AOL Sued For Over-Zealous Blocking

mik writes "America Online has been sued by CI Host, a Texas-based hosting company for defamation, interference with contractual rights and unfair competition. CI Host has been awarded a temporary restraining order, though AOL has apparently not complied. This may be the first such in a series of suits leading up to, perhaps, to class-action status relating to AOL's recent zealotry in anti-spam policy resulting in the presumption that shared-hosting providers are guilty (of spamming) unless proven innocent."

Mail server

I manage the web and email account for the church I attend. The pastor has an aol account, so his e-mail from our server simply redirects to his aol account. Just last week, I found that we had been put on aol's blocklist for some reason - all e-mails being redirected through the server to aol were being blocked for 2 weeks by aol. Blocking messages like this results in missed personal communication. This could possibly result in lawsuits from consumers themselves.

I'm now definitely a proud customer....

[heXXXen]

Been with CI Host for awhile, pretty good network, really like the price too.

Also, AOL/RR is blocking email from my office (Sprint SHDSL, fiber optic DSL, faster than T1, business only stuff in case you weren't aware). Ever since I got the first bounced message AOL has been #1 on my shit list.

Bravo, CI Host, Bravo.

Re:Anti-spam zealotry is a good thing

AOL are a bit zealos with their blocking. Worse there is no apparent (from what we could see) removal process or information on *why* you were blocked.

I maintain a few mail server that a number of customers of ours use to send out mail. We have a non-spam TOS and we check up on our customers. We got blocked. We went on to complain to a mass of different addresses. We got a two replys a few days later, the most notable was one from an address that didn't exsist (at aol.com) scolding us for not providing information that we had actually provided in our barrage. The other was just as worthless (telling us to read the usless help) though a reply to it didn't bounce.
Then as mysteriously as we went on the RBL we came off it again. To this day we are still cluless as to how we got on this RBL or how we got off it.

Worse though is Excite. There RBL is entirly hidden. No URLs, no help, no reasons, no nothing. We have had NO reply to our barrage of mails after a week and a bit. We even opened an account and complained as a customer. So we have taken to re-assigning our SMTP sender's IP address. I'm sure they will block that too, but we have a /19.... we can play this game for a while.
Maybe I should see if we can sue Excite....

>

am I your enemy?

[SHEENmaster]

I am on a small ip block, with losers that catch the latest winshit worm and start spamming every few weeks.

Because of this, AOL has blocked my mailserver despite 7 requests to whitelist it (3 from myself, 4 from AOL victims^H^H^H^H^H^H^Hconsumers). It gets whitelisted for a few days, then group punishment kicks in and it's blacklisted again.

I have never spammed, I never intend to spam. Getting accused of sending half a billion unrequested emails in half an hour from a upstream as small as mine is both hilarious and insulting.

Fighting spam is one thing, blanket bombing to prevent spam is quite another. If anyone at the evil empire's apprentice is reading, "Hope you're glad that my dad left you because of your stunts. See you in court."

Re:Any filtering is too much

[Frater+219]

I'd rather spam filtering be left to myself. Any decent e-mail client has the capability for filtering, and by doing that way, I have control over what gets thrown out and what doesn't.

There are substantial disadvantages to a client-side filtering only spam defense as opposed to a server-side blocking only defense. It is, of course, fully possible to use both; I merely wish to point out some factors you may not have considered.

For the definitions of "filtering" and "blocking", please see this Wikipedia article. Roughly, DNSBLs and Sendmail's milter feature are blocking tools -- they take effect during the SMTP transaction. Client-side tools are filtering tools -- they take effect when you check your mail.

