.

kmself writes "As first reported at linux-elitists by Aaron Sherman, and with a demonstration of the denial at zIWETHEY, AOL has begun blocking mailservers identified with residential DSL lines as an anti-spam measure, apparently heedless of the huge collateral damage this move imposes (and guess who can't send mail to Mom...). This action was unannounced, and has received virtually no coverage, spare an oblique mention at News.com. It also violates SMTP RFCs, as Aaron points out, not to mention the 'good neighbor' conventions of Internet communications. Mail to AOL's postmaster is also bounced -- this is RFC-ignorant. I strongly recommend that as a compensatory measure, non-AOL MTAs be configured to deny all incoming mail from AOL's domain."

16 of 882 comments (clear)

  1. bouncing mail to postmaster? by fyonn · · Score: 5, Interesting

    I thought that was a requirement of having a domain and you can lose the domain if mail is not accepted or read there? I'd have to check the rfc's but wouldn;t that be a thing, someone taking aol's domain from them because they don;t accept mail for postmaster?

    dave

    1. Re:bouncing mail to postmaster? by ajs · · Score: 3, Interesting
      A status of 550 should only be sent in response to a command, not to connection.

      Correct, and what's more they issue that 550 ending with "550 Goodbye" and then a connection reset (TCP-"R") packet, which is also in violation of the RFC.

      If you run SpamAssassin, I highly recommend adding:
      score RCVD_IN_RFCI 0 3 0 3
      to your /etc/mail/spamassassin/local.cf. If everyone on the net does this, it won't block AOL's mail (or any other RFC-ignorant site), but it will mean that you have a much lower level of tollerance for spam-like mail from them.

      It's not punative so much as showing them the right way to have solved this problem. Yes, AOL gets a lot of mail; yes, filtering spam out of it is hard; but if they simply weighted blacklists based on how accurate they are (as SA does) and then combined the results of several lists from dynips to rfci to relays with those weights, then they could make an accurate assessment, inform the sites that are blacklisted appropriately (in conformance with the RFC).

      Ultimately, even after issuing that 554, if someone pushes on with a "RCPT To: postmaster@aol.com", they should accept it so that the site has a usable route for delivering mail to assert that the problem has been solved, but that would be a rare occurance if the lists were public and used/maintained correctly.

      Bah.
  2. No problem by JanneM · · Score: 5, Interesting

    I long ago includedevery mail from aol.com, yahoo.com and hotmail.com in my static spam filters. If anybody with such an account wants to mail me, they need to get in touch with some other account (or other means) first so I can add an excemption to them. To date I have three such excemptions total, all on yahoo.com.

    I can't very well block them further than I already do, in other words.

    --
    Trust the Computer. The Computer is your friend.
  3. Eathlink does this too. by statusbar · · Score: 5, Interesting

    My friend pays for a "static" Ip address on his cable modem to run some private corporate web forums. A few weeks ago, all email notifications from the forums going to anyone hosted at earthlink.net were bouncing - The message is "No email accepted from dynamic IP addresses".
    Both AOL and Earthlink have TONS of subscribers.

    If they both decide to carry on doing this, there is nothing you can do about it.

    Truth is, SMTP sucks. They are only doing this because of all the spam. Yes they are violating RFC's. Too bad...

    --jeff++

    --
    ipv6 is my vpn
  4. this isn't new by ejaw5 · · Score: 4, Interesting

    I found out about this issue few months after i got my DSL connected almost a year ago. Used to be I'd use sendmail to send email out, and worked great since I could put my email address (which was defined through a domain name email forward) in the reply-to field. then, one day i get a message from AOL claiming I'm running an open mail relay, or using a "banned" IP. Got me worried a little bit, but I found out the real reason after i got a friend to nmap my box

    --

    $cat /dev/random > Sig
  5. Only dynamically assigned IP addresses by Dynastar454 · · Score: 3, Interesting

    It should be pointed out that AOL isn't blocking "All DSL" MTAs but those that have dynamically assigned IP addresses. On one hand, this is a stinky, no-good, rotten thing for them to do. On the other hand, the elitest in me says "go get a real DSL connection if you're going to run your own MTA." :-) But really, I know it's not an option for some, and this move by AOL is pathetic.

    --


    Laugh at stupidity: mod idiots +1 Funny.
    1. Re:Only dynamically assigned IP addresses by ThatDamnMurphyGuy · · Score: 3, Interesting

      Define "dynamically assigned" in the context of DSL.
      I have a 'business' dsl package. My IPs are static to my account, but they are assigned dynamically to the router. Will AOL know the difference between my email server, and some dhcp dsl users? Doubtful.

  6. "Residential" DSL meaning what, exactly? by phillymjs · · Score: 4, Interesting

    Services like Verizon, that use DHCP and/or PPPoE and already have a "no servers" policy? What's the criteria, here??? It will be interesting to see how AOL differentiates "residential" DSL from other types of DSL.

