Slashdot Mirror
AOL Sued For Over-Zealous Blocking
mik writes "America Online
has been sued by CI Host,
a Texas-based hosting company for defamation, interference with
contractual rights and unfair competition. CI Host
has been
awarded a temporary restraining order, though AOL has apparently not complied.
This may be the first such in a series of suits leading up to, perhaps, to class-action status relating to AOL's recent zealotry in
anti-spam policy
resulting in the presumption that shared-hosting providers are guilty (of spamming)
unless proven innocent."
And we could use more of it.
Go AOL!
Enema of my enema is ma friend.
Now we just need to put together some kind of class action suit for them spamming my regular mailbox with those damn CDs
I would agree that their filter is overzealous in this regard. Their method of filtering by magic numbers is far less reliable than filtering by inconsistency.
I manage the web and email account for the church I attend. The pastor has an aol account, so his e-mail from our server simply redirects to his aol account. Just last week, I found that we had been put on aol's blocklist for some reason - all e-mails being redirected through the server to aol were being blocked for 2 weeks by aol. Blocking messages like this results in missed personal communication. This could possibly result in lawsuits from consumers themselves.
And I'm going to enjoy watching.
CI Host is a lousy company. I had nothing but trouble with them when I was hosting there. They continued to charge me after I cancelled my account, they refused to issue refunds in a timely manner. I very nearly took them to court over it. CI Host has spammers as customers. I told them about a few that were causing problems for me, and they never did anything about them. Doesnt' surprise me, because their customer support is poor, bordering on non-existant.
AOL is going to turn around and clean them out in court, and I'm going to thoroughly enjoy it. All they have to do is point to a few CI Host customers that spam, and that CI Host has been notified of several times, and it will either be a wash (in which case, AOL wins because they can stand the legal fees better than CI Host), or AOL will be able to counter-sue without a problem and make CI Host feel the hurt. Either way, I say yay AOL, which is something that I don't often say.
-Todd
"The details of my life are quite inconsequential..."
At least AOL can defend itself
I had the misfortune of having a dedicated server with them for 2 long years. The machine would lock up frequently, and i'd have to make a 30min call from Australia to the US to listen to their on hold crap so i could talk to a tech and then try and convince him to hit the big red button.
CI Host has a huge marketing and sales department and tiny tech support division. Dont you dare, ever, believe a word of their marketing crap. They suck. Pure and simple. They've cost me thousands because of the clients i've lost because of their incompetence. Some of the people are nice enough but they simply dont have the technical skills of other places.
I'm now with rackspace.com and they kick arse!
I'd rather spam filtering be left to myself. Any decent e-mail client has the capability for filtering, and by doing that way, I have control over what gets thrown out and what doesn't. I would not trust AOL to tell my what e-mail I should and shouldn't read. That, of course, is one of the many reasons why I would never be an AOL customer.
Seriously. I realize AOL has the deep pockets, but the spammers are the cause of AOL's blocking email from the domain. The spammers, not AOL, are responsible for any monetary damages the plaintiff here suffers. Public policy dictates that AOL should be immune and the spammers who spammed from that address should be liable. Does everyone have the right to send email to AOL addresses? I would say no, although AOL should have to say "hey, when you have an account with us there are people who will be unable to email you."
Stupid people make stupid things profitable.
I personally think it is good that someone is trying to block spam. Now if they could validate forged headers.
Rosco: "If brains were gunpowder, Enos couldn't blow his nose."
Don't be to quick to defend them.
0 27 3.html is another link.
http://www.forumhosts.com/cihost.htm for a taste of what these guys are like.
http://www.stevemaas.com/selbstbild/archives/00
Let's hope to god the EFF's and Timothy don't fall for their lawsuit stuff.
More of AOL's anti-spam zealotry is a good thing (I speak as someone who has had something like 10,000 emails blocked by them in the past few weeks).
Been with CI Host for awhile, pretty good network, really like the price too.
Also, AOL/RR is blocking email from my office (Sprint SHDSL, fiber optic DSL, faster than T1, business only stuff in case you weren't aware). Ever since I got the first bounced message AOL has been #1 on my shit list.
Bravo, CI Host, Bravo.
Being as I at one time worked in the abuse capacity for a ISP. Although AOL may have over zealous policies as of late they do have a postmaster number which they could call and have the validity of the block checked. I had done this in the past and had resolution in ~24hours.
Am I the only one that finds this ironic? It's not okay for AOL to filter spam, but it's okay for us to. Uh huh.
Just do a quick /. search to see what people think of ci host. I was a ci host customer back in 99/2000 when their whole accounting database was open to the internet, customer information and credit card numbers. There were $5000 of fraudulent charges on my check card around the turn of millenium from my information being readily available to any idiot with a web browser. The bank took care of everything but it was a pain the in ass.
C I Host, one of the world leaders in Web hosting and Internet solutions, was awarded a temporary restraining order against America Online
I can't be the only one that finds the concept of an online restraining order more than a little amusing.
The coolest voice ever.
What are u so pissed about timmy? Are you a spammer?
AOL has the right to block who ever they want.
I still hate spammers though.
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
spews.org
(and indirectly osirusoft.com)
selwerd.cx
blars.org
bl.reynolds.net.au
Personally I choose to use block lists that have clear open operating policies, including clear adding and removal methods. A small sample include:
spamcop.net
ordb.org
proxies.relays.monkeys.org
opm.blitzed.org
This is certainly not a comprehensive list, but it is a good start. A good comprehensive list is at: http://www.declude.com/JunkMail/Support/ip4r.htm
And most importantly, READ THE POLICIES OF THE BL *BEFORE* USING IT. The last thing you want is to start using a BL, only to find most of Asia, or big ISPs, are among the ones blocked, and you're losing legitimate email.
**FREE** Track and view your phone's via CellID and/or WIFI and/or GPS
I would be supicious too of any shared hosts. I don't see them doing much to prevent it on their end.
Consider if you have an AOL client who has a site on your hosting server. They forward their site mail to their AOL account. Their site account gets spam. What happens? Well, the spam gets forwarded, the clueless AOLer reports it as SPAM, and AOL's system sees your hosting server as a spam source. There is nothing you can do to protect your hosting server. Nothing.
This really happens. If you call AOL, they basically say it isn't their problem. If an AOL client thinks a mailing list email they signed up for is spam, then AOL thinks it is spam. They tell you to setup a feedback loop where they send spam reports, but you have no way to respond to AOL. You just get flooded with tons of reports by clueless AOL users with no way to tell AOL, "Hey, this isn't SPAM!"
Only on two occasions where a client had an exploited formmail script did the AOL system work as it should (i.e. spam was reported, we saw the report and found the problem). Every other day of the week, it is a massive time-sink that you get nothing out of.
AOL wanted to make up for sucking on the SPAM front. So they become complete asses and made the job that much harder for the rest of us. Bravo!
I hope the class-action suit makes them stop. I don't expect anyone will see any money, but at least AOL will be held accountable for being such idiots.
"Doubt your doubts and believe your beliefs." -- Switchfoot, Ode to Chin
Do you really trust AOL to filter spam and emails for you? Then good for you - you can join the other 35 million idiotic users who think AOL is the internet and have no clue what a "actual" ISP is.
You must master your joystick like a fisherman masters bait! - Gimpy
Microsoft was struggling for market share against CP/M?
IBM was evil?
SCO made a great little UNIX for PCs?
what's next?
AOL having morals?
Look! Out the window....PIGS! Pigs are flying!
I don't recall there being anything that says an ISP has to accept email from someone. It seems more like the accepted business idea of reserving the right to refuse service to anyone.
I am on a small ip block, with losers that catch the latest winshit worm and start spamming every few weeks.
Because of this, AOL has blocked my mailserver despite 7 requests to whitelist it (3 from myself, 4 from AOL victims^H^H^H^H^H^H^Hconsumers). It gets whitelisted for a few days, then group punishment kicks in and it's blacklisted again.
I have never spammed, I never intend to spam. Getting accused of sending half a billion unrequested emails in half an hour from a upstream as small as mine is both hilarious and insulting.
Fighting spam is one thing, blanket bombing to prevent spam is quite another. If anyone at the evil empire's apprentice is reading, "Hope you're glad that my dad left you because of your stunts. See you in court."
You can't judge a book by the way it wears its hair.
But the write up sure sound like "Mike" has some sort of investment in CI Host.
Wouldn't be surprised if "Mike" is really a spammer using CI Host because he sure sounds like one.
Some choice quotes:
"defamation"
Look here and here.
"...interference with contractual rights"
Where is this contract that says they have to accept your mail?
"zealotry in anti-spam policy"
Sounds he wanted to say something else, which would involve Godwin's law.
From: State District Judge Bonnie Sudder jbsudder@state.texas.us
To: legal@aol.com; abuse@aol.com
Subject: AOL, Save Thousands in Under One Minute! Quickest Quote!
Dear AOL,
This is your chance to opt-out of a completely unique program! You May Be Closer (Maybe Hours Away) To Financial Punishments than you think...
