Slashdot Mirror

← Back to Stories (view on slashdot.org)

AOL Blocking Spammers' Web Sites

Posted by Hemos on from the fighting-the-good-fight dept.

Nuclear Elephant writes "According to this article, AOL has decided to take a fresh approach to fighting spam and is now blocking the spammer's web address. The philosophy is, if the customers can't visit spammers sites, spammers will not be able to make any money. On a side note, I suggested this concept about six months ago but nobody thought ISPs would adopt it. Now perhaps we can get a group like NANOG interested in sponsoring a blacklist for spammer addresses?"

12 of 238 comments (clear)

  1. Is this a *smart* idea? by beh · · Score: 5, Insightful

    I don't know, whether this is such a brilliant idea - if this gets widely adopted it can't be long before some idiot will get the idea of paying for a spam to "advertise" one of his competitors just to get HIS site blocked...

    I see loads of abuse potential here... While AOL might be smart enough not to block sites like microsoft.com or ebay.com if they showed up in a spam, it could be a knock-out blow to relatively
    small and medium (and hence little known) companies on the web.

    1. Re:Is this a *smart* idea? by aheath · · Score: 5, Interesting

      I too am concerned about the potential for abuse of a web site black list. I'm also concerned that AOL did not inform members of this change. Any ISP that implements a web site black list should redirect browsers to an HTML page that explains that the web site address is associated with known spammer. The user should then be given the choice to procede to the site or abandon the attempt. The black list should also be transparently available to the Internet community. Last, but not least, there has to be a clear policy for appealing a listing to allow for reporting of incorrect listings or other abuses of the blacklist.

    2. Re:Is this a *smart* idea? by DocSnyder · · Score: 5, Interesting
      I don't know, whether this is such a brilliant idea - if this gets widely adopted it can't be long before some idiot will get the idea of paying for a spam to "advertise" one of his competitors just to get HIS site blocked...

      I'm sure AOL won't block any joe-jobbed targets but only bulletproof servers hosted at Chinanet, Telecom Malaysia, Procergs.com.br etc. which have been spamvertised by known spam gangs.

      This is *really* a good idea - Alan Ralsky uses several "throw-away" domains per spam run, but only a handful of different servers to host his crap. Null route these and Ralsky can enlarge his own penis.

    3. Re:Is this a *smart* idea? by beh · · Score: 5, Insightful

      But in this case we're back to square one - we're already fighting KNOWN spammers like Ralsky...

      There's nothing new in that. But do you seriously think, AOL will pay dozens of employees to find out just WHETHER a spam is "legit" (in the sense that it's really advertising the target site) or "fake" (in the sense that the real goal is to get the target site blocked)? This will become some seriously tough piece of work!

      And it's kind of doubtful, whether it will help or not.

      Also - surfing TO a website just to find out whether it's a spam site or not is nowadays also giving away WHO is doing the surfing. By now I get more and more spams that have my email address encoded in the host names of the target site, e.g. the first part of the host name http://sx1piznvxr0svy.froidnet.com/
      sx1piznvxr0sv y is beh@icemark.ch (a replaced with z, b with y, ..., y with b, z with a, 0 with @, and 1 with '.' -- and the whole thing in reverse).

      So by now we are in a situation, where not just 'unsubscribe' lists are a way for a spammer to check the validity of our email addresses - no, even the host name we use to 'look at their "great" sites' give our identities away.

      It'd be really great if some people would finally clue in that the more successful spammers are actually pretty smart as well! (unfortunately for us though)

      Right now I think the best policy is still the passive filtering of incoming spams.

      - Filtering destination sites will open doors to abuse in terms of using fake spam to block unwanted sites...

      - automatic downloading of spamvertised sites will confirm which addresses are "good".

      The latter idea MIGHT still be workable, since the spammer will also get to know WHO has spam-scanners installed (provided the automatic download of the page actually has the name of the spam-filter in the User-Agent header field of the get request). That way the spammer would also be able to drop email addresses blocking his sites.
      On the other hand, this has one very big issue with it - if the spammer filters out these addresses for his sales, he could at the same time COLLECT these addresses for DDoS uses...

