AOL Sued For Over-Zealous Blocking

mik writes "America Online has been sued by CI Host, a Texas-based hosting company for defamation, interference with contractual rights and unfair competition. CI Host has been awarded a temporary restraining order, though AOL has apparently not complied. This may be the first such in a series of suits leading up to, perhaps, to class-action status relating to AOL's recent zealotry in anti-spam policy resulting in the presumption that shared-hosting providers are guilty (of spamming) unless proven innocent."

Anti-spam zealotry is a good thing

[Dancin_Santa]

And we could use more of it.

Go AOL!

Enema of my enema is ma friend.

Re:Anti-spam zealotry is a good thing

[Kaeru+the+Frog]

What timezone are you in? 23 hours a day someone could bash AOL.

Re:Anti-spam zealotry is a good thing

[EvilAlien]

Ya, I need another copy of the /.drone handbook. I'm not sure what to do here... we hate spam, but we hate AOL, but we like security, but we hate restrictions on our (ab)use of broadband, but we support the rights of network admins to admin their network, but we like freedom, but we hate government interference, but... *bzzzt*

> ERROR
> KERNEL PANIC

Re:Anti-spam zealotry is a good thing

[PktLoss]

I don't know, I am tired of over zealous spam lists, network admins, strange anti-spam mechanisms.

Recently, one of our mail servers got listed with a major spam list with a major time lag. It was allowing open relay (but was never used for nefarious purposes) 6 months ago, and this was resolved 3 months ago.

As a result, all of the mail that was sent to paying Road Runner customers was bounced back, this was mail that was requested, and mail they had just paid to receive. I attempted to forward from my ISP, but lo and behold, my personal ISP (different country than our corporate mail servers) had also been blocked by Road Runner.

I attempted to email Road Runner to get more information, but got standard auto-responders that didnt answer my question.

I ended up mailing the paying customers via my webmail account on my personal domain.

We lost about six accounts to refunds over non-recipt of information, since it took us a week to figgure out what was going on (mails are sent from an unmonitored account).

Also:
Most non-technical users don't know how to properly manage opt-in spam blockers (the ones with auto responders pointint you to websites where you can fill out all your personal information, your mothers maiden name, and perhaps the person might deem it acceptable to let your mail in). They sign up for things, dont add the posted address to their list, the mail gets blocked, so they email us complaining, not bothering to add the email address they just messaged to the allowable list. With the current virii going around, spoofing return headers, I just dont have the time to wade through all the mailer daemon/postmaster/spamblocker/virus blocker emails comming in.

ISP Level Spam blockers MUST:

• Allow users to turn them on/off
  
• Allow users to view blocked mail
  
• Provide external groups with EXACT information on why a message was blocked, rather than pawning off responsibility to some Not-For-Profit.
  
• Respond to queries from external groups within 1 business day, either with removal from lists, or more detailed information
  
• Upon removal from a blocked list, spam cached within the past week from affected senders should be forwarded with an attached apology header.
  

Re:Anti-spam zealotry is a good thing

[Phil+Karn]

Road Runner's "detailed" instructions are useless if you happen to be on what they consider a "residential" IP address block. Doesn't matter if your address is dynamic or static. Doesn't matter if the customer they're "protecting" really wants to hear from you. Doesn't matter if your machine is clean and secure and you've never spammed or relayed a spam in your life. Doesn't matter if you prefer not to use your ISP's outbound relay because it drops half your mail and delays the other half for a day. You can't send them mail. Period.

This is one of the many reasons I run my own incoming SMTP server and my own virus and spam blockers. I control them, not the morons who happen to own the only broadband pipes in town.

Re:Anti-spam zealotry is a good thing

[Skapare]

To give the end user full control also means that user is selecting what level of cost their ISP will incur. The technology to do it exists, but the implications of doing it are serious. Blocking spam is substantially a cost saving measure. Letting users turn it off re-incurs those costs. This really only works well when the users are on a pay-per-received-message basis.

Most of the cost of email, and of spam, is incurred in the receiving end. That's either paid for by the end user/customer, or the ISP, depending on how the service payment plan is arranged (examples being flat rate for all the email and spam you can eat, and pay-per-message). Of course in a pay-per-message case, you really must give the user control. But if the ISP is paying per message and charging the users a flat fee, it's the ISP that needs to be in control of costs.

Of course, none of this would be an issue if certain ISPs would stop hosting spammers once they know they are spammers.

Stupid

[asavage]

If it is your own network and you aren't the government, you can block whatever messages you want.