* 100% Safe To Take, With Abosultely No Side Effects
* Totally confidential, no one needs to know!
One minute you call for vigilante spam fighting and wish every ISP would blackhole any spam host.
But now you side with closet spammers when the nations biggest ISP tries to shut down the spammers.
Try being consistent at least!
If spam isn't getting to AOL users anymore that means spamming is that much less profitable and so there will be less spammers. It's just common sense.
Block and bounce all AOL senders with the same result codes. AOL users will complain so much to their phone support AOL will change their ways.
I like AOL's inability to read email about how they are blocking legitimate emails from people. One of the things AOL is doing is blocking anyone with a Business Class DSL line from SBC and runs their own mail server and calling them residential or telling them that they need to use AOL's servers. I changed some of the email addresses so you could see an actual dialogue between me and AOL's abuse group. I have more, but those would just make you laugh. You should have heard the phone calls.
>I would like to be able to receive email
-----Original Message-----
From: Road Runner Security [WMH] [mailto:spamblock@security.rr.com]
Sent: Friday, August 22, 2003 11:39 AM
To: blah
Subject: Re: Blocked domain
Hell,
You must use RR's SMTP server from your residential account.
RR Security
At 06:35 PM 8/21/2003 -0500, you wrote:
>I am trying to receive email from a doctor using the following domain blah.com and the mail is being
>bounced back to them. Every time they send email to me they receive a
>message saying:
>
>The following recipient(s) could not be reached:
>
> 'me@austin.rr.com' on 8/20/2003 11:50 AM
>
> You do not have permission to send to this recipient. For
> assistance, contact your system administrator.
>
> rr.com_Residential_Range - See
> http://security.rr.com/residential.htm>
>
>
>
>from them and would appreciate it if you would lift their name from your
>blacklist. I seriously doubt an doctor's office is going to
>be spamming anytime and they do have a business need to email Road Runner
>users.
>
>
>
>
>
>Thanks,
>
>
>
>me
patience is a virtue... anger is a gift
I use postfix on a mailserver with a dynamic dns IP service and AOL is blocking the whole range for this dynamic dns service provider.
Anti-spam zealotry is a good thing
A good friend of mine is no longer able to send her regular op-ed piece to AOLers due to anti-spam zealotry. She can't reply to her subscribers when they write and ask why she's stopped sending it. She's even blocked from emailing AOL tech support to ask why she's blocked in the first place.
Arbitrarily cutting off an entire ISP with the inexplicable finality AOL has shown towards several ISPs isn't making the world a better or more spam-free place.
Repeat after me: arrogant zealotry is a bad thing, and we could use less of it.
"Stop throwing the Constitution in my face, it's just a goddamned piece of paper!" - George W. Bush Nov. 2005
No one should require me to carry your traffic. If AOL doesn't wish to carry someone elses traffic who should make them? How AOL runs their servers is their business. No one should be able to require a shared hosting provider to not provide services to spammers either. I used to be hosted at a provider who hosted spammers. When I found out I asked them if they were planning on removing the spammers, they said no, i moved hosting providers.
2 years ago I got ICQ-spam which promoted CI Host..
Sometimes victims aren't the intended targets.
Hmm. I personally hate the idea of contributory infringement, i.e. holding an ISP liable for the copyright infringement of a client, and this would be somewhat like that. But maybe ISPs should be liable for the spammings of a client (foolish consistency is the hobgoblin of little minds). Have statutory damages (say, $10 per email) and hold the ISP liable for that amount, for each spam email sent from its servers (payable to the recipient of the email). This will give all ISPs a financial incentive to do more than sign up everyone with a credit card number and maybe kick off people who are reported to be spammers. They need to be more proactive (of course the ISP could sue the spammer for indemnity to cover the cost of the tens of millions of dollars the ISP had to pay due to the millions of spams the former customer/spammer sent out through its servers). Spammer can't afford to pay? Time to create special spammer debtor-prison.
Stupid people make stupid things profitable.
You see, there's this thing called the "Internet" where anyone can put a "webpage" up and publish anything they want. AND! anyone who can connect to the "Internet" is able to go to that page and read it.
It's like a revolution in personal publishing!
I mean really, this could easily be levied against anyone blocking spam in that case. If its their servers and their bandwidth and you're violating their terms of service, I don't see why they HAVE to deliver email or anything else. Heck MSN is effectively blocking linux with the way they respond to search results through their search engines and you couldn't bring a court case against them about that. If CI Host (which really DOES suck and consists of mostly spam and porn hosts)) can't contain their customers - why would AOL be liable if they choose to protect their systems? Last I heard the laws about Cybertresspass (the very laws AOL used to sue spammers - denial of chattel) were in AOL's favor - not CI Hosts'.
Honestly guys.. I worked as an Assistant Administrator for an ISP in Michigan. AOL's block list is not that bad. I had a very aggressive list of spam. We actively sent letters to our users telling them to forward us spam, and if legit spam, we added the address to our spam filter. The ONLY ISP that ever affected us by blocking us, was MSN, when MSN.com and Hotmail.com blocked our ISP when their software was messing up. We got our domain unblocked and everything was fine. I support Aggressive blocklists.
AOL blocks sites with SMTP banner, that doesnt match
RDNS. Its likely the cause of the block.
$ telnet 63.249.159.33 25
Trying 63.249.159.33...
Connected to cihost.com.
Escape character is '^]'.
220 cassiopeia.propagation.net ESMTP Sendmail 8.11.6/8.11.6; Mon, 25 Aug 2003 20:05:09 -0500
Among other petty annoyances, AOL is incorrectly refusing connections from blacklisted hosts, as follows:
According to RFC 821 (sections 4.3 and 4.2.2), the server can respond to new connections in with a 220 ("let's dance") or a 421 ("go away, I have a headache") response. Not a 554 ("you're lousy in bed") code. Among other things, the manner in which they reject mail from residential IPs causes it to languish in the queue, rather than bouncing as it should if they intend to permanently refuse delivery.
I'm sure they do this intentionally so that it will look like your mail server is at fault ("sorry, couldn't get through") rather than theirs ("buzz off, I don't like your IP address").
C I was blocked starting on August 12th, and the temporary restraining order was issued August 21st. How come Red Hat or IBM or any other interested party can't act with such celerity in getting SCO to close its trap?
Hammer time.
That was classic intercourse!
For those thinking that CIHost sounds like some insane overlitigous company that tries to use lawsuits to make its profit... You're right. :)
:) You can play with the search and creative misspellings, and you'll find a lot of posts about them.
I spend some time at WebHostingTalk.com (a huge forum site for web hosting), and they have a horrible reputation. Actually, you can't search for "CIHost" -- it's banned, apparently due to WHT itself being threatened with legal actions because of posts about CIHost in the forums. But I've read some posts about "See Eye Host" and such.
________________________________________________
suwain_2
Last week, AOL was blocking mail from pacbell.net, which serves many of the DSL users in California. This is a recurring problem that I have to deal with every few weeks.
Okay, so this is slightly off-topic... sue me (har, har!). Where have all of you Post-CI Host-nameserver-disaster refugees ended up? I'm looking for a dedicated server with minimal management included. It's just a personal box, no serious traffic to/from it. I'm currently shocked if it breaks 2kb/s average over the course of a day.
The catch, however, is that their tech support people must, if not already posessing it, have ready access to a clue dispenser. The on-call admins at CI Host didn't even know how to run fsck when my box needed it last year, and it hasn't gotten much better since. Any recommendations for a cheapish dedicated Linux or FreeBSD provider? (Eek! I mentioned both! Am I required to flame myself now?)
* Posted anonymously to prevent my server from having any more "power problems".
CI Host has spammers? I seem to recall it's against their AUP. I've got a couple sites hosted there (and have been there for a couple years now), never had a problem with them as some have said.
Honestly - I hate them, I hate AOL. I despise them. They disgust me. I'm going to have to punish my fingers for typing the last sentance of this post. I'll prolly stick them in boiling oil till my bones cook.
Gah.
AOL can block whomever they want to with no repurcussions, they own the portal.
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
I hope they win this one. First of all, CI Host are a bunch of f$cking spambags. Second of all, it'll be a dark day when a court forces someone to carry unwanted traffic. AOL owns their own network. AOL can decide who they want or don't want to accept mail from, for whatever reason AOL wants. If AOL customers don't like AOL's decision, they'll leave, and AOL will lose in the market. Oddly enough, only spammers seem to have any trouble grasping the fact that a network owner can restrict what flows over said network for any reason at all.
Free advice to CI Host: Your legal action has just landed you permanently on hundreds of private blocklists. I know of at least 5. You and your customers now going to have a lot more trouble getting your mail deliverd to many more places than AOL. Find a new line of work because no netblock you are associated with will ever be useful for email, which you indicate to be your main line of business in your lawsuit. Cut your losses and get off the net now. Sell your equipment on eBay. Sell your netblocks back to ARIN. Do something productive. You'll be happier if you avoid the world of frustration you just entered. Just unplug instead.
