Slashdot Mirror


AOL Blocking Spammers' Web Sites

Nuclear Elephant writes "According to this article, AOL has decided to take a fresh approach to fighting spam and is now blocking the spammer's web address. The philosophy is, if the customers can't visit spammers sites, spammers will not be able to make any money. On a side note, I suggested this concept about six months ago but nobody thought ISPs would adopt it. Now perhaps we can get a group like NANOG interested in sponsoring a blacklist for spammer addresses?"

15 of 238 comments (clear)

  1. Yes, but by fdiskne1 · · Score: 5, Interesting

    I've been doing this for the past year. Every so often I get a call from a user that needs to get to a sight that is associated with a spammer. For example, a local television station's site is hosted on the same machine as a spammer's site. I got calls from users wanting to visit that station's site so I had to unblock it. This is a never-ending job since spammers many time host their "web sites" on virus-infected broadband home PCs. Since I only have to work with 1000 or so users, it's not a big deal. If I had billions like AOL. Gads. I'd rather not think about it. And that's not taking into account those people that truly want to visit the spammer's sites. Who is AOL to deny them the ability to go to the websites they want.

    There are just too many pitfalls in this. I don't think all large ISPs will go this route.

    --
    But why is the rum gone?
    1. Re:Yes, but by Thagg · · Score: 3, Interesting

      Thank you for sharing your interesting experience in doing exactly what AOL is talking about. I hadn't thought that spammers would be using zombie PC's to host their web sites -- although AOL's new policy will certainly expand the use of that technique.

      You, and others, mention the problem of people who "truly want to visit the spammer's sites." I think the key part of AOL's policy is that they provide absolutely no facility for that. It's the people who really want to visit the spammer's sites that are the problem. Letting them do this continues the vicious cycle of spam. It's a decision that only a paternalistic overbearing ISP like AOL will make, but it makes sense in that environment.

      Finally, AOL gets so much spam that they would identify the zombie-host-of-the-day within a few minutes of its deployment. A small staff of spam-site identifiers could lock those down pretty fast.

      Overall, this seems like a good attempt, and even more interesting, it appears to be working. In our experience, the amount of spam has not been flat as the article suggests, but still increasing fairly exponentially. A system that lowered the amount of spam sent to AOL is worth strong consideration.

      AOL should realize that sharing this list of spamvertizing IP's would help lower the amount of spam they receive even more. Spammers would think twice about send spam to AOL customers if that might block the websites from the whole world. Think about it, AOL -- Share the list!

      thad

      --
      I love Mondays. On a Monday, anything is possible.
  2. Re:Is this a *smart* idea? by aheath · · Score: 5, Interesting

    I too am concerned about the potential for abuse of a web site black list. I'm also concerned that AOL did not inform members of this change. Any ISP that implements a web site black list should redirect browsers to an HTML page that explains that the web site address is associated with known spammer. The user should then be given the choice to procede to the site or abandon the attempt. The black list should also be transparently available to the Internet community. Last, but not least, there has to be a clear policy for appealing a listing to allow for reporting of incorrect listings or other abuses of the blacklist.

  3. Sounds open to abuse by The+G · · Score: 3, Interesting

    Wow, this means I can take down other people's web sites by putting them into a message and spamming AOL users with it. Cool!

    I'll start with Microsoft, move on to SCO...
    --G

  4. Re:Is this a *smart* idea? by DocSnyder · · Score: 5, Interesting
    I don't know, whether this is such a brilliant idea - if this gets widely adopted it can't be long before some idiot will get the idea of paying for a spam to "advertise" one of his competitors just to get HIS site blocked...

    I'm sure AOL won't block any joe-jobbed targets but only bulletproof servers hosted at Chinanet, Telecom Malaysia, Procergs.com.br etc. which have been spamvertised by known spam gangs.

    This is *really* a good idea - Alan Ralsky uses several "throw-away" domains per spam run, but only a handful of different servers to host his crap. Null route these and Ralsky can enlarge his own penis.

  5. This is mandatory for webmails by chrysalis · · Score: 4, Interesting

    The company I'm working for provides free web service ( http://www.skymail.fr ).

    This kind of service frequently gets abused by spammers. Two they abuse it :

    1) they open an account, just to have a valid address in order to bypass basic spam filters. Then, they send their spam through other servers using this address as the sender.

    2) they use scripts to send spam through the service, as any regular user would. This is extremely annoying.

    For 1) we publish SPF for all domains we send mail from. Now, it's up to people to enable SPF on their mail servers.

    For 2) we filter _all_ packets coming from China, Korea, Nigeria and addresses listed in Spews and Spamhaus databases. That's about 13000+ filtered networks. Thanks to OpenBSD packet filter, it's trivial to set up and it doesn't introduce any slowdown.

