Slashdot Mirror
AOL Bans Mail From DSL-Hosted Servers
kmself writes "As first reported at linux-elitists by Aaron Sherman, and with a demonstration of the denial at zIWETHEY, AOL has begun blocking mailservers identified with residential DSL lines as an anti-spam measure, apparently heedless of the huge collateral damage this move imposes (and guess who can't send mail to Mom...). This action was unannounced, and has received virtually no coverage, spare an oblique mention at News.com. It also violates SMTP RFCs, as Aaron points out, not to mention the 'good neighbor' conventions of Internet communications. Mail to AOL's postmaster is also bounced -- this is RFC-ignorant.
I strongly recommend that as a compensatory measure, non-AOL MTAs be configured to deny all incoming mail from AOL's domain."
Youve Got(no) Mail!
You (don't) have mail!
to lttile too late. However, this move doesn't even classify as "too little". There has to be some other underlying reason to move to block e-mail for this one group of internet users, because it clearly isn't going to put a dent in the spam that AOL users receive daily. There are MANY service providers that do a much better job at spam blocking than AOL, why is it about them that keeps them from getting it right? Or are they secretly selling e-mail addresses?
I thought that was a requirement of having a domain and you can lose the domain if mail is not accepted or read there? I'd have to check the rfc's but wouldn;t that be a thing, someone taking aol's domain from them because they don;t accept mail for postmaster?
dave
I long ago includedevery mail from aol.com, yahoo.com and hotmail.com in my static spam filters. If anybody with such an account wants to mail me, they need to get in touch with some other account (or other means) first so I can add an excemption to them. To date I have three such excemptions total, all on yahoo.com.
I can't very well block them further than I already do, in other words.
Trust the Computer. The Computer is your friend.
Don't worry, I am on AOL. I will send your mom a note.
30% of the spam that comes in to our mailserver is from residential dsl ip's.
If you are dial up or home dsl you should not be talking diectly to smtp servers anyway you should be sending mail through your provider.
see: http://njabl.org/ they do exactly this.
The United States Postal Service has announced it will stop delivering
any mail from Florida, due to the large number of mail-order scams
originating from that state.
My friend pays for a "static" Ip address on his cable modem to run some private corporate web forums. A few weeks ago, all email notifications from the forums going to anyone hosted at earthlink.net were bouncing - The message is "No email accepted from dynamic IP addresses".
Both AOL and Earthlink have TONS of subscribers.
If they both decide to carry on doing this, there is nothing you can do about it.
Truth is, SMTP sucks. They are only doing this because of all the spam. Yes they are violating RFC's. Too bad...
--jeff++
ipv6 is my vpn
If you want to send mail to AOL you just need to use something different than DSL. No big deal. May I suggest AOL/Time Warner Road Runner Cable Modem Service?
Hermm....
I found out about this issue few months after i got my DSL connected almost a year ago. Used to be I'd use sendmail to send email out, and worked great since I could put my email address (which was defined through a domain name email forward) in the reply-to field. then, one day i get a message from AOL claiming I'm running an open mail relay, or using a "banned" IP. Got me worried a little bit, but I found out the real reason after i got a friend to nmap my box
$cat
I recently setup SMTP on my linux box (just for the fun of it). One of my friends has a hotmail account. I very quickly discovered that hotmail is refusing connections from my linux box (on a cable network). I very quickly told Postfix to send any hotmail bound email to my ISP's SMTP server. My friend got the email so... that may be an easy workaround for AOL as well.
If AOL doesn't want to accept your mail, that's their choice. It's their network, and their mail servers. Of course, when AOL customers find that they can't receive any email, AOL might lose business.
Like all other spam blocking attempts, there will be collateral damage. They try to keep their customers happy, and the market decides if they succeeded.
Tarsnap: Online backups for the truly paranoid
It should be pointed out that AOL isn't blocking "All DSL" MTAs but those that have dynamically assigned IP addresses. On one hand, this is a stinky, no-good, rotten thing for them to do. On the other hand, the elitest in me says "go get a real DSL connection if you're going to run your own MTA." :-)
But really, I know it's not an option for some, and this move by AOL is pathetic.
Laugh at stupidity: mod idiots +1 Funny.
I used to sell stuff on ebay and as such, always needed to reach customers pronto. And AOL email addresses as the unfortunate side effect of being the most unreachable.... either a high percentage never got the mail or it gets bounced.
My advice is to get a yahoo email address, not only does it not block mail, but you won't be inundated with junkmail because they filter most of it in another folder for you. So far, they never put in anything valuable or legitimate in there so it seems to work fine. The other reason is it is ISP agnostic.... that way if you cancel AOL, you don't have to give every a new email address.
My 2 cents^.^
If you have DSL you should still use your upstream SMTP server for outgoing mail. About 90% of incoming SPAM on my box originates from Windows boxes on DSL lines with open relays. I've set up exim to ignore all incoming SMTP calls from dsl hosts (*.dsl.*) and also to block hosts without proper reverse-DNS. These 2 simple steps take care in blocking a huuuge quantity of incoming SPAM at the doorstep...It's not fullproof, but it helps a great deal.
-adnans
"In short: just say NO TO DRUGS, and maybe you won't end up like the Hurd people." --Linus Torvalds
Services like Verizon, that use DHCP and/or PPPoE and already have a "no servers" policy? What's the criteria, here??? It will be interesting to see how AOL differentiates "residential" DSL from other types of DSL.