.sig: file not found
So, given that their users have signed up consenting to this, the only people who can legitimately be pissed, are third parties - who have no right to use AOL's network at all.
nutter.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
I find this a frightening attitude. Often it is the least desirable who need the most protection of the law. In other words: What value is a legal system that defends only the popular and righteous? After all, if you're popular, you're not going to need defending. A true civilization defends the weak, the unpopular, the undesirable, and yes, even the unsavory.
All that should matter here is the merits of the case. Your experience with CI Host might lead you to believe that they're playing fast-and-loose, and maybe that'd be right. We can agree that a slimy company shouldn't be rewarded for slimy actions.
If their beef with AOL is legitimate -- and heaven knows, I'm not fit to judge that -- but if it is, then of course they deserve whatever relief the court can offer. And of course, it's the court's role to make that determination.
I'll defend anyone who legitimately needs it -- past behavior notwithstanding. We all should.
The Mongrel Dogs Who Teach
I have never been a fan of AOL's but in this case I agree with them 100%. SPAM is a waste of an ISP's resources and money in this case AOL's. They do not have an obligation to allow anyone to send e-mail to their customers, particularly not spammers. In fact I think that especially because their service is marketed to inexperienced Internet users they have an obligation to protect their customers from unwanted e-mail.
My 10 year old daughter's e-mail is protected by a white list. If you are not on her list your mail will not get through -- period. Please, sue me for filtering her e-mail. Judge, jury, these spammers, in the name of free speech and their right to do business want to solicit my daughter to buy their latest video tape of lesbian midgets using dildos.
My wife and I use Bayesian filters if it looks like spam it doesn't get to us. (See above)
Spammers would have everyone believe that they have some sort of right to spam - they don't.
It's about permission, not content. Whether you are raising money to cure cancer or selling Viagra, if you don't have my permission to send e-mail to me, it won't get through.
Spammers have tried to position it as their right to free speech, its not free speech when I have to pay for what you send. They have tried to position it as their right to do business, there is no such right, I am under no obligation to pay for your marketing.
I work for an ISP (holding the name for obvious reasons). We recently had a customer abuse our AUP by sending 3,000+ unsolicited emails with attachments to AOL customers in just one week (total emails reached ~18,000). AOL in turn blocked any and every email with attachments from our domain indefinitely. Our legal team is now trying to resolve this issue with them. Even though emails without attachments go through fine, it has become a huge inconvience for many our customers. I don't understand why they did not block the specific account only instead of our domain. The following is the rejection notice we receive when sending emails with attachments to *@aol.com: > ----- The following addresses had permanent fatal errors ----- > > > ----- Transcript of session follows ----- > ... while talking to mailin-02.mx.aol.com.:
> ... while talking to mailin-03.mx.aol.com.:
> >>> QUIT
When someone gives you their AOL address, tell them to get a real e-mail address from a real ISP.
It was already tried with CompuServe vs Cyberpromotions where the judge ruled that a server/admin has the right to block any traffic or spam/email/connections from accessing theirs.
/dev/null who works at abuse@ . No morals whatsoever.
CI HOST is a notorious spamhaven and I would love to show that CI HOST is indeed tolerant of their spamming customers and do jack about booting or disconnecting them. They have
IF they dont' want to play nice on the net, then they will be delgated to the corner until they do. Or suffer the interne equivalent of a death sentence; be happy in your intranet CI Host. You haven't been allowed on my networks for the last 2 years; think this lawsuit is gonna help ya much?
What he didn't mention, is the address listed as his office is probably a little old lady in Tampa, who doesn't even have a computer. But in his real office (basement of the guy he met in prison on the carjacking charge), there are 8 computers. 1 workstation, and 7 mailservers.
I've been a happy CI Host customer for almost two years. My domain gets very little traffic, but the few times I've had to call for support, they've been quick and very helpful.
AOL needs this law asap.
Political speech and Commercial speech are different!
:)
Also, while people have certain expectations in a court room, they'd be be well advised to use a different set when in the street.
One more thing, people who make their parasitic living by preying on the ignorance and insecurity of others should just be shot in the head and tossed in a ditch. Sure, it'd be a bloody few years, but ultimately no one would be missed, every day would be sunny.
Buy Steampunk Clothing Online!
The behavior you describe proves their case. Blocking spam is one thing, blocking legitimate email to interfere with a customer relationship, or to harrass customers is another.
I know it's supposed to be easy to forge a "from" address in the header of an e-mail. This is a favorite spammer trick.
Would one of you folks enlighten me on whether it's possible to easily forge or otherwise disguise a "bcc" or other portion of the "to" section?
I operate a website (hosted by a third party provider) that's been hammered this past week by someone who vainly hopes to exploit Formmail. He takes an unseemly interest in the cgi-bin and cgi-sys directories and is cheeky enough to blind-copy an e-mail address at AOL with the results.
He won't get anywhere because I haven't got Formmail installed, but he is as aggravating as hell, and not a little scary.
AOL's attitude is that if he is indeed one of their subscribers, he's entitled to their protection, and they won't lift a finger no matter what he's doing or who he's injuring. In other words, if you've got a commercial site and it's third-party hosted, you're fair game for any of their bad kids who wish to harm you, forge your domain name, or whatever, under the guise and protection of AOL. I was told this at about 5:30 p.m. today by one of their "customer service" representatives.
Before I talked to them, I was primarily annoyed. Now I'm really angry. I'd like to enhance my knowledge about this as I consider what to do. Knowledge is power; it's just sometimes difficult to acquire adequate knowledge while you've got so much else to do.
Thanks!
Anne
DUCT TAPE: The Election Supervisors' Secret Weapon
You're citing an out-of-date RFC. 821 was superseded by RFC 2821, which makes it clear that 554 is a valid connection-opening response, to indicate that mail service is not available. (Indeed, 2821 spells out two codes for use at connection establishment -- 220 to accept, or 554 to reject access.) AOL is correctly using 554 to indicate that it will not provide mail service to your IP address.
A 4xx code would be improper in this case. 4xx codes indicate temporary failures. They mean that the client should queue its messages and retry them later, rather than returning a bounce message to the sender. That's not what is intended here -- the server doesn't want you to retry, it wants you to not try. A 5xx error code is correct.
EarthLink's new challenge-response system continues to kick ass. :)
I received this yesterday - To my surprise it appears that Roadrunner neither advised their customers that such a thing was about to happen, nor do they provide an opt-out mechanism. (reason: 550 5.7.1 Mail Refused - dsl.snfc21.pacbell.net_Residential_Range - See http://security.rr.com/residential.htm - 030813d)
Are the people here who say that AOL has the right to do what they like with their own network the same people oppsed to telcom deregulation? If so, you're a hypocrite.
There's a difference between a user blocking email and an ISP. Please, tell me you realize the difference between USERS and ISPs. Do you really want the internet to become this big wasteland and firewalls and obstacles and general closed-ness? By taking this kind of control over the (supposedly free and open) INTERNET you destroy what makes it so fuckin great.
Don't fall for this bullshit about spam. They shouldn't be blocking ANY legitimate emails, it's that simple. Blocking an entire domain is wrong and just plain bad for the internet, especially when the blocking is arbitrary.
Now, the end users (such as your dad) definitely have the option to switch providers
/28 is being used for spamming.
This is what you blacklist zealots (read: SPEWS junkies) just don't get -- many of us do NOT have a choice to move from our current service provider, for all intents and purposes. If you have more than just an extremely simple network, moving from one colo to another is a hugely expensive project, both in terms of time AND money.
You are shifting the burden of spam from you to me, when we should be shifting the burden to the spammer by blocking THE SPAMMER. Not LEGITIMATE COMPANIES.
It is one thing to block IP addresses that spammers are using. It is quite another to block an entire class C just because one
The collateral damage argument is bullshit. If you sign a colo agreement with a company, even if you wanted to expend the time and money to move your (otherwise working) network to a different provider, YOU WILL GET SCREWED OUT OF MONEY by the contract.
Sorry for the rant, but you pathetic assholes at SPEWS and similar blacklists deserve a taste of your own medicine. I eagerly await the day you get your just desserts!
Yeah, because AOL is a company about standards.
This is where you realize that was sarcastic.
Never having heard of them, I looked on Google Groups.
Maybe AOL users don't want to become Millionaire Traders, join the Big Money Downline Club, or read a free $3600 Money Game Report.
There seems to be a lot of sightings on news.admin.net-abuse.sightings of SPAM sent by CI Host to advertise their services.
There are 2 kinds of people in this world: Those who write in decimal and those who don't
So you jump from one raging fire into another? Does anyone know the meaning of RESEARCHING your hosts prior to signing a contract with them?