    --
    {{.sig}}
  6. Mixed Feelings by thirty2bit · · Score: 5, Interesting

    I've got mixed feelings about that.

    First of all, are all spammers bad? I mean, there ARE some people that buy crap advertised in spam. And is it all bad, or a ripoff? There was an link on Fark a week ago to an article about some guy that actually looks forwards to receiving spam, and had bought a lot of things from spam mails. Weird things, like a carpet cleaner, but things.

    On the other hand, do people want AOL to shelter them from the web, from the real world? I can't mail some friends on another ISP because their ISP has blacklisted Roadrunner Email. We already have a government 'sheltering' us from things, such as the real truth behind assassinations, aliens, and the disappearance of Elvis.

    Finally, the more things AOL blocks, the more reason for people to take the red pill, wake up to the monopoly, and get on a real ISP. Then those stupid CDs will stop showing up in my mailbox.

    I want to see the web, the whole web, the whole glorious ugly sex-ridden spam-filled seething mass of crap, and naught else.

  7. Re:Better to re-direct to a warning page with a li by samoverton · · Score: 3, Interesting

    But the idea is to force the spammers out of business by taking away the small fraction of customers that they get from sending out their spam. If you just have an intermediate page saying this website is involved in spam, all you're doing is putting one more mouse click between the customer and the website. Remember, these are people that *want* to visit the spammers site that are being blocked.

    IMHO, even though it is all for a good cause, once you start blocking websites "for the good of the internet" it's a slippery slope to full-on censorship.

  8. Browsers Need This Capability by reallocate · · Score: 4, Interesting

    Why not build this capability into browsers? Follow the cookies handling model.

    Make it optional, stick it in "preferences", stock it with an initial list of spam sites, and give the user the ability to add additional sites, delete sites, and select/deselect the block.

    --
    -- Slashdot: When Public Access TV Says "No"
  9. How about... by alpharoid · · Score: 4, Interesting

    Instead of simply blocking the connection, AOL could redirect the visitor to a special error page, explaining that the page was blocked for spam reasons and offering an override if the user really wants to see it.

    After reading through a page explaining that it is a spam site and that the user might be tracked and harrassed further by those companies for giving them a visit, I'm sure most of them would not click through.

    Those masochists looking forward to buying spam and actively supporting these scum could just click "Yes, I really want to see this page" and everyone would be happy. Right?

  10. AOL fighting SPAM? Really? by pfaut · · Score: 5, Interesting

    This is real funny. I've been trying to install some new sendmail milter programs on my mail server in an attempt to cut down on the amount of spam I receive. As a result, I've been taking a closer look at my mail logs.

    I'm getting a lot of mail addressed to accounts that don't exist from systems with names like omr-m14.mx.aol.com. Are these legitimate MTAs or open relays?

    If AOL wants to cut down on SPAM, they should start with what gets sent by their servers.

  11. Re:Is this a *smart* idea? by HD+Webdev · · Score: 3, Interesting

    I too am concerned about the potential for abuse of a web site black list. I'm also concerned that AOL did not inform members of this change. Any ISP that implements a web site black list should redirect browsers to an HTML page that explains that the web site address is associated with known spammer.

    AOL has a long history of not informing and many times outright lying.

    When AOL first gave out usenet access to it's members, it promised to have every newsgroup available. Instead, AOL blocked newsgroups that were created to discuss (and flame of course) problems with AOL. On occasion, AOL staff would post in those groups saying that it wasn't true, but then of course someone would point out the fact that AOL staff were using other providers to post to those usenet groups.

    I wouldn't be surprised to see AOL abuse this feature in a similar manner.

    --
    This is not a dream, not a dream...we are transmitting from the year 1-9-9-9.
  12. Re:Is this a *smart* idea? by magores · · Score: 3, Interesting

    Seems to me that AOl could be hit with a "restraint of trade" lawsuit.

    Especially by those companies that have been incorrectly marked as spammers by AOL.

  13. Re:Is this a *smart* idea? by e4ward · · Score: 3, Interesting
    I agree, this is just wrong, I don't want my isp deciding what sites I am allowed to visit. That is my business. What are they going to censor next?

    If anything, this should be opt-in, or at least, opt-out.

  14. In Russia by danila · · Score: 3, Interesting

    In Russia most ISPs, including the largest hosting providers, routinly close websites belonging to spammers (repeat offenders) for a few years already. So far this has not been abused, suggesting, it might work equally well on the American and even global scale too.

    --
    Future Wiki -- If you don't think about the future, you cannot have one.