I use SpeakEasy DSL via Covad. This service is technically residential, because my servers are sitting in my house. But I have a legitimate domain, and static IPs on my servers. However, reverse DNS lookups return "dslwww-xxx-yyy-zzz.phl.yadayadayada," NOT my registered domain name.
I just successfully sent myself a test message from my domain mail to my AOL account, so I'm not being blocked yet. I guess I'll start sending a test message once or twice a day to make sure it still works, until AOL clarifies their policy. And if I do get blocked, there's gonna be some hell raised about it. My servers are locked down tight and laways have been. Shutting out all DSL-hosted mailservers to keep out spam is like burning your house down to keep it from being burglarized.
~Philly
The first I noticed it was March 27th (and I don't email my dad @ AOL that often, so it probably happened even before that ...)
... while talking to mailin-03.mx.aol.com.: ... while talking to mailin-04.mx.aol.com.:
The original message was received at Thu, 27 Mar 2003 13:35:36 -0600
from dougmc@localhost
----- Transcript of session follows -----
550-The IP address you're using to connect to AOL is either open to the
550-free relaying of e-mail, is serving as an open proxy, or is a dynamic
550-(residential) IP address. AOL cannot accept further e-mail
550-transactions from your server until either your server is closed to free
550-relaying/proxy, or your ISP removes your IP address from their list of
550-dynamic IP addresses. For additional information, please visit
550 http://postmaster.info.aol.com.
How about if AOL bans all of the e-mail traffic - in and out of their domain? Wouldn't that be great? They could even actually ban telnet, http, and ftp, too. And later all possible ports. In the end, they can even earn some money by selling their edge routers ;-)
iThink iHate iMod
They are targeting broadband in general.
I work for an electronics repair company...
we use road runner buisness class.
At work, I just recently wrote an application that interfaces with our database, and sends our customers email containing the status of their equiptment.
I just checked to see how many emails we send to that domain, and its a fair amount, I would say 15% of our customers.
this would create a problem for us communicating with potential or current customers.
im all for fighting spam, but are we collateral damage in this war?
I guess this is sort of like the New York branch post offices not delivering mail from Florida, because that's where a lot of junk mail originates from.
t -commercial-speech protest email.
I have a fairly nasty conspiracy theory on why AOL and Comcast are cooperating on this. By shutting out the innovative do-it-yourselfers on the Internet from their network, they squelch potential competition from their "value-added" services.
The next step might be to block web servers that don't originate from big corporate server farms. After all, who knows what could be on those independent things but kiddy porn and terrorist training instructions?
The irony is that the great mass of obtrusive commercialism on the Internet originates on the corporate, big-player side. AOL was the innovator in turning the WWW into a virtual shopping mall.
You would like to think, however that this will backfire on them, as customers look to alternatives to their increasingly sanitized pseudo-Internet network.
And how does one fool their IP filters anyway? It makes one want to "spam" everyone of AOL's customers with a protected-from-legal-prohibition-because-it-is-no
evanchik.net
As a network engineer of a DSL and T1 only ISP (we have dialup but only for traveling DSL/T1 customers) I can let you know that this will probably stop oodles of spam.
The latest spammer tactic is not to seek out open relays, but open windows proxies, and from there they can initial outbound SMTP connections to legit SMTP servers and send spam.
Already a large number of dialup providers will only allow you to send through their mail server, and a larger number of ISPs user the DUN RBL to block email directly from dialup pools.
This is just more of the same. Your ISP should provide you with SMTP service, use them as a smart host even if you're running your own SMTP server, so it'll offload the requeing/etc from your box to theirs.
DSL and Cable are the new dialup, and should be treated as such, a place where the majority of the customers are clueless idiots who ruin the party for the smart people.
Several ISPs are starting to scan mail servers sending them mail for open proxy/open relay before accepting the mails, expect to see this practive and AOL's solution spread to most ISPs in the near future.
If you want to run a real mail server, perhaps you should get a real internet conenction, like Colocation or T1.
Please send all UCE to scally@devolution.com so I can f
If you're an admin with users (ie., not just running your own system), it would be pretty hard to ban incoming mail from AOL.
A year or two ago, I had AOL trouble with my free colocated server. The people who gave me the server were using IP addresses from a T1 line that they bought from a cable modem company. It wasn't on a net connected via a cable modem, but it was part of the cable modem company's block.
So AOL just silently deleted my messages. It's very frustrating, they don't tell you anything, you can't find documentation, no one will answer an email, etc.
It would be nice, at least for the first few days after they start the policy, to bounce messages with some sort of explanation, rather than just tossing them out.
I don't really have a problem with them trying to block spam -- I had access to a bigger, upstream SMTP server, so I could relay -- but it sucks that they don't tell anyone what's going on.
At the very least an AOL mail admin could post something on a mail admin's email list, so that a google search would turn up the answer. What would that take, five minutes?
If they were really spamming AOL, they wouldn't need a mail server -- their could just tell their mail client to use mailin-03.mx.aol.com as the SMTP server, and it would gladly accept any mail bound for aol.com. Or at least it would before this ridiculous policy. The ability of people to run mail servers is not an issue -- SMTP doesn't care.
Slashdot's RFC-ignorant too.. Bounces abuse@ emails.
So far, the option we've been using for our customers is configuring a local SMTP server which then delivers directly to destination. We use Linux for this, and configure it so that it only allows incoming SMTP from the local network.
Recently, however, customers started reporting lots of bounced messages. Further diagnostics indicate several large mail providers are now blocking SMTP connections from dynamically assigned DSL IP addresses. I personally checked this happening with yahoo, AOL and Earthlink.