At least AOL can defend itself

Re:Stupid

[ThatDamnMurphyGuy]

How is choosing what to filter against the law?

For the same reason Microsoft can't do what they want with their OS to a certain extent: antitrust laws and the fact that AOL IS a monopoly in the ISP market for the most part. Sure, there is Earthlink and the like, but when the Giant in any arena gets as large as AOL's subscriber base, they have to play by a different set of rules.

Any filtering is too much

[localghost]

I'd rather spam filtering be left to myself. Any decent e-mail client has the capability for filtering, and by doing that way, I have control over what gets thrown out and what doesn't. I would not trust AOL to tell my what e-mail I should and shouldn't read. That, of course, is one of the many reasons why I would never be an AOL customer.

Re:Any filtering is too much

[RipCurl808]

Then you're pretty much out of touch with the big picture.
In order for you to receive that spam it still hast to go through AOL's servers and SIT there until you decide to log-in to your account to read/delete/foward/answer or leave it there. The whole point of filtering is so that YOU and that extra $3 you pay a month goes to helping AOL maintain its servers for the 1 billion pieces of crap it gets EVERY single day.
You do realize that $3 out of your monthly payment goes to pay for the filtering of spam on Aol's server. Wouldn't you be happier if that $3 / mo or $36 per year went to something more needy? Like saving up for that vacation you always wanted? or taking that much more off your Mortgage? No, you pay that extra $3/mo to hanlde the spam problem. To have AOL buy bigger servers to handle the deluge of spam; and agian, filtering it on the enduser is doesn't preven the spam from entering their servers and taking up space.

They should sue the spammers for $ damages

[kaltkalt]

Seriously. I realize AOL has the deep pockets, but the spammers are the cause of AOL's blocking email from the domain. The spammers, not AOL, are responsible for any monetary damages the plaintiff here suffers. Public policy dictates that AOL should be immune and the spammers who spammed from that address should be liable. Does everyone have the right to send email to AOL addresses? I would say no, although AOL should have to say "hey, when you have an account with us there are people who will be unable to email you."

Re:Bout Damn Time

[kaltkalt]

They are paying to spam your mailbox with those CDs. They pay for the CDs and the postage. Thus there is a check on how pervasive it can be. Note that you don't get 40 CDs a day from them.

Oh, the irony.

[faedle]

"C I Host is very aggressive about attacking the spam issue," Faulkner said. "C I Host does not spam, and we don't tolerate spamming by our clients," said Faulkner. "In fact, we were one of the first Web hosting companies to install spam filters that our clients cannot turn off. This week alone our spam filters blocked over 16 million spam e-mails.

Am I the only one that finds this ironic? It's not okay for AOL to filter spam, but it's okay for us to. Uh huh.

Re:Oh, the irony.

[kaltkalt]

Well, I'm sure in response, they would say "we're not saying spam filtering is wrong, we're saying blocking huge domains and refusing to narrow it down even when it's been pointed out the spam didn't come from us is wrong."

People really need to learn what the words "irony" and "hypocrisy" really mean. These two words are used interchangeably for any situation that sounds sorta funny.

Re:AOL is free to do whatever they want.

[kaltkalt]

a private company can't violate the commerce clause.

For all the "Good for AOL" people

[Kostya]

If you don't run a webhosting company or an ISP, shut up. If you run a webhosting company or an ISP, you know how crappy AOL's system is.

Consider if you have an AOL client who has a site on your hosting server. They forward their site mail to their AOL account. Their site account gets spam. What happens? Well, the spam gets forwarded, the clueless AOLer reports it as SPAM, and AOL's system sees your hosting server as a spam source. There is nothing you can do to protect your hosting server. Nothing.

This really happens. If you call AOL, they basically say it isn't their problem. If an AOL client thinks a mailing list email they signed up for is spam, then AOL thinks it is spam. They tell you to setup a feedback loop where they send spam reports, but you have no way to respond to AOL. You just get flooded with tons of reports by clueless AOL users with no way to tell AOL, "Hey, this isn't SPAM!"

Only on two occasions where a client had an exploited formmail script did the AOL system work as it should (i.e. spam was reported, we saw the report and found the problem). Every other day of the week, it is a massive time-sink that you get nothing out of.

AOL wanted to make up for sucking on the SPAM front. So they become complete asses and made the job that much harder for the rest of us. Bravo!

I hope the class-action suit makes them stop. I don't expect anyone will see any money, but at least AOL will be held accountable for being such idiots.

Re:For all the "Good for AOL" people

[Dimensio]

I understand your desire for AOL to lose. After all, they have a contractual obligation with CI Host to carry their e-mail.

