AOL Blocking Spammers' Web Sites

Nuclear Elephant writes "According to this article, AOL has decided to take a fresh approach to fighting spam and is now blocking the spammer's web address. The philosophy is, if the customers can't visit spammers sites, spammers will not be able to make any money. On a side note, I suggested this concept about six months ago but nobody thought ISPs would adopt it. Now perhaps we can get a group like NANOG interested in sponsoring a blacklist for spammer addresses?"

Is this a *smart* idea?

[beh]

I don't know, whether this is such a brilliant idea - if this gets widely adopted it can't be long before some idiot will get the idea of paying for a spam to "advertise" one of his competitors just to get HIS site blocked...

I see loads of abuse potential here... While AOL might be smart enough not to block sites like microsoft.com or ebay.com if they showed up in a spam, it could be a knock-out blow to relatively
small and medium (and hence little known) companies on the web.

Re:Is this a *smart* idea?

[Tarwn]

And then we have to remember that there isn't some kind of magical Spam identification going on, thy are still going to be using the same (or similar) spam filtering tactics to categorize spam...which is a lot of fun because I know my mother doesn't get emaill from on occasion simply because of that...not thast I would be overly woried should my domain get blocked for AOL users :P

So some of those small and medium companies will end up getting blocked imply because they were mis-filtered.

Re:Is this a *smart* idea?

[beh]

But in this case we're back to square one - we're already fighting KNOWN spammers like Ralsky...

There's nothing new in that. But do you seriously think, AOL will pay dozens of employees to find out just WHETHER a spam is "legit" (in the sense that it's really advertising the target site) or "fake" (in the sense that the real goal is to get the target site blocked)? This will become some seriously tough piece of work!

And it's kind of doubtful, whether it will help or not.

Also - surfing TO a website just to find out whether it's a spam site or not is nowadays also giving away WHO is doing the surfing. By now I get more and more spams that have my email address encoded in the host names of the target site, e.g. the first part of the host name http://sx1piznvxr0svy.froidnet.com/
sx1piznvxr0sv y is beh@icemark.ch (a replaced with z, b with y, ..., y with b, z with a, 0 with @, and 1 with '.' -- and the whole thing in reverse).

So by now we are in a situation, where not just 'unsubscribe' lists are a way for a spammer to check the validity of our email addresses - no, even the host name we use to 'look at their "great" sites' give our identities away.

It'd be really great if some people would finally clue in that the more successful spammers are actually pretty smart as well! (unfortunately for us though)

Right now I think the best policy is still the passive filtering of incoming spams.

- Filtering destination sites will open doors to abuse in terms of using fake spam to block unwanted sites...

- automatic downloading of spamvertised sites will confirm which addresses are "good".

The latter idea MIGHT still be workable, since the spammer will also get to know WHO has spam-scanners installed (provided the automatic download of the page actually has the name of the spam-filter in the User-Agent header field of the get request). That way the spammer would also be able to drop email addresses blocking his sites.
On the other hand, this has one very big issue with it - if the spammer filters out these addresses for his sales, he could at the same time COLLECT these addresses for DDoS uses...

No - PASSIVE measures are the only GOOD solution we have. Spam-Filters in addition to tar-pits slowing the the spam delivery...

Everything else will - as sad as it sounds - open way to many doors to abuse!

Re:Is this a *smart* idea?

[nahdude812]

Well, and to boot, we're talking about a group of people who have made it their business to circumvent communication blocking attempts, including blacklists. They'll find new ways of communicating with their clients, all that will happen is the 'net will become a little less free and open.

Having an advertising / services based website is hardly against anyone's (reasonable) terms of service, and ISP's have made it a point to be common carriers, ignorant of the content they are providing. IMO, it's not up to the ISP to decide whether services being advertised on a site are in their customers' best interests.

You can't block these guys by IP, we already know that successful spammers have networks of infected zombie slaves, they'll use this network to host their website. Blocking by domain name has its obvious shortcomings also. How difficult would it be for a spammer to set up an IRC channel that advertises this week's (or today's) IP address and port number for accessing their spam contact page.

Or maybe they just send a spam out every 12 hours with a new IP address advertised. They could just put their current IP address on the bottom of every spam they send, or in the headers.

No, the solution proposed here is simply another speed bump for any determined spammer, and as lucrative as spamming turns out to be, it won't be long until all that's happened is that netizens have unwittingly (and happily) given up another net liberty in the form of website censorship.

Better to re-direct to a warning page with a link

[ripnet]

It would be better if instead of completely blocking the page, it re-directed to a page saying that this site is implicated in spamming, but with a link to the real page. Would mimimize impact to falsly accused sites.