It sucks that the Internet is becoming such a hostile place; I think of those quiet towns where everybody can leave their doors unlocked at night. Now it's become like any large city where doing such a thing is equivalent to giving away all your belongings. It also sucks that Prodigy (and, doubtless, other ISPs worldwide) won't let customers use their SMTP servers; this is, after all, a service I'm paying for. Fairly, we should get a discount for NOT using their servers, given that they're completely useless for our configuration.
For now, the solution we've devised is using SMTP AUTH to let the customers' email be sent using our own SMTP server, which normally won't allow SMTP relaying from addresses outside our own IP network. However this feels like a hack and puts additional configuration burden on us.
Is spam the ultimate cause for all this hostility on the net? maybe so. And if that's the case, here's another reason why perhaps the next war we see should be the one against spammers.
I'd expect users of RBLs (see http://www.spews.org) and certainly the denizens of NANAE to argue that they have the right to refuse to receive email from anyone, for any reason, since that mailserver is private property.
It can be used in ways you like (refusing emails from Verizon's corporate HQ because they refuse to kick their spammers) or in ways you don't like (making it more difficult to send outgoing mail), but I don't see how you can reasonably kick and scream against one and not the other.
Actually, several providers have been refusing email from dial-up pools for a year or more, which is what caused me to decide that I would need to send outbound email through my ISP. IIRC, attbi refused email from my server on my ISDN line over a year ago.
The solution isn't difficult - go dig around on your ISP's website (or call them) and figure out the mailserver that you'd be using if you WEREN'T running your own MTA. Set your mail server to relay outbound emails through them. (See your man pages - it isn't difficult.) There's NO way your ISP's mailserver is going to refuse to accept your email, since if they did, no one not running an MTA could get email out. Sure, you'll have an extra line of headers in your outbound email, but it doesn't seem like such a big deal. Was the location of your mail server a secret anyway?
Of course, if your ISP is a notorious hoster of spammers, you're going to need to find a new ISP. You didn't really want to support those spammers anyway, did you?
I saw this problem a while ago with Verizon corporate. I finally had to set up my sendmail to relay through my DSL providers mail server.
To do this with sendmail use DSoutgoing.isp.net
If you need to authenticate you need to set up a default-auth-info file.
This has made mail delivery far more reliable.
In its latest attempt to crack down on spam, America Online has started blocking what it deems to be suspicious e-mail sent by customers of Comcast's High-Speed Internet and AOL Time Warner's Road Runner broadband services.
AOL, the interactive arm of AOL Time Warner, began in the last week to reject some e-mail sent by users of those services, according to AOL. AOL and Comcast, in particular, have worked together to identify a range of Internet protocol addresses of Comcast customers who have set up their own mail server to send messages, as opposed to using Comcast's mail servers like most subscribers do.
So this only affects you if you're 1) using Comcast, and 2) are running your own SMTP server. I have a different ISP and I use their SMTP server, even tho I have a server running for other protocols. It works fine, and there's no functionality I feel I'm missing. Mostly my server is there for firewall and NAT.
Can't send mail to mom, timmy? Use Comcast's goddamn mail server.
This move by AOL is a good thing. It eliminates one more source of potential spam, and closes many open relays, many of which were open only through ignorance. This is the way of the future, and I assume what everyone using the internet wants: close those damn open relays. I certainly am sick of spam, and I can't see how this is truly a cause of any inconvenience for anyone.
If Comcast was closing off incomming port 80 for all customers, and then charging an ass reaming to reconnect the service, that would be different. But having your own SMTP server doesn't provide any functionality that you can't get from Comcast at base price anyway.
In summary, good, and I hope many ISP's will follow Comcast's lead on this one.
I run my own mail server on a "business DSL" connection with a static IP address, but it runs to my home and I doubt there is any genuine distinction between "residential" and "business" DSL lines. I run my own server, of course, so that I can have a fairly powerful set of spam filters at the server side, in addition to a complex set of client-side spam filters -- all because I receive hundreds of spam emails per day, including dozens that I can identify as coming from AOL-owned servers.
I assume that AOL has only disabled receipt of email from DSL lines, and continues to send its customers' spam to folks like me. It's hard to know, since my filters already reject more than 98% of incoming email delivery attempts.
Let's at least try to be fair to AOL: they are just like the rest of us, forced to seek out triage solutions to the increasingly aggressive strategies used by spammers. Until a new structure is widely adopted for exchange of email (something that allows for true source verification and financial compensation for abuse), triage is the only solution that will work. Hence I block nearly all email from earthlink servers and customers, as well as juno.com and HUNDREDs of other domain names and IP addresses.
-- http://www.MarkWelch.com/ Pleasanton California
aol is pitiful
But representative of the masses. Most people don't care about anything but Web access and email -- and the more this happens, the more the Internet heads in that direction, regardless of how much we dislike it.
It may be pitiful -- but it's probably indicative of the future. Already, extensive random firewalling has made HTTP one of the few mechanisms that can be relied on to work in all environments.
Sigh.
May we never see th
I personally think this is a good thing. I know a lot of ISP's who've voluntarilly added all of their dialup and DSL IP addresses to various RBL's. They insist that you use their upstream SMTP server.
This way, you can still send mail, and ISP's don't have to police all of their users to ensure that they aren't running open relays.
I'm sick of all the spam, and all the spam comes from DSL SPAM faggots. So what's the problem?