Spamhaus.org - Rackspace.com listings
Google archived
The FTC brought an antitrust complaint against a company (can't remember which one at the moment) in the 70's (I think). In that case, the target company had around 65% of the market, and it was ruled that that was insuffecient to be a monopoly. In this case, I don't think AOL has anywhere near 65%. 30 million customers (what AOL claims to have, but they were recently accused of inflating that) is small compared to the number of ISP subscribers; laughably so to be called a monopoly
To make laws that man cannot, and will not obey, serves to bring all law into contempt.
--E.C. Stanton
AOL has not guaranteed delivery of email to it's servers (see the terns and conditions for SMS).
They will not have guaranteed delivery of emails to others servers.
At best you may be able to get a refund through threatening them with false advertising (if and only if they made or reasonably implied a service that they did not fulfill).
Legally there is nothing wrong with a ping only ISP as long as it is not misrepresented to the potential customers.
Q.
Insert Signature Here
One of our TD guys posted the following:
We just finished a conversation with staff from AOL's postmaster team. We have an agreement, but it may or may not be satisfactory to users.
First, let me say what they are doing. They have a button on their mail software that lets users report email as spam. They check to see the host
from which AOL got the mail, i.e. the previous hop. In principle, if they get a significant number of complaints for any given host, they refuse to accept mail from it. In practice, there is sometimes human review, although they don't guarantee to do that. In practice, they will often alert abuse@rutgers.edu before cutting off mail, although they don't promise to do that either. They will, however, allow us to give them a list of our major MTA's, and exempt that list. What we believe they will do reliably is notify us after the fact when they have cut an IP address off. We will dispatch those reports to the liaison.
They should have most of the major MTA's by now. However we don't have a complete list of all MTA's on campus, so it is certainly possible that in
the future some might be cut off. If that happens, we will find out about it after the fact. In some cases, the abuse staff may recognize it as an
MTA, and ask them to add it to the list. However we won't always know the way departments use systems, and thus cases might occur where we would have to depend upon responses from the system administrator.
Note that in principle they could remove systems that send announcements to the user community, if users report the messages from the President or
other official email as spam. They regard the customers as right, and accept their definition of spam. In practice, that system will be on the
list of MTA's. For the moment they look OK.
There are some systems that were on earlier lists that we have been unable to understand. In one case we verified that they had no forwarding entries pointing to AOL. The system itself is not an open relay, and being Solaris, would not have been contaminated by Sobig. In the discussion today, it didn't seem possible to develop an understanding of what had led to these systems being considered problematical. However those systems are MTA's, and should not be cut off in the future.
They have offered to send us all email from any Rutgers host that users report as spam, so we can review it and try to forestall any problems.
Since this is in the thousands per day during periods when problems are occuring, we are not currently taking them up on this. In the opinion of our staff, if AOL can't afford the staff time to do intelligent review of their own users' reports, we can't do that job for them.
In this situation, I recommend that no system administrator use AOL for email, since we need to make sure we can contact sysadmins no matter what
decisions AOL might have made. Other uses with critical need for mail connectivity might want to do the same. Also, it might be useful for users
to understand that they should be careful about reporting as spam mail that comes through Rutgers.
-- Is "Sig" copyrighted by www.sig.com?
I'm with RackSpace too. They've been great, from a technical standpoint; When I had hardware problems with my server they got it fixed, quickly, on a Sunday. I've *never* had a service outage. Therefore, I'm really sorry that I'll be having to leave them soon due to their utter lack of enforcement of their spam AUP.
Hello,
Can you expand on this? We are currently evaluating rackspace, and from a technical standpoint they sound unbelievably awesome. Lately though we are worried about blacklisting of our rackspace IP's due to the crazy way some of these blacklists operate.
At this point we have RackSpace's undivided attention, as we decide whether or not to start dropping $4000 a month with them. We would like to press them on this issue, so I am interested in hearing from you and others.
I am interested in hearing exactly how they are not enforcing their AUP? Do you have proof of this that we could bring to them to discuss? Or is this just "what you hear" from usenet, because we've seen postings there complaining about rackspace, but also followups from rackspace in NANAE showing spammers that have been removed.
In what way have you been affected by all this?
When we have pressed them on this issue just recently, they claim that they were not on top of things in the past, but in the last year have been making great strides, and working with blacklist companies to get taken off the lists by enforcing their must stricter AUP.
Thanks!
Today's Monday. Is Monday a 1 or a 0?
Monday is definately a zero.
Over the past week, AOL has been blocking SMTP from most of our network, and it has caused a LOT of problems. As with any ISP or Hosting provider, you will get problematic users (spammers). These people are scum, we hate them just as /. users hate them. The abuse policy is pretty strict, plus we have a bunch of anti-spam techniques in place (such as a 20 recipient limit in sendmail.cf for shared servers), and things like that, but it's not going to stop some jerk from getting a dedicated server and flooding the world with mail. They're caught pretty quickly and terminiated (and we now subscribe to spamcop's RBL for blocking).
ANYWAY - now that I'm far off subject, let me get back to AOL. We tried calling AOL plenty of times and were hung up on repeatedly. So as a temp workaround, we made a server specifically for relaying mail to AOL. All the servers would relay all mail through it, and when it detected it was blocked, it would change it's base IP and keep on going. Kinda sneaky but a lot of people send email to aol users, and regular good-hearted customers call much more than spammers, so we had to do something. It's always fun listening to a spammer bleed his/her heart out, wanting you to turn them back on...
CI Host has a lot of great people working there. Sometimes the views/decisions of upper management don't make a lot of sense. Such as spamming users to switch service to CI. But I'll shut up before I see an Employee Update email and my badge stops working.
They're plenty helpful until you have an actual problem that requires real effort on their part to fix. Then they refuse to talk to you. My rant on my attempt to get a 1Mbit line installed is posted at
The Rabbit Hole
under August 7th. As a result of their stupidity and with-holding information that was necessary in my decision for the second line to begin with (if I had known I couldn't get 1Mbit I would have canceled the entire order) I'm giving them the finger and going with Cox digital cable for my internet connection and moving my web-server to colo with my ISP which is very helpful even when problems are not so small.
There's always "good company" "evil company" stories because it depends on the problems you have. I had no real opinion of Qwest after using them for nearly 3 years until I tried to get the 1Mbit line. Now I'll go out of my way to not use them for anything. I understand that big problems happen occasionally and I have no issue with that. But I refuse to deal with a company that can't handle those big problems in a professional manner.
I'd hate to be a Qwest customer the next time a big problem comes up and so I'm going to make sure I'm not.
Ben
Work Safe Porn
You can configure your MTA any way you like, but it won't do a damn thing to get you out of AOL's blackhole. You're stuck either using your ISP's mail server - if they provide one ["business class" service often presumes you're going to be running your own MTA, seeing as how unfiltered port 25 ingress is frequently a selling point] - or mail2web.com. It sucks, because you're paying through the nose for your business connection but you can't make proper use of it, because the line comes from an ISP who also does residential service.
Advertisers or spammers, these morons ignore the fact that NO ONE is obligated to carry their traffic it there is a reason to believe that it is not legit.
I drop that kind of traffic on the floor. They're welcome to TRY to collect. I guarantee they won't like my legal retalliation..
"Oh my God. This is terrible. This is the end of my Presidency. I'm fucked."; ~ Donald J. Trump
Your days are numbered? ;-)
http://jesus.everdense.com/
Hey, here's a thought.... maybe the separate individuals of the quarter-million slashdot readers have coherent opinions within themselves, but the contradictory opinions are being posted by *gasp* different people.
Shocking thought... pure madness, I know. Who could even suggest that a couple hundred thousand people who happen to read the same news site could possibly form separate, differing views about world events? (Answer: Me, sarcastically.)
But no, I like your thinking better. Every single reader of slashdot is part of a single unified Borg-collective consciousness. Unfortunately, that single consciousness is schizophrenic and can't agree with itself on any significant issue, and the resulting logic error will cause a catastrophic system failure.
I might have modded your nonsense up as "Funny", but nobody did that. It's 100% "Insightful" so far. How can this be?? Unless... you were actually trying to be serious with that post. (!) How disturbing...
Sometimes the best solution to morale problems is just to fire all the unhappy people.
MArtyn S is a spammer.
To him making money selling fake viagra to old geezers on AOL is what makes the internet great.
Well let me say fuck you mr. spammer.
This week alone I have had to work on 3 boxes that had AOL on them and all were a huge pain in the ass. Anytime AOL has a legal problem I can only hope that someone sues them into oblivion and I will never have to see a stupid interface like that again.
**** END NASTY AOL RANT ****
Stay tuned for new sig...
MArtyn S is a well known spammer.
He has admitted sending at as many as 500,000 spam emails in one day.
He says he makes between 500-2000 dollars a week.
As you can see this policy is making him very angry, If it's making no job SpamKings angry then you know the policy is working!
Their server, their rules. They have every right to block traffic from anyone they wish, just as clueless Timothy does or cihost does.
This is such a damned no-brainer....
So now the only way to send email to AOL is to use a server that is Echelon monitored?
Isn't it bad enough that most people in the world use AOL or Hotmail, Yahoo or another major email providor with large wedges of mistrust hanging round their necks?