It can be managed

[Nuclear+Elephant]

These are the same concerns people are having with FFB (Filters that Fight Back) which are capable of creating massive DoS's against a spammer, but don't really affect anyone else. I think blocking is certainly a step in the right direction, as it conserves bandwidth rather than consume it. AOL will definitely have to keep on their toes to make sure a legitimate website isn't blocked. Some of this can be automated, though - every time it thinks about blocking a website, crawl the site and perform the same type of language classification on it that you would a spam. The website should be even spammier than the email in most cases, or at least provide enough information to classify it as a spammy website. If it doesn't, throw up a red flag and let someone manually review it (or just drop it completely). The great thing about this function is that it not only blocks the spammer's method of contact, but it also makes it much more difficult for a spammer to move around. It's easy to use a different IP to send the spams, but to change your website every day or two is a bit more time consuming, and hopefully will exhaust spammers.

Responsible and Praiseworthy

[CdBee]

I have commented several toimes about a need for providers of internet services to take more care of their customers

AOL is a family ISP - most techies wouldn't use it as it doesn't provide what we want, but all those kids surfing on it deserve to be protected from the people who target them with spam

It's been demonstrated over and over that there are enough people out there willing to buy from spammers to make it a highly profitable industry, but that most of those profits come from taking payment by fraud and never supplying the goods

I would not use an ISP that did this, but the marvel of free will means I don't have to. For AOL's target market (largely clueless and wanting an all-in-one service to supply services and protect them) this is the right action.

One final recommendation to AOL

Please supply the latest Windows service pack and the latest Internet Explorer update patches on your CDs and make them a prerequisite to going online. Microsoft would love you to do this, techies would love it too and it would close down a lot of spam relays by closing the holes.

Re:Yes, but

[CdBee]

" For example, a local television station's site is hosted on the same machine as a spammer's site. I got calls from users wanting to visit that station's site so I had to unblock it.

If AOL blocks a local TV site for sharing an IP with a spammer, then the service provider will rush to close down the Spammer

This plan doesn't just stop AOL users seeing spam sites, it provides a powerful incentive for hosting firms to prevent spammers using them

It's brilliant.

Re:Mixed Feelings

First of all, are all spammers bad?

Yes.

I mean, there ARE some people that buy crap advertised in spam.

Doesn't mean the other two billion people need to see those ads too. Go to an advertizing site. Just make 'em leave my mailbox allone.

And is it all bad, or a ripoff?

Yes.

There was an link on Fark a week ago to an article about some guy that actually looks forwards to receiving spam, and had bought a lot of things from spam mails.

Indeed, about some compulsive man getting a kick out of buying something over the internet.

Doesn't mean *MY* mailbox need to get stuffed with junk, too. That man can go to some ad site or Ebay or something. If he's got the guts. I suspect he's the dependent kinda guy who needs to be told and handed over everything.

On the other hand, do people want AOL to shelter them from the web, from the real world?

No. *Especially* AOL filtering URL's seems like a very bad idea to me.

We already have a government 'sheltering' us from things, such as the real truth behind assassinations, aliens, and the disappearance of Elvis.

I thnk you're acting like a conspiracy theory troll.

Finally, the more things AOL blocks, the more reason for people to take the red pill, wake up to the monopoly, and get on a real ISP. Then those stupid CDs will stop showing up in my mailbox.

They make for splendid frisbees

Spammers now, who's next?

[nysus]

It doesn't take a lot of foresight to imagine the day when the political interests can persuade AOL to block other "undesirable" sites. Technically, it's not censorship because AOL has supposedly done it voluntarily; just like Clear Channel has "voluntarily" removed Howard Stern from their radion stations.

Beating up your own customers

[Anders+Andersson]

I got calls from users wanting to visit that station's site so I had to unblock it.

Agreed, this is a clear conflict of interest. Even though I could legally and technically block HTTP traffic between spammer websites and our university network, I wouldn't feel comfortable doing so, precisely because those most likely to complain about it would not be the spammers (or those unfortunate enough to share their web server with a spammer), but rather my own colleagues. And, they would complain to me, rather than to the spammer's ISP.

I'm all for public blacklists, and I keep using those to protect my own mailboxes from inbound junk. If somebody wants to send me mail, I'm justified in asking that person not to pay money to (or otherwise support) the ISP of a spammer. Likewise if they want to access my web pages, though I haven't implemented a blacklist check for those yet.

However, when I prevent my friends and colleagues from viewing somebody else's website just because that website shares hardware with a spammer, things are getting real tricky, because I'm interfering with traffic that doesn't necessarily benefit the spammer or his ISP anyway, and the only ones hurt by it are my friends and colleagues. This is clearly not desirable.

I admit that it makes a little more sense for AOL to do this, given their millions of users who supposedly don't know what's in their own best interest, but I wouldn't want to be a customer of such a company, nor would I want to work for it.