If you have to send mail from a DSL account, use your ISP SMTP server. That's what it's there for. Having said that, I am a DSL user who uses his own SMTP server (mainly for spam filtering which I think I can do better than my ISP)- but if I am forced to use my ISP's smtp server to help lessen the burden of SPAM, I don't have a problem with that.
For another way to fight spam, which I read on the Mimedefang mailing list, how about setting up a way for domain admins to specify valid smtp servers for a domain. Then when mail comes in from, for example, yahoo.com, your mail server can query yahoo.com for the list, and if the originating server isn't on it, then the mail isn't accepted.
The United States Postal Service has announced it will stop delivering
any mail from Florida, due to the large number of mail-order scams originating from that state
Don't laugh too hard on that one, there are schemes in place of trying to privatize and eliminate the whole of the US mail system including first class postage. While it might be neat to have all your mail sent by one company like UPS and while the post office does need to get its act together ASAP, my concern is that rural areas would by stuck with only one greedy private company as their only means of communication (thus making it expensive to send or recieve mail at all). Remember, the postal system in the US is a time-honored tradition that has been the envy and model for the rest of the planet. It is also in good working order, thus if AOL chooses not to accept e-mail anymore, why not just bombard them with snail mail? We could also return their bloody disks right back to them while we're at it. Maybe after they get several hundred thousand they'll get the hint.
And if you think the AOL-Time-Warner lawyers will allow their most lucrative domain to be taken from them then I have to disagree. I figure they've already got a loophole in the fine print somewhere that is as easily exploited as the pictures of children for those old Sally Struthers commercials (the ones where the kids keep starving but she kept growing). There hsa to be some reason behind this that is not yet shared, hopefully their decision has a more rational basis than some of the arguments for privatizing the US postal system.
As long as there is a Second Amendment, there will always be a First Amendment.
How to post a negative AOL reply on Slashdot.org just like a veteran /.er.
1. Start off by naming the previous number of times AOL has done something you dislike, noting that this particular incident is "the worst yet."
2. State your greivances about the topic. Explain, in near-irrevelant detail, how this will negatively effect you and others.
3. Throw random arguments in about how non-AOL services are far superior to AOL services.
4. Also imply that anyone who still uses AOL must be of inferior intellect that yourself.
5. Notate the sudden revelation that you don't use the services of AOL (in fact, can't recall any time at which you did use AOL) and, if you did, you and anyone else using AOL probably deserves the a forehand mentioned greviance and whatever similar issues they get.
6. Close with witty remark about poor service and/or "AOHell" reference and offer cliche signature of either "Step 1. AOL reference, Step 2. (blank), 3. Profit!" or "All your base..." adaption.
IN RUSSIA, AVERAGE AOL REPLY WRITES YOU!
As an antispam measure I've blocked AOL, hotmail and Yahoo for a while
.com to prevent spam. Unfortunately that doesn't catch all spam anymore.
Some years ago I just blocked
Do you care about the security of your wireless mouse?
It's all very well saying "residential users should use their isp's mailserver", but what about when that mailserver doesn't appear to know what an RFC is:
.net 022: Your current IP address is not allowed to relay to slashdot.org Solution: Connect using BellSouth Internet Service.
Connected to mail.bellsouth.net.
Escape character is '^]'.
220 mail.bellsouth.net ESMTP server (InterMail vM.5.01.04.25 201-253-122-122-125-20020815) ready Sun, 13 Apr 2003 19:17:26 -0400
MAIL FROM:<>
250 Sender <> Ok
RCPT TO:<slashdot@slashdot.org>
550
QUIT
221 imf35bis.bellsouth.net ESMTP server closing connection
<> is an important from address - it's used by the mailserver when it bounces a message, so that the bounce can't be bounced back and forth in a loop
For that particular server I used to test that, I had to arrange to send email via someone else's mailserver using smtp auth >:|
Yeah...because when a big corporation does something wrong, we should exact revenge upon all of its customers.
That's very mature. Particularly in the case of AOL, which services the vast majority of under-educated internet users. You'll fuck up all of their personal email communications, and they won't have the first clue why.
Brilliant solution.
crib
Please don't read my journal
Blocking Mail Servers that don't have Reverse DNS
This issue is somewhat related, and is just another part of the big issue of preventing users from setting up their own services upon their Internet connections. If you can't send an receive any data that you want, it's not true Internet access. Now, I am not talking about setting up a mail server at work behind the corporate firewall, or on the college LAN. I am talking about the DSL line that I pay $55 to $150 a month for.
Recently I put up a personal mail server off of my DSL line. It uses Courier for the MTA. I am able to send and receive mail to most hosts on the internet, but a few will not accept messages from my mail server. I was curious as to why, so I did an investigation.
It turns out that these mail servers check reverse DNS for the IP address that I am using for a mail server. Doing a forward DNS check would be just fine, but a reverse DNS check? It does not stop spam, and worse, it blocks legitimate mail servers.
My ISP is pretty stupid on the technical wise. They use EIGRP as their IGP and they leave their customers on a live EIGRP enabled interface. I could inject routes into their IGP if I wanted to. Most of their Cisco routers also have HTTP and finger enabled. They definitely don't do anything about reverse DNS. There is no way that I can register my mail server (mail.opendreams.net) with the IP that I use (66.192.31.140).
The mail servers that I have so far discovered block mail from me include;
The University of Central Florida, @pegasus.cc.ucf.edu, pegasus.cc.ucf.edu
Datanomix Inc, @datanomix.com, mail.datanomix.com
How did I find out? Here is an example of a telnet to port 25 that I did...
user@sorrows-->telnet pegasus.cc.ucf.edu 25
Trying 132.170.240.30...