I see a solution to this as being for everyone with the ability to do so, giving everyone they knwo with AOL an account on their server. Remember quotas, and make sure your server is secure, get your IP blocking fingers ready and lets peer2peer email!
Its our internet, why let AOL and MS and all those big guys tell us how to use it?
Do not meddle in the affairs of geeks for they are subtle and quick to anger
Not being an AOL luser, I wouldn't know, but I'd be shocked if the contract didn't have language that nixed consequential damages (ie, I lost a business deal because by email got blocked).
-Looking for a job as a materials chemist or multivariat
What if you look at it from a slightly different angle? AOL is abusing its place in the market by trying to indirectly regulate Internet communications and by that mean deserves a slap on the wrist like any other monopoly.
People on AOL expect to receive "Internet" email. And that's what's being advertised. How do you explain that the reason why they didn't receive an invoice from your website is because their provider went a bit berserk on the filtering?
For God's sake, if they want a private network, let them do it. But they should clearly advertise that their version of email is not the same one everybody else uses.
AOL's spam hypocracy really is anti-competitive behavior. Blocking mail from all hosting vendors is rude. When I got a cheap dial up account, mail to my own mom got blocked. It made me very angry as I'd done nothing wrong and my ISP had just as rigourous an anti-spam policy as anyone. When they threatened to blacklist my Cable provider, Cox, unless Cox blocked outbound port 25 except through their own SMTP server, I saw it as raw predatory practice. There's got to be a better way to stop spam from broken M$ boxes than reducing everyone's service to the limits of M$ Windoze on a dial up account. I hope CI host can show that their record is just as good or better than any ISP's and clean AOL's clock.
Friends don't help friends install M$ junk.
I have a personal blog domain that I use to keep my family and friends updated about my life. Since I have moved alot it has been a great way of keeping open the lines of communication. However, recently, AOL has stopped letting my updates reach my 2 Aunts in Mass. And it is pretty annoying. I appreciate the fact that AOL is trying to cut down on SPAM - but damn! Gimme a break - let me SPAM their server first before they ban my domain. I only send about 2 emails a month (one to each aunt) to their servers.. Seems like AOL spent more effort blocking me than I did emailing their pop servers.
Because I sure as hell block any mail originating from their cesspool of an IP range.
Whenever the offence inspires less horror than the punishment, the rigour of penal law is obliged to give way...
One click and your there, what a joke. I love the MSN tv adds about how much better their service is.
My favourite trick is to walk up to a brain dead windows users computer when they are not around and do ctrl-a then enter. An old windows 98se desktop with 30-40 short cuts all starting up at once it is a hoot to watch! I got kicked out of a few computer stores that do not lock their desktops for doing it......what a riot, I just use to tell the pimple faced sales kid "I don't know what happened I pressed some keys and thats what happened!" Ah the good old days.
OH THE SHAME I fell off the wagon and use sigs again!
There is no arbitrary about it. If the ISP hosts spammers and refuses to take them offline, then that ISP gets to experience the "financial incentive". This is because they are using "financial incentive" to host spammers. Since spamming steals resources even when the spammer is blocked (all that spam checking still has to be done), the necessary solution is for the ISPs that host spammers to terminate their services. Anyone who pays money to an ISP that continues to host these spammers is part of the problem in an indirect way. If those people would leave that bad ISP and switch to a good ISP, eventually the ISPs that host spammers would either have only spammers as customers, or would go out of business, or would realize their huge mistake and take some action to get rid of the spammers.
And yes, I do have the entirety of CIHOST and a few other ISPs blocked at my own network.
now we need to go OSS in diesel cars
Umm... If a preliminary injunction was won by CIHost last Friday, shouldn't AOL have at least reviewed the suit even if they didn't wish to represent themselves in court?
I AM, therefore I THINK!
If that's so, then AOL is like a crack whore, acting incoherent, making no sense and mindlessly harming innocent people to gratify themselves.
Don't confuse that with me approving in any way of their incompetance... they are two comlpetely seperate issues.
What makes you think they don't want to run off independent hosters so that they can rule the market themselves? Sounds like using your muscle in one market to lever yourself into another market. They are not competing on quality of service, they are simply throwing their weight around. That's predatory behavior of a kind they have been warned not to commit.
It's you who needs to seperate your issues. If CI Host is not really any worse than any other ISP for generating spam, then AOL is simply deviding up the network for their own good. Then it's not a case of blocking a known spammer, it's a case of blocking a competitor. This does not even take into accont that the network is a public place and that if AOL would attach itself to it and proffit, they must abide by common ground rules.
ISPs need to get at the root of the problem rather than punish innocent people. I consider all large ISPs big spammers because they largly cater to Windoze boxes that get owned 7 ways till sunday and spam all day long, regardless of how slow their connection. ISPs that tollerate that kind of shit, or even promote it with Windoze only client software, are bad citizens of the net. AOL, M$N, and most large ISPs are all guilty of this kind of irresponsible behavior. It's time for a change that's not making everyone's connection to the web equivalent to a Windoze95 dial up account.
Friends don't help friends install M$ junk.
As opposed to those astroturfing AC's wondering about astroturfing ?
Log in, CmdrTaco. We all know you want to ban AC posts anyway. Just admitt it out loud.
Historically, AOL has viewed itself as an entertainment company. The AOL muckity mucks cared about the big business deals, the marketing drive that will change the world, etc. The media mogul in Barton Fink is an example of the style of executive that ran the show during the height of the dot.com bubble.
But AOL Email Operations was just another overworked technical dept. The email application didn't bring in any revenue directly. Also, it was an overhead application that couldn't be cleanly assigned into one of the Balkanized divisions at AOL. For years, it had little marketing and little development effort applied to it. Buying Netscape for $4 billion dollars got lots of attention, upgrading the pre-internet AOL email infrastructure didn't.
The top level AOL exec's heard about spam complaints, but they heard lots of complaints about lots of things. Nothing was catching on fire and exploding in email so they assumed it must not have been that bad.
Another reason why AOL business exec's tended to ignore the techies. Keep in mind that hardcore techies had spent years vehemently ragging on AOL. Inspite of that, AOL became a major business success (well, at least for a few years). So whenever an internet purist gave a lecture on how things were supposed to be done, it triggered a gut level hostile response with many exec's at AOL.
So the result of all of this is, for the past several years, there were only background projects for fighting spam (and handling ISP complaints). Current problems are a result of that legacy.
But I think things might be changing. Remember AOL tried to takeover Time Warner? Well Time Warner has essentially staged a reverse coup and kicked out all the "deal junkies" at AOL. I think the Time Warner folks are pushing a much more back to basics approach for business deals, financial accounting, and for the AOL online service.
The upcoming AOL 9.0 release is supposed to be a lot better at spam fighting (although I haven't tried it much yet).
I hope that the new exec's really are making spam fighting a strategic priority (which I think they might be). If so, you should see real results in a year or two. Including, hopefully, a lot less false positives for spam (where positive really means negative delivery of mail, whatever) and much higher levels of support for email delivery complaints.
Ben in DC
"It's the mark of an educated mind to be moved by statistics" Oscar Wilde
AOL owns all their equipment, and they're paying the (no doubt substantial) monthly bills for electricity, bandwidth, etc. They have absolute authority to operate their stuff any way they choose. If they want to block mail from some other ISP because they don't like the color of the admin's car, well... they can do it. That's the way the Internet, as a whole, operates.
Now, with that said... If they start losing customers because of their blocking policies, I'll wager that they'll rethink said policies in a big hurry.
Now, with all THAT said... I've done a little research. It seems that AOL's accusations that CIHost is a spammer are not entirely unfounded. From what I found, it seems they were spamming their own hosting services less than a year ago. More recently, around the beginning of July, it appears that they provided spam support services.
There are numerous other instances, dating from 2000-2002, from the Google Groups search for the group news.admin.net-abuse.email. In short, it would appear that CIHost, while the number of recent reports seems to have slacked off, may still not be completely free of spammer infestation themselves.
They would be very wise to clean their own house before they start yelling "Foul!" about other ISPs doing nothing more than exercising their private property rights.
Bruce Lane, KC7GR,
Blue Feather Technologies
Yes, they have tightened their policies...
If enough users report messages coming from a host as spam the automated AOL system takes over...
First it checks if the reverse DNS for the host is correct. If not, you go right on to the blocked list.
If your reverse DNS is correct they supposedly contact you and ask you to stop spamming. If you don't, they block you.
The blocks usually last a week and according to AOL Postmaster staff, cannot be overridden.
My only difficulty with this is that you can get on the list for one user abusing your system, even in one day and then be stuck without a connection to AOL for over a week.
The engineers there told us that the new policies (as few as a handful of spam reports can trigger this action) had produced TONS of complaints and requests to be removed from the blocks, thus slowing the process even more.