      No - PASSIVE measures are the only GOOD solution we have. Spam-Filters in addition to tar-pits slowing the the spam delivery...

      Everything else will - as sad as it sounds - open way to many doors to abuse!

    4. Re:Is this a *smart* idea? by beh · · Score: 5, Informative

      > They rely on content filters and their users determining if an email is legit or not.

      And - how would a content filter find out whether the content of the spam would actually try and sell the product listed in the spam, or whether it's advertising a product listed on the target server in the hopes that the target server gets blocked?

      You *can't* read the true motives of a spam out of its content...

  2. AOL Instant DoS v2.0 by JWSmythe · · Score: 5, Funny

    -------------
    From: baduser@aol.com
    To: gooduser@aol.com
    Subject: Look At My Porn

    Come look at my naked (sister|mother|wife|daughter) on her web cam doing all kinds of nasty things.

    http://www.sco.com
    --------------

    AOL , making DoS even easier.

    --
    Serious? Seriousness is well above my pay grade.
  3. Yes, but by fdiskne1 · · Score: 5, Interesting

    I've been doing this for the past year. Every so often I get a call from a user that needs to get to a sight that is associated with a spammer. For example, a local television station's site is hosted on the same machine as a spammer's site. I got calls from users wanting to visit that station's site so I had to unblock it. This is a never-ending job since spammers many time host their "web sites" on virus-infected broadband home PCs. Since I only have to work with 1000 or so users, it's not a big deal. If I had billions like AOL. Gads. I'd rather not think about it. And that's not taking into account those people that truly want to visit the spammer's sites. Who is AOL to deny them the ability to go to the websites they want.

    There are just too many pitfalls in this. I don't think all large ISPs will go this route.

    --
    But why is the rum gone?
  4. Better to re-direct to a warning page with a link by ripnet · · Score: 5, Insightful

    It would be better if instead of completely blocking the page, it re-directed to a page saying that this site is implicated in spamming, but with a link to the real page. Would mimimize impact to falsly accused sites.

  5. Errors: by after · · Score: 5, Funny

    One, two, three, even four errors in that email! No exclemation points, no use of the _word_ "u" (like "c u therr". I mean, come on you even capitalized the first letter, what kind of AOL user would do that?? Really, you should really look into improving your writing techneques.

  6. Mixed Feelings by thirty2bit · · Score: 5, Interesting

    I've got mixed feelings about that.

    First of all, are all spammers bad? I mean, there ARE some people that buy crap advertised in spam. And is it all bad, or a ripoff? There was an link on Fark a week ago to an article about some guy that actually looks forwards to receiving spam, and had bought a lot of things from spam mails. Weird things, like a carpet cleaner, but things.

    On the other hand, do people want AOL to shelter them from the web, from the real world? I can't mail some friends on another ISP because their ISP has blacklisted Roadrunner Email. We already have a government 'sheltering' us from things, such as the real truth behind assassinations, aliens, and the disappearance of Elvis.

    Finally, the more things AOL blocks, the more reason for people to take the red pill, wake up to the monopoly, and get on a real ISP. Then those stupid CDs will stop showing up in my mailbox.

    I want to see the web, the whole web, the whole glorious ugly sex-ridden spam-filled seething mass of crap, and naught else.

  7. AOL fighting SPAM? Really? by pfaut · · Score: 5, Interesting

    This is real funny. I've been trying to install some new sendmail milter programs on my mail server in an attempt to cut down on the amount of spam I receive. As a result, I've been taking a closer look at my mail logs.

    I'm getting a lot of mail addressed to accounts that don't exist from systems with names like omr-m14.mx.aol.com. Are these legitimate MTAs or open relays?

    If AOL wants to cut down on SPAM, they should start with what gets sent by their servers.

  8. Spammers now, who's next? by nysus · · Score: 5, Insightful

    It doesn't take a lot of foresight to imagine the day when the political interests can persuade AOL to block other "undesirable" sites. Technically, it's not censorship because AOL has supposedly done it voluntarily; just like Clear Channel has "voluntarily" removed Howard Stern from their radion stations.

    --

    ---Technology will liberate us if it doesn't enslave us first.