Connected to Pegasus.cc.ucf.edu.
Escape character is '^]'.
EHLO mail.opendreams.net
450 Client host rejected: cannot find your hostname, [66.192.31.140]
QUIT
221 Bye
Connection closed by foreign host.
The mail server won't even talk to me.
Issues like this will make mail on the Internet no longer a sure thing. There will be mail routing and blocking issues all over, and you can't be sure that one mail server will talk to another. This is not acceptable.
I personally think that there needs to be U.S. Federal laws made to protect the rights of Internet users. The reason that I think that law is necessary is that there is no competition in many areas for internet access. If there was, I could just switch carriers, but I have no options.
Check here.
"Trusting every aspect of our lives to a giant computer was the smartest thing we ever did.." Homer Simpson
Last week I discovered that Road Runner had blocked all incoming mail traffic from my workplace's domain. When we called RR to seek an explanation, since we have our relays secured and don't spam, they told us that it wasn't just our IPs that were blocked, it was ALL of the IPs that our ISP, Allegiance, owned. Apparently one person had sent enough spam to annoy RR, but instead of blocking just one IP or a small range, they decided to boycott ALL mail from the owner of the IP. Very annoying, and unprofessional, if You ask me.
AOL is loosing money hand over fist and then some, Time Warrner is gonna kill the service or more likly turing it into more of a web porthole and less the friendly AOL bbs ppl are familliar with sooner or later anyway. I suspect they will move as many customs to their broadband services, and turn the rest out. I see AOLs future as more of a paid subscription web site then and ISP anyway as they cannot afford to be an ISP much longer at this rate. When that happens it won't matter what they do with e-mail becase "Moms" e-mail address with be at @HerRealIsp.net. If AOL can loose a few customers over this because they don't like not being able to get mail from their frends without using hotmail or something then it will only speed the process along.
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
For a long while I've seen several stories in the ongoing war against the spammers, and the more draconian the measures get (blocking all of East Asia as many in these discussions proudly claim to have done) the Internet e-mail system appears to be in it's death throes already.
When you start blocking such a significant percentage of the world in a blanket measure, wouldn't it be simpler and more effective to screw tortuous blacklists and just implement a whitelisting procedure? I mean, if over half of all the e-mails businesses get aren't legitimate, why in the world are these businesses throwing money down the drain by continuing to pay for something that doesn't work over half the time?
IP+address whitelisting is really the only way to go if you want a useful messaging system based on SMTP anymore. That, or completely revert to instant messaging/private web boards. I'm sure some kind of system could be worked out to allow for simple temporary whitelisting which would let a user allow mail to himself from a certain address for 2 hours, or whatever the local admin defined as the maximum allowable time. Then, at the end of the day, if a user checked the box asking for this addresss/mail server IP combination to be put on the permanent whitelist, it gets sent with all the other such requests to an administrator who vets the list, then adds whatever addresses pass muster onto the permanent whitelist. You could add functionality that has tripwires if you start getting spam from that person...so many peices allowed before a warning, so many before removal from the whitelist for a week, then forever, etc... Yes, it places a demand on the mail administrator, but certainly no more of a demand than the running battle currently takes up.
Personally I have very little use for regular Internet e-mail. I use it occasionally, because you still need an official e-mail address for various registrations, and for reciepts for buying stuff online. For actually talking to people, I use AIM of whatever instant messaging system they may use. I've considered creating a new AIM identity just for clients to get in touch with me through, but there isn't much nuance in logging and most don't deliver messages recieved when you're not logged on.
I wish there was a way I could relegate Internet e-mail to the same status my mailbox has. Namely, flip through to see if there are any bills and dump everything else directly into the trash without bothering any further with it.
This has been a problem for me for months.
/etc/mail/mailertable and finding someone willing to relay all my aol & compuserve mail for me.
My server on cable (IP is relatively static, changes every 6 months or so) has been unable to send to aol.com or compuserver.com for over 3 months.
I found a workaround by using
As one of the nameless multitudes who receives thousands of "Get Rich Quick," "Gallons of Cheap Viagra" and "Teen Sluts With Shaved *****" spams, I have been wondering something for a while:
What's the feasibility of coming up with and implementing a brand new mail protocol -- one which somehow prevents (or at least extremely complicates) the transmission of bulk, unsolicited mail? On the server level, you could build in source address verification (so spammers couldn't disguise the source of the mail) and bandwidth limitations -- so for example, someone sending out 1000 emails could do so, but with a geometric lag for each mail they send. (Isn't this called a "tar pit"?)
In other words, since e-mail was invented in a time when spam didn't exist, it seems like we could improve upon the protocol considerably and make it harder for spammers to do their dirty work. Not being an SMTP expert, I don't know what this would require -- perhaps someone could fill me in?
Blocking reverse is fine; make your ignorant ISP fix your service.
--- I do not moderate.
Ok, normally I'm all for the liberal "screw the big corporation" /. agenda, but there are several problems in this case...
1. The RBL (specifially the DUNS list) has been advocating this very thing for years now. Many administrators (yours truly included) find it to be the most useful of the spam-blocking lists. So tell me again why is it suddenly bad when AOL does the same thing as DUNS by their own accord?
2. No self-respecting ISP is *ever* going to block mail from AOL. Because they respect them? No.... because of the potention legal liability in blocking such mail without permission of each and every one of their users. E-mail has long been held to be the most protected of the Internet services in courts... screw with that at your peril.