RateVegas.com - Vegas Reviews
I bought some recreational space from CI Host for several years, suffered through their downtime debacles, and had a hell of a time getting them to shut off their automatic billing when I finally gave up on them. Their customer service was very hard to get a response from and quite rude once I finally did get a response. They also made sure that they made my domain name transfer as inconvenient as possible. I'm shocked that they're still in business.
Spam is bad, anti-spam zealotry is worse.
Sure there is. After all, many of the spammers who use these open proxies are being tracked down and documented in ROKSO, part of the Spamhaus Project. However, this tracking does require using resources other than just header analysis and traceroute.
The investigators use methods more akin to a private detective's or law office's methods than to a network administrator's. For instance, they follow the money. The majority of spam messages are trying to sell something, so they need an avenue to collect payments. Or they use public records: many spam messages flog Web sites, which may well have spurious whois contact information, but are registered in the name of a legally-established corporation or LLC. (Spammers incorporate for the same reason anyone else does: when they get sued, it protects their personal assets.) In this case, the investigators can go to the state corporations records. These are public records, which list the officers of the corporation -- in other words, the spammers.
Take a look at the ROKSO records for any major spammer, like Eddy Marin or Ronnie Scelson. ROKSO records are compiled entirely from public information -- corporate records, legal filings, domain registrations, and so forth. They also represent a tremendous amount of work on the part of Steve Linford, Shiksaa, and other investigators. Tracking spammers is not necessarily something you can do from your xterm, but it is possible, and it is being done.
I hate to be the one to say this but I think AOL has this right. As an owner of a network, internal or etc. I have the right to block any content I wish, even if my motive are questionable, if aol was to loose this case, which I don't see how they could, it would set a dangerous precident for any network owner, administrator, or provider.
I hope the third little piggy got mad cow - ^_^
...for, as Timothy himself says, "anything which slows down spam can only be a good thing."0 3/08/25/0 024204&mode=nested&tid=111&tid=126&tid=95)
(http://yro.slashdot.org/article.pl?sid=
Maybe there are things that slow down spam that are not good?
-Lars
All I know is that CI Host is a worthless hate spreading worm garden. My host, OC Hosting (ochosting.com), bless their souls they are such wonderfull people to be a client of, has had trouble with CI Host in the past.
About a year ago when OC Hosting pulled out of renting space at CI's data centers, CI told them that they couldn't get in the building even to take their machines out without signing a year contract for the space they used. Because of this I (foreverdreaming.net) and other OC customers could not get our files because CI was holding the servers.
After this I have had a constantly living anamosity for CI that ignighted like a torch when I read this article. I hope AOL wins and finds a way to file a counter-claim and hopefully wipe the worthless hate spreading scum that is CI off the face of this beautiful planet.
haha - for a year I've hated you and now I get a chance to express it in public forum, yay!
> They should have most of the major MTA's by now. However we don't
> have a complete list of all MTA's on campus, so it is certainly
> possible that in the future some might be cut off. If that happens,
> we will find out about it after the fact. In some cases, the abuse
> staff may recognize it as an MTA, and ask them to add it to the list.
You don't have a complete list of all MTA's on campus; not really confidence inspiring. Oh, and while you're at it, can you guys *PLEASE* set your "virus filter machine" 128.6.72.254 (nbcs-av.ruthers.edu) to stop sending "virus notifications" ? Some infected bozo machine on Comcast in New Jersey was spewing Sobig.F all over the place a few days ago, and occasionally forging my email address as the "From:". Any computer-literate person (MCSE's don't count) knows that viruses forge the "From:" header. Yet your system was identifying virus-laden emails and sending me bogus "virus notifications"... until I blocked your domain to protect myself from your harassment. I have a personal domain for my own use, but I can see other people, even ISPs blocking outfits that use dumb auto-mailbombers.
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
The problem is that it's other people deciding what data comes through.
For instance, LiveJournal. Users have found that AOL is blocking HTTP requests through REFERRERs too . Nothing like having a Journal, and then putting a link to your AOL homepage (AOL Journal, etc) on your LJ profile, only to have people blocked when trying to click through (to see it in action, and you don't have referers disabled, go to fadedsanity's profile and click on the website link "p r i n c e s s". You'll get a 404. Now alter the URL (or whatever you have to do to clear the referrer) and reload the page... it works!). Sure, it's understandable to prevent image embedding (though they appear to only be doing it selectively, like with www.livejournal.com, but not ziemkowski.livejournal.com for instance), but hypertext links as well? That's just too much!
The annoying issue is that this will undoubtedly lead to hacks (or even features) to stop sending referers, which will affect website statistics, etc.
Why should the above AOL subscriber not be able to link to her own site? Because other users have marked LiveJournal.com emails as spam? So it isn't just third parties than can be upset; she should be, anybody who wants to access her site through her journal should be, and the third party (LJ) should be.
Wouldn't it have been a lot less problematic to add a custom bayesian filtering system with spam ratings, that runs on the subscriber's system? I'm sure AOL could have designed an interface and methodology for such a system that would be extremely straightforward to users yet much more effective, all without relying on one subscriber to know what another subscriber thinks of another person's messages? Heck, they could have advertised that they have "Smart" email filtering, yadda yadda yadda.
You'd think that a company that has acquired sources of programming creativity like Netscape and WinAmp, would be able to meet the interests of their subscribers and investors much better than they have with this.
How much longer until AOL blocks referers from slashdot?
telnet mailin-01.mx.aol.com 25
Trying 64.12.138.152...
Connected to xn.mx.aol.com.
Escape character is '^]'.
220-rly-xn02.mx.aol.com ESMTP mail_relay_in-xn2.1; Tue, 26 Aug 2003 03:05:06 2000
220-America Online (AOL) and its affiliated companies do not
220- authorize the use of its proprietary computers and computer
220- networks to accept, transmit, or distribute unsolicited bulk
220- e-mail sent from the internet. Effective immediately: AOL
220- may no longer accept connections from IP addresses which
220 have no reverse-DNS (PTR record) assigned.
quit
221 SERVICE CLOSING CHANNEL
I didn't actually try sending anyone a message, but at least my residential dynamic IP address doesn't result in an immediate failure message.
- Anonymous Coward
They are doing what everyone has been asking their ISPs to do for years. Finally doing something serious about SPAM.
It's not just some of CI Host's customers that SPAM, but I have recieved SPAM from CI Host themselves!
That was when I decided to go with Rackspace.
It was not relayed through their servers, but advertising *their services* through their servers, with their address as the return address. I had never heard of them except here on slashdot. Do a search and you'll see they've been posted here alot, but never because their service is great.
"Spammer sues anti-SPAM ISP." - great headline?
From a mail server list I belong to: They are the worlds biggest scum bags. They are SPAMMERS, this is FACT. A quick google is enough to convince anyone. They have been doing this for years. They have been kicked off of every network and network provider there is. Am I too assume they have some how changed their ways? Can I also safely assume that Faulkner is not running the show anymore? I openly welcome a suit from them as I have complained about them for years, and have blocked every network they host on. What CI Host is doing is trying to find a way to make money, and fast. Why? A few years back just before new years they suddenly moved their services to a new provider and created the worlds largest DNS screw up in Internet history. Some of their customers sites were not reachable for 2 weeks or more. They lost 75% of their customer base during that little event because they flat out lied about what really caused the screw up. After that happened they were hit with a huge class action (http://www.evolvedsites.com/cipetition.html). Its almost time for them to pay up on their settlement, so its either go bust or sue AOL or anyone else to find money. I spoke to Chris Faulkner a few years back, he is a dirt bag. I'm thinking of holding contest on eBay to see who will bid the highest to have that scum bag shave a "SPAMMER" on the back of his head. Those who have seen the new PingZine Web Hosting Mag will know what I am talking about. I hope AOL counter sues this dirt bag into oblivion. Back in the early days, Faulkner used to personally email the spam himself. I cannot express enough what a piece of trash this guy is. He is a liar when he says he does not spam. I have a collection of CIHOST spam dating back to 97'. I am no fan of AOL, but I have to agree with their block. We currently have the same blocks in place. For once AOL is doing something I totally agree with.
CI Host is an evil company. I can't stress that enough. How a company that operates in the manner in which they do is allowed to continue is beyond me.
Last year I had an account with HostDepartment, which was working very well for me. One day I was told by a friend that something bad had happened to my site. I looked at it and panicked, CI Host had hijacked HostDepartment's domains or something and were telling everyone that they owed them money and had gone out of business.
HostDepartment are an equally bad company too, steer clear of them. For more information, see the very first news & views article on my website.
If all else fails, get a hotmail account... let the monolith duke it out!
That is quite a good round-up of the multiple issues here.
The one true judgement according to amcguinn follows:
My incoming mail provider is entitled to employ a spam-filtering system that produces false positives, (provided they are not doing it maliciously or in order to harm their competitors,) but I think it is a mistake for them to do so, and I will see it as a reason to look for a new provider.
The only reasonable argument for legal actions against AOL would be on monopoly grounds. I am personally suspicious of anti-trust legislation, but then I am a bit of a Raymondite and therefore patently insane.
