Dealing with False AOL Spam Reports?

aohell-guy asks: "I handle the mail servers for a business that has 20% of our members using AOL. We regularly send out email that our members have agreed to receive. In AOL 8.0, it was possible to click a single message and report it as spam. You would be prompted to confirm the spam report, although no details explaining what happens with the report are given to the user. Through AOL's Postmaster site, it is possible to get in on the spam 'Feedback Loop,' where AOL will send you the spam reports it receives for mail sent from your servers. When you receive a report, you are supposed to immediately cease the sending of email to that AOL address. The only problem is, we have found that most of the time the AOL users are reporting our email as spam on accident! These complaints can negatively impact your ability to send email to AOL members. How are you handling the false reports?" "In version 9.0, AOL made two incredibly stupid mistakes which make false positive spam reports skyrocket. First is they now allow their users to select multiple messages at once and report them all as spam. Second, when you hit the spam report button (which is located DIRECTLY next to the delete button), it IMMEDIATELY files the spam report -- there is no confirmation required. Sure, the AOL user can see they made a mistake and move your email back out of their spam folder...but the report is still filed against your server. Rack up enough of these reports, and you will not be able to send mail to AOL. We have had plenty of complaints come in, and we delete their accounts as they do -- except with our paying members. We ask them if they really want to cancel? In ALL cases but one, we have received replies stating it was an accident.

We have spoken to people within AOL that deal with the mail. (Amazingly, it is not too hard to speak with them if you are a business sending email to AOL users.) The ones we've spoken to are not happy with these changes in AOL 9.0, and admit they result in many false positives.

If you are sending a lot of email to AOL users, you will want to get in on their feedback loop ASAP, and also look into getting on AOL's 'whitelist,' which ensures that your mail will not be silently filtered into the bit bucket, as long as you keep your mail bounces and spam reports (ahem!) at a low level."

You asked....

[Smitedogg]

I think you've done all you can. I would even go so far as to say that you've answered your own question. Call AOL, make sure they know you're legit, and wait for the next version of AOL to fix what turned out to be a bad design choice. In the meantime, maybe add a note to one of your mailings suggesting that they make sure to be careful about that. It's not like you can do anything else.

Dogg

Re:Whaaaat? Cluesless AOL users?

[Moonpie+Madness]

Dont be too hard on AOL, if it weren't for that sore thumb '@aol.com' it'd be a lot harder for me to identify dummies out there. dumb people are simply a fact of life, and they deserve to get some internet access. a spoon feeding paternalistic service is great for them, and worth the money, and they give a lot of their money (more loosely than most) to a lot of internet businesses, though i have to admit they arent really much effect on the Linux community

Re:On accident?

[batkiwi]

RTFPost!!!!

We have had plenty of complaints come in, and we delete their accounts as they do -- except with our paying members. We ask them if they really want to cancel? In ALL cases but one, we have received replies stating it was an accident.

Or are you using AOL 9.0 and accidentally clicked the submit button before reading the full text of the post?

AOL is quite reasonable

[arglesnaf]

As a matter of fact AOL handles this quite reasonably. The secret is reverse resolution.

I am postmaster and in the IT security department of a fortune 150 Office Supply company. We started to experience this problem, and contacted AOL. We were added to the whitelist, set up the feedback loop yet we kept getting blacklisted. Spoke with a tech who told us to call the corporate phone number and speak with the "Spam Czar" whose name I cannot recall and cannot locate via google.

After speaking with him we discovered we were still getting blacklisted after around five complaints, when we send thousands of order confirmations to AOL addresses a day. They tracked down the problem, and it was that one of our mail servers did not reverse resolve. We fixed this, and bam, we now take nearly a hundred complaints to be blacklisted.

(You wouldn't believe how many people flag an order confirmation as spam. You also wouldn't believe how many corporate employees forward there email to AOL and flag it as spam, when they forwarded the spam to themselves!)

It was quite embaressing that we were not reverse resolving the host that sends order confirmations. We do send some opt-in marketing, but it originates from a different server.

(Our marketing you opt into while ordering, don't flame me, we do not purchase lists!)

Re:AOL is quite reasonable

[LordWoody]

Reverse DNS, eg: 192.168.1.1 -> mail.yourdomain.com
forward DNS: mail.yourdomain.com -> 192.168.1.1

Woody

Re:AOL is quite reasonable

[Surazal]

I had to deal with this issue a lot while working as a system administrator at the last company I worked at.