3. It's an easy work-around. Someone has already posted the sendmail fix, here's the one for qmail.
In /var/qmail/control/smtproutes add the following line (yes, with the preceding colon): :mail.yourisp.net
4. My guess is the AOL user agreement specifically prohibits running servers of any kind on residential dialup/DSL service. Don't like it? Then either a) hide those servers better (non-standard ports) or b) find someone else to take your money.
That's all, have a nice day.
Jeff
My
If I did that, I'd be accused of spamming by my ISP, since I run a VERY high volume mailing list. We have approximately 12 lists; the bigest list has 1,500 subscribers and gets about 100 emails a DAY. We have another major list that's about 500 people and similar volume.
About 90% of incoming SPAM on my box originates from Windows boxes on DSL lines with open relays.
99% of MY spam comes from chinese and eastern european ISPs that don't give a crap what people do with their internet connections. The solution is not blacklisting DSL and cable connections(because, among other things, it's not easy to switch, unlike dialup.) The solution is cutting off bad ISPs from backbones...but that's not likely to happen any time soon, because the backbone providers don't give a crap- every packet is money in their pocket, regardless of what kind of packet it is.
And guess what? If you are getting lots of spam from DSL/Cable users, it's really easy to solve. Report it. If there's a report of spam, the ISP disconnects the customer until they fix it. Imagine how fast people will learn to keep their machine clean if their internet connection goes down. ISPs will whine about the work, but, gee, that's like the gas station attendant whining about having to give directions to people all the time. Comes with the territory, bub.
It's ignorant people like you(who think "since -I- don't need to send mail directly, neither does anyone else!") that cause people like me grief.
We get next to NO money from subscribers to pay for costs- $5 donations here and there. DSL and Cable offer a nice, cheap way to host a mailing list, or a webboard; we don't use very much bandwidth at all, and occasional hiccups aren't a problem, especially given the design of SMTP; if at first you don't succeed, try, try, again. Commercial DSL is just less down bandwidth, slightly more up bandwidth, a 'real' static IP instead of a DHCP-assigned address that basically never changes...and a HELL of a lot more expensive. Oh, and instead of telling you to go screw yourself when you scream at them for your line being down, they -politely- tell you there's nothing they can do(and, by the way, -please- go screw yourself.)
Luckily, we're sucking bandwidth off a hosting company that has graciously allowed the box to sit off their network- but if they tank, we'll be screwed- commercial hosting runs about $90+ or more, and our box isn't rackmountable, so there's another $25-50/mo.
Slowly but surely, the media companies are doing their best to squeeze out other sources of competition- the little guys. Check your Terms of Service/Acceptable Use Policy. My home connection(ATTBI, now Comcast) has banned "messageboards and mailing lists" for years, along with FTP, web, mail, IRC...and specifically states it's an "entertainment service", and I am a "consumer" of that service- ie, sit down, shut up, and be a good little consumer of mass web media. How dare you produce your OWN media...
Please help metamoderate.
Having zero background information on this topic, I am prepared to make an indignant response to AOL's clear violation of YOUR RIGHTS ONLINE! AOL has blatantly violated YOUR RIGHTS ONLINE by deciding not to accept mail from dial-up and residential DSL IP addresses! Dammit, I am sick and tired of providers who think they have the right to do what they want with servers and pipes that they pay for! They are obviously violating my right to free speech by censoring me with their heavyhanded spam-fighting measures! They are probably going to use the DMCA to defend this decision! My guess is the RIAA is behind all this! If we don't all get up in arms about this blatant violation of YOUR RIGHTS ONLINE, next thing you know there will be an AOL camera in your TOASTER OVEN! You will have to ask AOL permission to GO TO THE BATHROOM!
Today I started getting about a dozen bounced emails per hour that I didn't send. Some spammer promoting a penal enlargement scheme was using my return address. This has happened before, so, ho hum for now. Funny thing, all the bounces were coming from AOL. I figured that somehow the spammer was just targetting aol patrons with his mass mail. Maybe not. IDK.
There is no way to Spam from AOL/Yahoo or Hotmail. It's physically impossible for a common user to do it.
What is possible to do to forge a 'from' address in an email header. Look again at the emails you have in your spam bucket and look at the recived-from: header. I'll bet you $100 they didn't come from anywhere with a '.yahoo.com' at the end.
autopr0n is like, down and stuff.
I hadn't considered that, but they've got a $1 billion interest in just that area.
What part of "gestalt" don't you understand?
Spam Wars, Part III
The AOL Empire is nearing completion on the Death CD. In alliance with the
other local Empires, they have conceived of a plan to end the mechanical menace
of millions of spambots spread thruout the galaxy, by cutting off transmission
between the bots, they hope to cut their communications and cripple them.
In other news, the Rebel Alliance commanders are furious."We use the same
channels! We must strike back!" Does this spell doom for the galaxy, or finally
freedom from the menace of the spambots? Tune in later for our special report.
It's old. The more humans I meet, the more I like my cats. At least they are honest.
The only reasons you should be using some other server to transmit your mail instead of doing it yourself are
- Your connection isn't reliable enough - That's a problem for dial, not DSL.
- Your machine or mail delivery software isn't connected reliably enough to handle reattempts on messages that didn't get delivered successfully the first time - Laptops have this problem, and it _is_ easier to write mail client software that hands everything to a proxy server than software that tries direct delivery first and then falls back to using the proxy.
- Your mail software isn't smart enough to handle complex deliveries - That was a real problem back when we had UUCP and Bitnet and other non-SMTP mailers in common use and the Internet was only for universities and defense contractors, but we've fixed that problem, though some mail client software isn't smart enough.