HOW-TO: solve this problem
Configure your SMTP server to return @Aol.com address. Explain why you no longer except email from their domain and that as a AOL customer they should complain to their help desk number or postmater.
Why this approach, only the mass refusal to accept email from Aol.com and complaints from AOL customer will stop them from baning email based on source IP address.
I Will Also say, I agree with banning from
1) domain name
2) sender
3) subject
4) content
Hoping postmaster@aol.com review there procedures quickly.
Trying to force an email newsletter through the modern email system is an uphill battle that I think is doomed to failure. However careful and legitimate you are, you're going to take significant losses from spam filtering. It's going to keep on getting worse, and I can't see it ever getting better.
I advise you to plan ahead and adopt different distribution methods. Consider running an NNTP server and advising your clients to subscribe to that.
An interesting new approach would be to use a customised POP3 server that acts more like an NNTP server - i.e. all users get the same set of messages. Unlike NNTP, the server would need to keep track per-user of which messages had been seen, but unlike POP3 servers it would not need to keep copies of each message per user. The advantage of this would be that with many email clients (including Outlook?), the recipient would just need to set up your server as an additional mail account, and would get the mails from you dropped straight into their main inbox, whereas with NNTP it shows up separately. The disadvantage is that, as far as I know, no-one has yet written the server software.
In the long term, I think legitimate bulk mail has to move from a "push" system to a "pull" system, where subscription is handled entirely at the recipient end.
Why the hell won't AOL accept my innocense while blocking them!?
You can't judge a book by the way it wears its hair.
Here's a clue-stick.
Tell your mom (chuckle) to switch from earthlink to another ISP. Earthlink is run by a bunch of wacky Scientologist anyway. There are zillions of local ISP's with national dialing numbers. That's not considered a trick anymore.
Why do you think the government needs to wipe you nose and ass like a 3 months old.
For god's sake, your kind is what's wrong with the world. You're a lazy sob and you burden the rest of us with your laziness.
"Hope you're glad that my dad left you because of your stunts. See you in court."
So your choice is to switch to another provider or litigate... and you choose to litigate? People like you bring down the collective intelligence and common sense of manking.
Its like you think you have some sort of magical rights for AOL to accept your email (clue... nobody is obliged to accept your email), and if they don't meet this magical threshold that only you know about, then you want to involve lawyers.
If you don't see what's wrong with that, then you are destined to always be a clueless numbskull. But I'll bet you don't see what's wrong at all. Much to everyone's detriment.
an over-zealous mailbox that destroys all unwanted CD's
how long until
" This could possibly result in lawsuits from consumers themselves."
Riiiiight.
How stupid do you think you sound saying stuff like this. It beggars the imagination that people like you exist.
It was better when the internet was hard... we didn't have people like you.
P.S. What does the "H" stand for in Jesus's name?
"If my ISP desides to cut off part of the service on purpous then my ISP is liable."
No, they're not. But its no use arguing with you, because you're basically clueless.
So I'll play along with your fantasy for now. In Mr. Cluefuck's world. AOL is "liable".
Okay, for what? For the price of the service! Cograts! And good luck getting that $23 back from AOL! Try not to spend it all in one place.
AOL's recent zealotry in anti-spam policy resulting in the presumption that shared-hosting providers are guilty (of spamming) unless proven innocent.
Well doesn't really matter. Innocent until proven guilty is only for the government not for indivuduals or corporations.
I expect the two litigants will need to sort out the issue of who own's AOL's network? and that depending on the outcome, things could change direction radically.
There seem to be a lot of people on /. (and on the Internet in general) who are opposed to SPAM and ready to support any cause which makes it more difficult for SPAMMers to operate. As such, they applaud AOL's efforts to keep undesirable content out of it's network.
But there also seem to be a lot of people on /. (and on the Internet in general) who support Free Speech, and are appalled when a single company (like AOL) uses the network of computers it owns to build a "gated community"; an Internet where you or I must pay to play.
These two positions are incompatible as currently conceived. Anyone who agrees with both of the above needs to do some soul searching.
If we acknowledge the right of AOL to control how it uses it's own network, then we can applaud when AOL blocks SPAM, but we cannot complain when they start blocking mailing lists, or shutting down p2p sharing, or refusing to allow their subscribers VOIP capability, or block access to web sites. We may eventually find that the only sites with any reasonable connectivity are the ones which can only be accessed through AOL.
Alternately, we could decide that AOL's network services are a type of Common Carrier network, like the airlines and the telephone system. This would mean that AOL could not prevent an AOL customer from subscribing to mailing lists, visiting web sites, or setting up their own web server. But it would also mean that SPAMMers would be guaranted a equal access to your inbox, and your neighbors worm-pool box cannot be legally blocked, so long as the worm abides by the Common Carriage rules.
The thing about things we don't know is we often don't know we don't know them.
True, true. I agree with you completely, what with AOL not being a public service and all that.
I'm willing to bet dollars to donuts that they have words to that effect in their customer contract.
I'm willing to agree with you. I've never read their TOS and I hope I'm never forced to, but I think that one would be hard-pressed to find an AOL-like service that doesn't have a limitation of the company's liability, "you only see what we want you to see while we agree to show it to you" clauses, and "we can/will change this agreement at any time, but only if we feel like it" bits. However, what about the people who don't always read that stuff in its entirety, a group that could be successfully argued is in the majority?
I mean, caveat emptor and all that sort of thing, but isn't there some sort of requirement that the AOL TV spots and promo CDs that you see all over the place accurrately portray the fact that server-side spam filters are in use that prevent mail from reaching the client, and the spam filters in question yield a nonzero number of false positives? Yes, truly intelligent internet users will steer clear of AOL anyway. Yes, real men use Linux. What about my mother-in-law, who expects AOL to "bring the wide world of the inter-web right to the front door"? (I know, I still can't talk sense into her...) Isn't there a responsibility to ensure that the service you talk about in your advertising bears some passing resemblance to the service that I'll get when I give you my credit card number because I liked the "6 million dollar man" knockoff ads?
Sure, it's probably all quite legal because AOL is its own entity, not beholden to G-d or man. Sure, if you believe all that crap about speed and reliability and uptime and how it'll help you score with supermodels, it's your own stupid fault. It's probably perfectly legal, to the extent of my IANAL-level knowledge of such things...but is it ethical?
"Linux doesn't exist. Everyone knows Linux is an unlicensed version of Unix"- Kieren O'Shaughnessy
actually they have plenty of basis. Unfair competitive practices.
The only way to bust a doper--is when you yourself become a smoker!
So, is cihost.com going to sue google.com for archiving reports of their customers spam??
s .a dmin.net-abuse
.com
http://groups.google.com/groups?hl=en&group=new
Check: Search only in news.admin.net-abuse.*
Search on cihost +
Results 1 - 10 of about 654
I particularly found interesting the thread from 2002 initiated by this post:
>>>>>>>>>>>>>>>>>>&g t;
And on and on. Quit interesting reading in these threads. Hey, AOL, you might want to archive all of these posts on google, just to throw in cihost.com's face in front of the judge.
They claim to be anti-spam and bounce 80% of their incoming email (1.8B of of 2.0B daily) then all but admit they sell the list of screen names to practically anyone who wants it. AOL: It's time to stop riding the fence: Which side do you fall down on?
Blacklisting an entire ISP is essentially a secondary boycott. The anti-spam zealots should be honest about this, and differentiate their lists between primary targets (this address is a source of SPAM) and secondary ones (this ISP supports SPAM).
But more importantly, a secondary boycott is of no use unless you let consumers use the information. Generally, the only way you find out that someone thinks your ISP is a spam-collaborator is when some email that you sent fails to get there and you actually find out about it.
Silently discarding emails from a secondary blacklist is a very stupid idea. It defeats the entire purpose, but that's exactly how most servers are configured to use blacklists.
You also need to have clear standards that an ISP can follow. Some of those that I have seen are absurd. SPEWS, for example, will blacklist an ISP even if their mail server never sends a single piece of bulk email. All that is required is that they host a spam related web-site.
So the reasonable standard proposed here seems to be that ISPs are responsible for conducting background checks on everyone that they set up a web-site for, and routinely monitoring the content of every page.
So much for $7.95/month web sites.
You might argue that they should remove such sites once they are identified. But you have a very tricky problem if you expect hosters to remove content that is not per se violating the law.
You can't expect ISPs to respond to anti-spam complaints with one set of rules and then use a different set of rules when the RIAA complains.
What is reasonable is for ISPs to limit the outbound email capacity for accounts that they have not verified an actual address for. This should not be a problem for a legitimate commercial account. And people setting up economy accounts have no need to send 1000s of pieces a mail with forged headers every day.
ISPs should be expected to control use of their networks for outbound SMTP. All abusive email must be traceable back to a legal address. Forged headers originating on the network should result in immediate account termination, perhaps with an automatic penalty.