Oh, wait, they don't. They're a privately owned company and they have the right to drop any mail traffic that they choose, even if the reasoning is completely stupid (though in the case of CI Host, it isn't). I guess that you believe that the government should be dictating how people run their private networks, including accepting the additional costs of spamming just because it makes spam-friendly ISPs feel bad when their packets get dropped.

Bullshit

[GojiraDeMonstah]

Anti-spam zealotry is a good thing

A good friend of mine is no longer able to send her regular op-ed piece to AOLers due to anti-spam zealotry. She can't reply to her subscribers when they write and ask why she's stopped sending it. She's even blocked from emailing AOL tech support to ask why she's blocked in the first place.

Arbitrarily cutting off an entire ISP with the inexplicable finality AOL has shown towards several ISPs isn't making the world a better or more spam-free place.

Repeat after me: arrogant zealotry is a bad thing, and we could use less of it.

Shared Hosting

[m0rph3us0]

No one should require me to carry your traffic. If AOL doesn't wish to carry someone elses traffic who should make them? How AOL runs their servers is their business. No one should be able to require a shared hosting provider to not provide services to spammers either. I used to be hosted at a provider who hosted spammers. When I found out I asked them if they were planning on removing the spammers, they said no, i moved hosting providers.

Re:AOL is going to stomp on CI Host

[Stephen+Samuel]

I very nearly took them to court over it. CI Host has spammers as customers. I told them about a few that were causing problems for me, and they never did anything about them.

You might want to provide an affidavit to AOL on this. CI appears to have gotten their injunction on the basis of that they've got a really tight anti-spam policy. If they're providing support to commercial spammers, then AOL has (or should have) the right to block them.

I think that it may be something different about what AOL support is saying about CI hosting... It's one thing to simply report that AOL gets to much spam from CI customers -- it's another thing to call them spam bags.... (although I really like the term).

Spamming is illegal in many states, and congress is looking at making it nationally illegal. To say that you have a right to spam is silly.

Spamming is all about finances, and refusing to route IPs from a hosting company that supports spammers is a way to shift the finances against them allowing spammers on their net.

Frivolous at best..

[RipCurl808]

It was already tried with CompuServe vs Cyberpromotions where the judge ruled that a server/admin has the right to block any traffic or spam/email/connections from accessing theirs.

CI HOST is a notorious spamhaven and I would love to show that CI HOST is indeed tolerant of their spamming customers and do jack about booting or disconnecting them. They have /dev/null who works at abuse@ . No morals whatsoever.

IF they dont' want to play nice on the net, then they will be delgated to the corner until they do. Or suffer the interne equivalent of a death sentence; be happy in your intranet CI Host. You haven't been allowed on my networks for the last 2 years; think this lawsuit is gonna help ya much?

Re:am I your enemy?

[Abm0raz]

I feel for you, but is this really AOL's problem? Is it even really your problem with AOL? I see as your problem with the spammers and your ISP.

Let's use an analogy:
If I get a bunch of crap marketing calls from an MBNA call center from Sleazy Marketing Company (SMC). I call up the phone company and complain. THey get dozens more complaints and as collective users, we have dictated a policy to them to remain their customers, "Either block the calls from this center or we will goto someone who can." The phone company CAN do this and you see it occasionally in very close night bible thumping communities.
Now, the charity "Save Everything 'cept SCO" decides to rent the call center for it's fund-drive and can't reach anyone in our phone exchange ... ...who is at fault? The charity is pissed at the end-user? Why? The end-user has a right to not answer the phone. They could just as easily ordered caller-ID and not answered anything from that call-block (or unavailable,not listed, etc ...). This way the end user's phone isn't tied up when real calls come in.
The charity is pissed at the phone company. Why? The company has a policy in place to keep it's customers. The company's interests lie in itself and it's customers, not some 3rd party.
Who the charity SHOULD have a problem with is MBNA and the original spammers. It is the actions of these 2 that have prompted the blocking. The charity should've requested and read the policy based on what the call-center could and could not be used for. Now, they may have rented the center before SMC caused the problems. This would be unfortunate, but still not the phone company's or the end-user's fault. The charity needs to go back at MBNA and get refunds because their call-center couldn't reach all clients like advertised. They have the choice of using other call-centers with much better cold-calling and call-type policies.

In case there are people that had problems with the analogies portion of the SATs ... here's a key:
- MBNA Call Center is your average ISP that allows it's clients to spam.
- SMC is a spamhaus.
- The phone company is any other ISP that doesn't and impliments blacklisting
- The charity is a good company that got caught in the spam fire. Casualty of war, if you will.