- They're providing a service you don't want to do yourself - Maybe some kind of timestamping or notary service or encryption gateway or anonymizer or tunnel into your corporate Intranet.
But that's about it.Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Try sending 2 oz letter 3500 miles for $0.36
.37 + .23 each additional oz.
US Mail is
My ISP has not shown that its servers are reliable. I like to be able to use mailq to see what's backed up. I'd also like to be able to use my own mailer's parameters for bounces. There's lots of reasons to prefer to use your own mailer instead of your ISP's, even if you technically could use your ISP's. But now, you'll want to relay through your ISP for all the mail that AOL won't accept, while sticking to your own SMTP services for everything else. That's what this document is for.
I encourage people to write corresponding documents for other MTAs. Also, some people can only send mail through their ISP with their ISP-assigned username. It's possible to configure sendmail to adapt AOL-bound mail to have the ISP-assigned sender. That is not discussed in this document; email me if you need it, and I'll write a followup post.
HOWTO: Configuring Sendmail to use your ISP's relay for AOL
This uses the sendmail mailertable feature. The mailertable feature allows you to specify the mailer and relay parameters for individual domains. That's exactly what we need here.
Remember that some ISPs may require you to use your ISP-assigned email address to relay through them. This won't help with that, but there's easy solutions for it. (This sort of thing is where Sendmail rocks.) Email me if you need it, and I'll post a followup.
Why again would one have a mail server on a dynamic IP? If you want to host your own mail, do it the right way and get a static IP address and an ISP that will host reverse DNS for you.
This is what I'm doing, and haven't had any problems being blocked by the big boys. I would assume their filters are pretty basic... probably finding a dhcp-* or the likes during a reverse lookup is how they're doing their filtering.
In CA at least, there's just no reason to give your broadband money to one of the 800lb gorillas with so many third party providers willing to give you a static IP and things like reverse DNS hosting for a tiny premium over the *Bell services. If your chosen broadband provider won't allow you to relay mail to addresses other than their own, then why again are you paying them so much money every month?
Let me just point out a few things:
1) Although I've never used my ISP's mailservers for outgoing mail, my friends have -- and mail is constantly lost, or delivered hours late.
2) Likewise, my ISP's incoming mail servers are frequently down, losing mail, and full of spam (the address was either harvested or sold, I don't know which. I have evidence of it, but that's another thread). A couple of my own local accounts suffer from spam as well, but I managed to install Spamassassin, which must be too difficult for my ISP.
3) Privacy is a concern with me, and I'd prefer to handle mail transactions myself.
4) I like the reassurance of looking through my Sendmail logs, knowing that an important message was delivered, and if it wasn't, the reason why.
5) Although this is unrelated, my friends often complain of outages when my service is fine. The reason? My ISP's DNS servers are constantly screwed up, yet I run my own.
6) I run majodomo to host a small mailing list of 20 of so members (that moves perhaps 500 messages a month); that's not enough traffic to justify having it hosted somewhere else, and Yahoogroups butchers messages with advertisements. Luckily none of its members use AOL.
7) I check my mail logs often (to make sure nothing unordinary is going on), and do not allow relaying.
Many of us run mail servers simply because our ISPs are unreliable. Many ISPs can't even host a measly 5mb of web space adequately, so I feel weary letting them handle important E-Mails. I wish Speakeasy was available in my area, it would be a no-brainer switch.
You've probably heard the saying, "tolerating excesses in order to preserve freedoms." Well, Spam is an excess -- a very horrible excess. At the same time, enough people use home mail servers for justifiable reasons that outlawing them, or blocking mail from them isn't a logical decision.
And besides, there's other ways to prevent spam without making anyone unhappy. Spamassassin, once configured correctly, nails just about all spam. My university filters spam on my POP account, and I receive maybe one (if that) a month; couple that with Mail App's built in filtering and I haven't actually seen a Spam message in months. The best way to get rid of spammers is to implement solutions that make their efforts ineffective on ANY level, not just by killing off one of their hundreds of other options (AOL's method).
My MTAs have been set up to blackhole AOL mail (on a whitelist basis) since about 1997 or 98 :-). I had almost forgotten... At that time, I was getting a heap of spam from their domains, and as I'm in Australia and AOL doesn't have a significant coverage here it's pretty safe from false positives.
ban their own marketing morons from sending those damn AOL CDs.
Those things serve the same purpose as Spam: "If you spam them, they will come"
And what's AOL's terms of service for servers hosted from their residential customers? Most broadband ISPs have limits. If they're just enforcing parts of the TOS that were already present when you signed on, you've got nothing to complain about.
MS did forget to renew hotmail one year. they actually sent the guy the 35 bucks who did it for them
quote: 'I wanted my email!' -- that guy
You can't sue someone for not complying with an RFC, or any other kind of standard (unless there's a patent of some sorts on it, a la CD's).
If you could, MS would've been out of business a long time ago.
And blocking AOL is a way to get them to realize that they're being dumb about it. Their customers will soon realize "hey, I can't get mail from or to anywhere... wtf?" and switch to an ISP (AOL is *NOT* an ISP.)
I'm on a cable modem and it doesn't accept mail from my mail server either... If I try to send to my friend's Compuserve (owned by AOL now) address... I'm on a cable modem. The way the message is phrased, they make it sound like I'm the cause of the spam woes... I mean, that is just ridiculous. My server is secured, I am very selective about who is allowed to relay.