    I use SpeakEasy DSL via Covad. This service is technically residential, because my servers are sitting in my house. But I have a legitimate domain, and static IPs on my servers. However, reverse DNS lookups return "dslwww-xxx-yyy-zzz.phl.yadayadayada," NOT my registered domain name.

    I just successfully sent myself a test message from my domain mail to my AOL account, so I'm not being blocked yet. I guess I'll start sending a test message once or twice a day to make sure it still works, until AOL clarifies their policy. And if I do get blocked, there's gonna be some hell raised about it. My servers are locked down tight and laways have been. Shutting out all DSL-hosted mailservers to keep out spam is like burning your house down to keep it from being burglarized.

    ~Philly

  7. Ramblings on a Pseudo-Internet-Network by m_evanchik · · Score: 3, Interesting

    I guess this is sort of like the New York branch post offices not delivering mail from Florida, because that's where a lot of junk mail originates from.

    I have a fairly nasty conspiracy theory on why AOL and Comcast are cooperating on this. By shutting out the innovative do-it-yourselfers on the Internet from their network, they squelch potential competition from their "value-added" services.

    The next step might be to block web servers that don't originate from big corporate server farms. After all, who knows what could be on those independent things but kiddy porn and terrorist training instructions?

    The irony is that the great mass of obtrusive commercialism on the Internet originates on the corporate, big-player side. AOL was the innovator in turning the WWW into a virtual shopping mall.

    You would like to think, however that this will backfire on them, as customers look to alternatives to their increasingly sanitized pseudo-Internet network.

    And how does one fool their IP filters anyway? It makes one want to "spam" everyone of AOL's customers with a protected-from-legal-prohibition-because-it-is-not -commercial-speech protest email.

    --

    evanchik.net

  8. Re:Good move by rossz · · Score: 4, Interesting
    you should still use your upstream SMTP server for outgoing mail
    And what if your upstream provider is unreliable. Back when I had cablemodem with AT&T@Home, the service was so bad I swore to never rely on anyone else for email ever again. Emails sent through their servers had a habit of disappearing or taking months (yes, I said months) to finally arrive at their destination. Complaints resulted in the boilerplate response of "email service is for entertainment purposes only". For broadband in my area I can choose cablemodem or dsl. To get a static ip on dsl requires a jump in the monthly payment that I honestly can't afford at the moment (I'm an unemployed tech worker in the Bay Area, do the math). The rare contract work that I am getting requires email I can trust.
    --
    -- Will program for bandwidth
  9. What a Terrific Idea... by cribcage · · Score: 4, Interesting

    I strongly recommend that as a compensatory measure, non-AOL MTAs be configured to deny all incoming mail from AOL's domain."
    Yeah...because when a big corporation does something wrong, we should exact revenge upon all of its customers.

    That's very mature. Particularly in the case of AOL, which services the vast majority of under-educated internet users. You'll fuck up all of their personal email communications, and they won't have the first clue why.

    Brilliant solution.

    crib

    --

    Please don't read my journal
  10. Re:I would say.... by Lonath · · Score: 4, Interesting

    There has to be some other underlying reason to move to block e-mail for this one group of internet users,

    <tin-foil-hat>Does any part of AOLTW compete with DSL, like umm cable modems maybe? </tin-foil-hat>

    --
    Best. Comment. Ever. Enjoy!
  11. Re:Good move by wbattestilli · · Score: 3, Interesting

    My ISP is not sufficiently reliable to use their mail servers. This is why I run my own. They have a lousy uptime and are vulnerable to the email worm of the week.

    I also cannot switch providers because my provider has a local broadband monopoly.

    I am neither ignorant or a spammer. I simply would like to have a server that is predictible.

  12. Re:Privatized mail by kaszeta · · Score: 4, Interesting
    I dont' understand why everyone is so down on the USPS

    I used to like the USPS, then I moved someplace that isn't served by the USPS. While I live in a somewhat rural environment, my town has over 5000 residents, but only 1 part-time mail carrier (and no plans to *ever* get another according to the local postmaster), so if you aren't on the one street that's on the route, you don't get mail. They canceled rural route service years ago. And they ran out of PO boxes back in 2000, and again, they don't plan on ever getting any more of them. And they think there is nothing wrong...

    On a related note, I hate businesses that can't understand that my PO Box is my *only* USPS-servicable address, businesses that insist on sending correspondence to my shipping address instead of my billing address, and rebates that don't accept PO Boxes.

  13. Re:About Time by einhverfr · · Score: 3, Interesting

    30% of the spam that comes in to our mailserver is from residential dsl ip's.

    Yet another reason to choose Speakeasy. I have a static IP and I am not blocked by AOL (already tried).

    --

    LedgerSMB: Open source Accounting/ERP
  14. Funny... by BrokenHalo · · Score: 3, Interesting

    My MTAs have been set up to blackhole AOL mail (on a whitelist basis) since about 1997 or 98 :-). I had almost forgotten... At that time, I was getting a heap of spam from their domains, and as I'm in Australia and AOL doesn't have a significant coverage here it's pretty safe from false positives.