I don't know about other domain name servers (like Microsoft's offerings, for instance), but I know in BIND, it's not only necessary to set up the forward resolution of a hostname, for instance:

www.slashdot.org => 66.35.250.151

It's also necessary to explicitly set this up too:

66.35.250.151 => www.slashdot.org

The reason it's necessary to define the reverse hostname resolution is because a hostname may resolve to the same IP address as several, or even hundreds of other hostnames. Rob Malda could have www.shashdot.org, my.slashdot.org, woohoo.slashdot.org all to the same IP address. But the IP address can only reverse-resolve to one hostname by definition. So, you define both the forward lookups and reverse lookups explicitly so that your company network can run smoothly without anyone knoiwing the major hack you just pulled to *get* the thing running. :^)

Sometimes, though, even seasoned admins forget to put in the reverse-lookup rules in there as a matter of oversight. For this reason you see a lot of automated scripts at ISP's that handle hostname maintanance for you.

And, unfortunately, they didn't have this set up at my last job.

(story, boss wants a new server set up, I have to make a phone call to set up the new IP address and hostname to our system adminsitrators at the data center)

Me: "Can you get hostname blah.blah.blah pointing to 10.0.0.123?"
Other Guy: "Sure! Will be going in a few hours or so"
Me: "No problem"

Three hours later...

Me: "Um, I wanted the reverse-lookup tables set up, too."
Other Guy: "What? Why do you need reverse lookup tables?"
Me: "Because half the network applications ever written since the inception of the internet require that be done *every time*. Just like the last 7 times I asked you to do this."

Yeah, I hated my last job. :^)

Re:AOL is quite reasonable

[Lost+Race]

But the IP address can only reverse-resolve to one hostname by definition.

No, one IP address can resolve to many hostnames.

$ORIGIN 0.168.192.in-addr.arpa.
1 ptr hosta.example.com.
1 ptr hostb.example.com.
1 ptr hostc.example.com.

% host 192.168.0.1
1.0.168.192.in-addr.arpa domain name pointer hosta.example.com.
1.0.168.192.in-addr.arpa domain name pointer hostb.example.com.
1.0.168.192.in-addr.arpa domain name pointer hostc.example.com.

Similarly one hostname can resolve to multiple IP addresses.

% host mx1.mail.yahoo.com.
mx1.mail.yahoo.com has address 64.156.215.7
mx1.mail.yahoo.com has address 64.157.4.78
mx1.mail.yahoo.com has address 64.157.4.79
mx1.mail.yahoo.com has address 67.28.114.33
mx1.mail.yahoo.com has address 64.156.215.5
mx1.mail.yahoo.com has address 64.156.215.6

Re:no chance for us...

[techno-vampire]

A few years ago, AOL was known to block all mail from random domains to lower its server load when things got overloaded. I see no reason to think they've stopped.

Oh man don't get me started on this...

[Grimster]

As a web host, we have a BIG problem with AOL just blocking us on a whim, and when you don't get any sort of bounce or refusal from their end your email server THINKS it delivered email properly. Meaning we don't know it's happening until the complaints start.

I host a little over 13,000 web sites, on over 60 servers. We allow people to run CGI and PHP (I mean people wouldn't like it much if we didn't) and as a result we do get the occasional open formmail.cgi or formmail.php being used to spam. We usually catch them pretty fast and it doesn't happen "that" often. But it happens, and before we can stop it there might be several thousand emails sent. Which is enough to get us on AOL's block, we've been silently placed on their block roughly 7 times now. The thing is EACH TIME I signup for this "in the loop" mailing so I am SUPPOSED to get a warning as soon as spam is reported from one of my servers, ok fine, know what? Not one warning, not a single one, and we were still blocked 6 more times after that.

I applaud AOL's efforts at stopping spam, but they've got to get it to be a little less troublesome.

I will say, we haven't been blocked in a couple months now, so MAYBE we're finally on the white list "for real" so here's hoping things ARE improving.

I like earthlink's challenge response better, I'll get a couple of these per day, some are from spam with my domain forged, most are from things like invoices/reciepts/other business, I click the link and jump through the hoops and from then on things seem to flow to that email account from our billing or forum system.