But it is not reaonsable to expect ISPs to shut down the supporting web-sites. They can't do that without blocking the ability of legitimate small business and hobbyists to easily and quickly set up their own sites.
I don't get it, why would AOL be forced to accept incoming mail from these guys? It's AOL's system after all, why should another company have the right to communicate on it?
Email is a *private* communication medium, just like phone lines. The only difference, is that the existing copper phone wiring installed in the ground was installed under government subsidy, and while the companies doing so were guaranteed a monopoly in doing so.
Yes, some parts of the initial research of the Internet were funded by DARPA, but the current infrastructure was built with private money.
Also, no one is or ever was guaranteed a monoploy.
Unlike with her phone service, where she may not have much choice of who to go with, your mom can surely switch to at least a few diffrent ISP's if she doesnt like the service she gets from AOL.
AOL's network is privately owned, and they have a right to accept (or not) any type of traffic, email or otherwise from anywhere they want. If their customers are unhappy with that, they have the right to use a different ISP, (or even start their own) They do not have the right to force AOL to accept traffic from a network that AOL does not wish to accept it from.
AOL bounding the messages from my home SMTP server because it is on a cable modem IP even though it is locked down.
Does anyone know how to set up exim so that if I am sending to AOL, that it will route via my ISPs SMTP server? I don't want all my SMTP traffic to go via the ISP's server, just that which has aol as a destination?
Even just a link to a good exim manual that his this would be nice.
-no broken link
In the linked article, CEO Faulkner says that they warn [alleged] spammers. Not so.
We're a programming/web design company that uses C I Host for web hosting.
One of our domains, owned by a big, well-known company, held a sweepstakes. Some semi-spammish third-party e-mail newsletter heard of the sweepstakes and linked to it. This one solitary link was buried in the middle of a few thousand other links.
C I Host (unjustly) shut down the sweepstakes account in no time flat, for "spamvertising". They had no proof whatsoever. Anyway, the account was supposed to be disabled for 3 days, but due to their incompetence, it was effectively down for 6 days.
Despite several pleadings and phone calls, I never got an ounce of compassion. Heck, I contacted the newsletter and they said that they weren't affiliated with the domain. That got no results. I even talked to their CEO, Faulkner, who promised that he'd look into it. Four months later, he now tells me his Chief of Security is still looking into their Abuse Policy. I don't know why it would take that long, unless Faulkner isn't telling me the truth.
So, I can tell you that C I takes alleged spammers down without any warning or, heck, even a shred of proof. They also severely hurt our reputation with that big client. We no longer have that domain.
Can't wait until C I decides to try to sue me for libel or slander thanks to this post. FYI, I'm posting this without the knowledge permission of my company. Come get me.
Have your mail server relay all its outgoing mail through your ISP's mail server. Inbound mail should still make it to you in one piece.
Visit the
And who is AOL competing with that this is unfair to? If anything, this is *damaging* AOLs business, since people will be unsatisfied with their service (due to undelivered emails) and leave.
if you ask me, AOL is the leading spammer of all the earth. im sure others would agree.
Several months ago AOL blocked the list server I admin from sending to them. We cant seem to get them to unblock it even though it is not an open relay. Most likely one of their customers reported us as UBE because they couldnt figure out how to unsubscribe.
No big loss for us, the people who really cared about staying on our lists changed ISP's after their complaints to AOL went unheard.
Guess what? It's unsatisfactory. Nice reasons, too:
- failure to resolve complaints
- failure to address cause of complaints
- billing disputes
- failure to provide timely refunds
- failure to provide promised services
- lying on their website by stating they are members of the Better Business Bureau and participants in the BBB On-Line Reliability Program
See for yourself: BBB Reliability ReportPortable versions of Firefox, GIMP, LibreOffice, etc
I am not sure of the validity of the suit brought by CI Host. I would say their overall reputation leaves some question. I can say that without a doubt the logic that AOL uses in parsing email headers is seriously flawed at best. I had major problems with AOL adding my company's server to their internal RBL for seemingly no reason (we have an aggressive AUP which is diligently enforced). After multiple phone calls to their abuse desk I finally found the cause. When parsing email headers the software they use to automatically add IPs to the RBL looks at only the MTA that passed the message to their system. In our case we host user mailboxes. Some of these users elect to forward their mail to their AOL account. When their user clicks on the "spam" button in the AOL interface our server is targeted as the source of the spam. When I pointed out to the abuse desk person that this is a rather serious flaw in their logic they agreed and promised to follow up with me. Of course they never did follow up. The problem is that they try to over automate the process and rely on this parsing as law. The people that wrote their parsing rules have incorporated bad logic, so this over confidence causes problems. By virtue of forwarding mail to an AOL account at the request of their own users, their system believes we are spammers. /shrug
I know how to whois. But how can I figure out the entire ip block of CI Net or another organization?
Better yet, how can I find out the ip blocks of countries that I know I'll never need to send an email to, or receive one from, such as China or Korea?
Is there a command (non-sco, non-dickhead mcbride unix) that does this? Or do I need to go to a site that lists the above info?
tia.
I use spamcop also. Except that the spammers have ways around spamcop. Some spam is designed to look like a bounced email. Or is sent without a body, just a subject line. I have the following in my mail client right now:
8 2"
Return-Path:
Received: from cheeta.pilosoft.net ([unix socket])
by cheeta (Cyrus v2.2.prealpha) with
LMTP; Sun, 24 Aug 2003 22:16:25 -0400
X-Sieve: CMU Sieve 2.2
Received: from cutey.com
(Mari-Sol41@101.Red-80-35-190.pooles.rima-tde.net [80.35.190.101])
by cheeta.pilosoft.net (8.12.8/8.12.8)
with SMTP id h7P2GJFm031210
for ; Sun, 24 Aug
2003 22:16:22 -0400
Message-ID:
Reply-To: moneymaker@cutey.com
From: moneymaker@cutey.com
To: "Webmaster"
Subject: Professional Business! Act Now!
Date: Sun, 24 Aug 2003 15:52:21 -1100
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_87A_B83F_019D412D.3C8F78
X-Priority: 3
User-Agent: AOL 8.0 for Windows US sub 230
Status: R
X-Status: N
X-KMail-EncryptionState:
X-KMail-SignatureState:
with the return address as:
moneymaker@cutey.com
While I use spamcop, the above message won't be processed by spamcop. So I'll have to do it manually. Except that spam is dated Sunday, and I haven't seen it up until now (I've been offline), Wednesday. So by now, that email address is probably dead from others complaining. Which is also another problem with Spamcop. iirc, it won't process any emails older than three days.
And the other problem I mentioned at the top with Spamcop:
Some mail is intentionally written to look like it was bounced. It is sent to mailing lists, and has a normal message in the body. But the sig contains the advertisement. Spamcop misses this and refuses to process it as spam.
Another variation is a "vacation" email, in which the "author" claims to be on vacation, and which again contains an advertisement in the sig. Spamcop misses this, and refuses to process it as spam.
And one of the more annoying spams is from "bounced" emails, which are really advertisements for spam blocking. Spamcop totally misses this and refuses to process it as spam.
Also, other spams having nothing in common with the above listed spam, such as nigerian scams, also appear within seconds or minutes as the one above, from the same server.
Spamcop is good for parsing email headers. But it is not the be-all, end-all that it is made out to be.
There's nothing worse than pro-spam fuckwads. I'll be blocking CI so that my users aren't exposed to pro-spam abusers with pissy attitudes. Don't like it? Tough shit, spam boy.
...own this company?
... this time, I'm on their side. Is there even one person who likes getting spammed? Spam mail is not a good thing, especially when you consider the load on mail servers.
I'm glad that AOL is taking this stand, it's about damn time that a company has stood up against mass spammers. I can't stand AOL, true, but they're standing on the good side this time. If you don't like AOL's anti-spam policies, go get an account on Yahoo or Hotmail.
If AOL wants to refuse a spammer access to their mail servers and users, then they have that right. It is my line of thinking that a spammer does NOT have the right to clog another company's mail server(s). E-Mail is not a right when you are using someone else's servers.
I wish mail servers could be setup to reverse spam someone. A mail server gets one message from a spammer and then it sends it back a few thousand times. That would be great.
Seth Anderson BTW, I'm not 23 anymore -- I am TexasCowboy26 now. =)
AOL blocks the entire cable modem address space that I'm attached to, so I can't send any mail from my home server. It just disappears. The cablemodem company (Comcast, formerely ATTBI)also provides free connections to many of the local schools, and they can't send mail to people on AOL.
I try to get around AOL's black list by routing mail through my ISP's servers like ordinary customers do, but that still doesn't get mail through reliably!
I agree with the poster who pointed out that AOL is doing this more to reduce the load on their servers than reduce the spam their customers receive. The customer doesn't seem to have any way to introduce exceptions to AOL's black hole policy.
It's kind of hard to explain to get GrandPa to believe that AOL doesn't accept a lot of mail because he gets so much other mail (mostly from other old people on AOL).
I really think AOL is abusing it's market power here.