Consider:

• Client-side filtering destroys false positives rather than bouncing them. Any spam defense can have false positives, in which non-spam email is incorrectly classed as spam. When a mail server doing blocking experiences a false positive, it returns an SMTP error to the sending system. Ultimately, the human sender sees a bounce message, which indicates that their message did not make it to the intended recipient. The sender can then attempt to get around the block (by sending from another site) or can try to contact the recipient by other means. However, when a client-side filter has a false positive, the mail is either deleted or filed in a rarely-seen "spam folder". The sender gets no notification that it will not be seen (or not seen promptly). Since false positives do happen, it is better that they not happen silently!
• Client-side filtering isolates and hides useful information. A mail site, particularly a large one such as AOL, is in a position to gather a great deal of information about spam sources and patterns. Users complain about receiving spam. If a site can cause these complaints to be expressed in a useful way (such as sending full headers to an abuse address) rather than a useless one (such as cussing out the helpdesk), the site can aggregate a huge amount of information about spam offenders, which can be used to the whole site's spam defenses (or to mount litigation or prosecution of spam offenders). In contrast, your client-side filtering is informed chiefly by your own experience, and has no access to the experience of the other bazillion people on your ISP or mail site.
• Client-side filtering doesn't alleviate large mail sites' resource problems. A site such as AOL dedicates significant amounts of disk space, backup capacity, and network bandwidth to email. Since over half of AOL's incoming email is spam, if AOL did no blocking then it would probably spend over twice as much money on these resources than it would on a spamless Internet. In client-side filtering, mail must be delivered to the user's mailbox on disk, and the user must then check his mail, before any spam is removed from disk. If that spam were blocked at SMTP time, however, it would never have occupied AOL's disk and never consumed those resources.

However, as I mentioned above, it is possible to combine blocking and filtering in useful ways. A mixed strategy is what I prefer for my own site: we use a number of blocking strategies (such as DNSBLs and regular-expression patterns matching common spam elements), but we also use SpamAssassin and encourage users to filter with its scores or other criteria.

Re:Anti-spam zealotry is a good thing

[Zeinfeld]

AOL are a bit zealos with their blocking. Worse there is no apparent (from what we could see) removal process or information on *why* you were blocked.

There are several separable issues here.

The first thing to notice is that our only information on this dispute comes from a press release put out by CI-host. I find it somewhat surprising to see it alleged that AOL is in contempt of court. On the other hand one wonders how a judgement from a Texas court affects AOL off in Loudoun county VA. I suspect the AOL/Time lawyers may have a different opinion.

Another thing missing from the report is any mention of the reply filled by AOL? Was AOL even aware of the hearing? In most cases a court order does not have immediate effect, thus allowing the defendant to file an appeal. It seems unlikely that a court would issue an order with immediate effect given that AOL has had considerable success in preventing spammers gaining orders of this type in the past.

Another suspicious factor is the rapid escalation to littigation. A legitimate ISP would be unlikely to sue until it was clear that AOL was not going to be reasonable - unless of course they knew AOL was being reasonable.

At this point it is reasonably settled law that an ISP cannot be forced to accept email from an address that it does not want to service. The defamation claims might work against a third party such as a blacklist but it is hard to see how a company can be prohibited from acting on its own assesment of CI's behavior.

The other thing that is odd here is that Sudereth is a recent President of the American Judges Association. You would not expect a judge in that situation to be making whacky judgements which suggests strongly that there is something here that we are not being told in the CI PR puff. It is very rare for a court to order an injunction with immediate effect unless the damage done is irreversible. In this case the effect is very obviously only money.

Re:AOL mail filtering to the extreme

[RipCurl808]

Its their servers and if you still kept the person on your server ( as a customer ) after the the first day of the abuse ( says you took 1 week to notice; that's far too long to notice an abuse ). Did you not read your Abuse@ when the first spam message was reported? Why'd it take you so long to act?

A spam run doesn't just happen for a week long without going unnoticed. Your server logs would have shown the unusual amt of traffic being sent from your space.

Just playing devi's advocate. Again, AOL can run their servers as they like. Dont like it? Set up a smart-host so you can send attachment from that ip unti lits resolved.

Oh and is that customer still with you? The one that spammed? Why not collect damage fees from them?