Here's the message it sends back as it appears in my mail server log:
00:08:31 5 SMTP-409(cs.com) Disconnect Received
00:08:31 5 SMTP-409(cs.com) Disconnect Confirmed
00:08:31 4 SMTP-409(cs.com) Input Line: 550-The IP address you're using to connect to AOL is either open to the\r
00:08:31 4 SMTP-409(cs.com) Input Line: 550-free relaying of e-mail, is serving as an open proxy, or is a dynamic\r
00:08:31 4 SMTP-409(cs.com) Input Line: 550-(residential) IP address. AOL cannot accept further e-mail\r
00:08:31 4 SMTP-409(cs.com) Input Line: 550-transactions from your server until either your server is closed to free\r
00:08:31 4 SMTP-409(cs.com) Input Line: 550-relaying/proxy, or your ISP removes your IP address from their list of\r
00:08:31 4 SMTP-409(cs.com) Input Line: 550-dynamic IP addresses. For additional information, please visit\r
00:08:31 4 SMTP-409(cs.com) Input Line: 550 http://postmaster.info.aol.com.\r
Who did what now?
Let me preface this with a disclaimer. I worked in AOL's mail and anti-spam groups for 5 years, ending back about a 2 years ago. I still keep in touch with the people back there, and I have a good idea what's up, as I still work in the anti-spam 'industry'.
Not that anyone will see this, as it's on the second page of comments...
A massive percentage of spam (well over 50%) comes from compromised windows boxes running either trojan software to open ports for spammers to proxy through, software like AnalogX that does the same, or just users who somehow manage to set up a proxy that's open to the world. There's also a big problem with a LOT of the DSL hardware on the market, that allows people to proxy through it transparently, via use of a security hole. Check Bugtraq if you want to find details.
These broadband connections are where the spammers are headed for anonymity. Yeah, sure, there's still a bunch of big-time professional spammers out there who spam away from their often-moving netblocks. That bunch isn't so hard to keep up with.
There's also the problem of Klez and other SMTP aware worms that busily want to send you lots of infected mail. Sure, *nix users don't really care about that, but companies like AOL, with a crapload of less-than-savvy users have to.
It's been this way for 56k dialups for about 3 years or so... but the noise about that only lasted a few weeks, much like this will. If your DSL company can't support your needs, vote with your feet! Switch your service to one that can. If Verizon can offer you service, you can pretty much bet that Covad can too.
(shameless plug: Check out lmi.net for that stuff.. small companies make for better service, and if you need the medium-sized company feel, go with Speakeasy.)
So what if you have a contract... if they can't get your mail to AOL with the right domain, it sounds like grounds to break it to me. =)
The biggest problem that I see with this move by AOL is for businesses with their own E-Mail Servers. Many of my clients use Exchange, Lotus, etc as their email server for the groupware features. Since many of these clients are small to medium businees they operate on Business DSL and cable connections.
There are two problems that I have begun to notice. One, that the DSL and Cable providers are not doing a good job with PTR records and consequently the reverse DNS usually is something like xxx.xxx.xxx.atl.bellsouth.net instead of mail.companyname.com. Secondly, Bellsouth and others are now blocking ALL relaying through their servers that do not end in @bellsouth.net.
This means that for some of my clients they are being blocked from sending email to AOL. Why? Because for Bellsouth (and many others) having a Static IP means that they simply set a reservation on their DHCP server. This means that they are "dynamic" IP's even though the companies are paying $10 to $20 more per month to have "static" IP's. Also, these "Business Accounts" are drawing IPs from the same blocks as residential IPs. In one case the IP address for my client at home (down the street from his office) is usually only a few numbers off from his mail servers "static" IP.
While I can understand why AOL is doing this, I do not see how this solution is going to fix things. AOL is assuming that the problem is ignorant users and malicious spamers and that ALL ISP's are doing things like they should. We all know this is not true. Many T1 providers do not even setup proper Zones and PTR's for the IP's. On smaller ISP providers there is often no differentiation from Dynamic IP blocks and Static blocks, as they also use "reservation" based systems.
The flaw in AOL's thinking is that they can fix a broken protocal by filtering messages based on RFC's being followed by ISP's. I dont see this working well for long.
IMHO
Huh?
IMO too much time is spent ranting about how Tha Man is keeping the $30/mo broadband user down by not allowing the minority who know how to run a secure server to use their residential line as a commercial line. We should be putting a hell of a lot more energy bitching about the masses of clueless users who randomly click on any email attachment they get, setup their P2P apps in slut-mode, and otherwise connect to the Internet in such a way that they become:
- just another hop for viruses to propagate through
- just another misconfigured AnalogX proxy or Lovgate infected SMTP/NNTP open relay
- just another DDoS drone host
Its sad, but the majority of broadband users have forced this action. If people understood the concepts of due diligence and responsibility we wouldn't have David Ritz and others spending huge amounts of time battling USENET spam, ISPs getting slammed with DoS all the time (and I mean that litterally), and spam gangs doing automated scans of broadband networks for open relays so they can spread their email polution.Its a myth that spam only comes from networks in Asia that don't give a damn. It comes from Ma and Pa's Windows 98 box that got infected with one of several variants of Lovgate and helps spam the planet, all from their speedy little DSL/cable connection.
Before the /. community jumps down AOL's throat at this carpet-bomb tactic, we need to realize that it is a business response to the realities of security on broadband networks. If users took responsibility for their connections and had good firewalls, anti-virus and intelligent email practices then this problem probably wouldn't exist.
perl -e 'print $i=pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'