Now, the end users (such as your dad) definitely have the option to switch providers (As he did) in protest. The Good company's (such as yourself) can switch providers as well. There are others out there. They may not be as cheap, but is the extra money worth the improved reliablity? You also have the power of your almighty dollar. Call and make threats to leave their service. Demand refunds. It works wonders. I got an additional 150 minutes of anytime minutes and a new $100 phone from AT&T today for free cause of a $2 billing discrepancy today. My journal will have the story tomorrow if anyone is interested.

-Ab

Re:Bout Damn Time

[insecuritiez]

I may not get 40 CDs a day from them but I have more than 40 of their CDs. Most come because I am a former subscriber. Others come from random mailings. Others from purchases that bundle them alongside the product. I don't think there should be a timeframe. I consider constant bombardment from advertisement of the course of a few years harassment and spam.

Re:Mail server

[Pharmboy]

You say: But this isn't e-mail destined for AOL itself, but rather its customers. No one is saying private individuals can't filter this e-mail if they wish.

<rant style="common sense">
AOL gets one billion emails a day. 2/3rds are spam (read prior articles here on /. for references or google it). Spam costs them money, so they are justified in trying to deal with it.

It amazes me how people bitch endlessly about spam, but when a company filters it (and inevitably messes up trying) you freak out. It is not like AOL is trying to charge you for sending to someone on AOL.

Don't like it? Quit AOL. Don't have AOL? Then its not hurting you. Need 100% guarantee that all email will arrive? Don't expect it for $23 a month, get your own mail server. Didn't read the Terms of Service where it says "we try, but shit happens?" then read it next time.

Write this down: You don't have a RIGHT for your AOL service to work correctly. You have an EXPECTATION that it will. If it doesn't, ask for your money back for the last month and switch ISPs.

Why, for the love of jeebus, does everyone think that if they pay money for something, service becomes a constitutionally protected RIGHT? You have an expectation, a term of service, and the RIGHT to ask for your money back if they don't perform, but you don't have a RIGHT to perfect service (get the distiction?) But not damages, unless they are grossly negligent, which filtering isn't. God it is disgusting how sue happy everyone is, especially when there is so many choices for ISP in almost every town.
</rant>

Free Speech is a right. Bearing arms is a right. Voting is a right. Getting 100% of what you expected isn't.

Re:am I your enemy?

[Cylix]

Blocking one ip address in a subnet is frivelous and ineffective. In order to be completely sure you have stopped the spammers access you need to ban their whole subnet.

So, if your neighbors continue to infringe on their network benefits (willing or unwilling), you may need to take some precautions.

With constant problems such as this it would be wise to limit your upstream smtp traffic through an intelligent proxy.

Take charge of the network rather then complain about the aftermath.

Ignorance is a poor excuse.

Re:am I your enemy?

[goodie3shoes]

Here we see the failure of blacklisting in action. Big ISP's such as AOL are under tremendous pressure from their customers to block spam, so they revert to crude methods; like politicians, it's more important to be seen doing something about the problem than to actually do something about it.

Is this the big one?

[lynx_user_abroad]

This case could be bigger than any of us here and now expect.

I expect the two litigants will need to sort out the issue of who own's AOL's network? and that depending on the outcome, things could change direction radically.

There seem to be a lot of people on /. (and on the Internet in general) who are opposed to SPAM and ready to support any cause which makes it more difficult for SPAMMers to operate. As such, they applaud AOL's efforts to keep undesirable content out of it's network.

But there also seem to be a lot of people on /. (and on the Internet in general) who support Free Speech, and are appalled when a single company (like AOL) uses the network of computers it owns to build a "gated community"; an Internet where you or I must pay to play.

These two positions are incompatible as currently conceived. Anyone who agrees with both of the above needs to do some soul searching.

If we acknowledge the right of AOL to control how it uses it's own network, then we can applaud when AOL blocks SPAM, but we cannot complain when they start blocking mailing lists, or shutting down p2p sharing, or refusing to allow their subscribers VOIP capability, or block access to web sites. We may eventually find that the only sites with any reasonable connectivity are the ones which can only be accessed through AOL.

Alternately, we could decide that AOL's network services are a type of Common Carrier network, like the airlines and the telephone system. This would mean that AOL could not prevent an AOL customer from subscribing to mailing lists, visiting web sites, or setting up their own web server. But it would also mean that SPAMMers would be guaranted a equal access to your inbox, and your neighbors worm-pool box cannot be legally blocked, so long as the worm abides by the Common Carriage rules.