Slashdot Mirror


ISP Responsibility in Fight Against Spam

netpulse writes "Over at CircleID, John Levine shares a letter by Carl Hutzler, AOL Postmaster and Director, blaming irresponsible ISPs as key part of the problem in the long-term fight against spam. Hutzler says: "Spam is a completely solvable problem. And it does not take finding every Richter, Jaynes, Bridger, etc to do it (although it certainly is part of the solution). In fact it does not take email identity technologies either (although these are certainly needed and part of the solution). The solution is getting messaging providers to take responsibility for their lame email systems that they set up without much thought and continue to not care much about when they become overrun by spammers. This is just security and every admin/network operator has to deal with it. We just have a lot of providers not bothering to care.' To which John Levine adds: 'What do we have to do to persuade networks that dealing with their own spam problem, even at significant short term cost, is better for the net and themselves than limping along as we do now?'"

8 of 314 comments (clear)

  1. Not caring? by ZiZ · · Score: 3, Interesting

    Or perhaps just 'getting paid extremely well to host spammers'?

    --
    This flies in the face of science.
  2. Blacklisting them publically. by strredwolf · · Score: 4, Interesting

    For every listing backed by proof, post a large ad in the New York Times saying "THIS ISP SUPPORTS SPAMMERS" with the proof behind it. Enforce the PR leverage.

    --

    --
    # Canmephians for a better Linux Kernel
    $Stalag99{"URL"}="http://stalag99.net";
  3. Re:The problem by scooby111 · · Score: 5, Interesting

    It's not even necessarily the ISP. I know that my mail servers aren't being used by spammers because I monitor them carefully. We have corporate customers that run their own email servers on our IP blocks that are overrun. We try to work with them to close down open relays or even suspend accounts when they seem unwilling or unable to stop spamming, but there's only so much we are able or willing to do to shut down a clueless netadmin's mail server.

    In the end, they'll go somewhere else to spam and we'll lose the revenue.

  4. Sigh by Anonymous+Crowhead · · Score: 3, Interesting

    Longing for the good old days of when you got spam you fired off an email to postmaster, abuse and operator....

  5. Spam from home users? by trawg · · Score: 3, Interesting

    Does anyone have any figures that detail how much spam come from zombie home user PCs? I thought the amount was significant, but the quote in this post seems to imply that the vast majority of it comes from less scrupulous service providers.

    (aside: we host a few websites, one of which we discovered was running an exploitable version of PHPNuke - but not before a spammer did and pumped ~20,000 emails into our queue. I noticed it pretty quickly and deleted them and blocked this webmail software across all these sites lest it happen again - but it was an interesting demonstration to me that spammers look for any and every leverage they can get. I keep a much closer eye on our mail queue statistics now!)

  6. If they make enough money spamming... by VernonNemitz · · Score: 3, Interesting

    Then why aren't spammers already their own ISP outfits? Obviously if spamming is their business, getting obstructive middlemen out of the way is a priority!

  7. we block europe and asia... by bani · · Score: 3, Interesting

    ...at customer request. we give customers switches on their webpage-control-panel and they can block anyone and anything they want. a huge percentage of customers block china, korea, russia, etc. because they dont speak mandarin, cantonese, or read BIG5 or EUC-KR or KOI8. customer's choice. boo hoo for the spammers.

  8. oh really ? Have you tried to call AOL lately? by LullySing · · Score: 3, Interesting

    You know what? When that dude talks about how the problem is solved, maybe he should stop pretending he's above us, and maybe start looking at the kind of system he's got.

    here's a post i made in my blog about a situation that arived because of AOL's "system". Ever since that episode, i haven't been impressed at all by these people.

    --------(start idiotic message from AOL)----------
    Date: Mon, 5 Apr 2004 09:04:13 -0400 (EDT)
    From: postmaster@aol.com
    Subject: AOL email concerns for isp-where-i-work-abuse.net
    To: abuse@isp-where-i-work-abuse.net
    X-Scanned-By: MIMEDefang 2.39

    Dear isp-where-i-work-abuse.net,

    You are receiving this message via our automated "Report Card" process (which helps analyze AOL's Internet inbound mail) because our available data indicate that isp-where-i-work-abuse has risen above the acceptable threshold for complaints:

    Total number of AOL member complaints: 186

    AOL takes proactive steps to contact owners of mail servers whose e-mail transmissions are impairing the functioning of AOL's proprietary e-mail system, or causing significant levels of AOL customer complaints.

    AOL requests that you take immediate steps to resolve the issues identified in this AOL Report Card. In the absence of a satisfactory resolution, AOL reserves the right to take measures to protect its email network and its member goodwill from any possible damage. These measures may include declining to accept e-mail transmissions from isp-where-i-work-abuse.net through AOL's proprietary e-mail network.

    AOL strives to provide the best online experience possible for our members, and we pride ourselves on being intensely focused on consumers and their needs. Email is a core feature of the AOL service, and the proper functioning of AOL's e-mail system is vital to our members' goodwill.

    Please review AOL's e-mail policies and guidelines, as well as other technical details concerning e-mail on the AOL network, at http://postmaster.info.aol.com
    ------------(end message)--------------

    Ooohhh, AOL's proprietary e-mail network. No information that is gonna be any use in determining WHY people are complaining at all. I guess this should not be a surprise, considering this crap is coming in from AOL! So i do the next available thing , i go to the website. Result : No information that is gonna be any use in determining WHY people are complaining at all. But there's a phone number.

    Result of calling 1-888-212-5537:
    *dials phone*
    "The holding time for the next available consultant will be more than ten minutes." ...( silence )
    "Thank you for calling America online ..."
    *spits water all over desk, workdesk and papers*
    (musak)
    (an hour later)
    Hello, this is postmaster helpdesk, can i help you? ...And here i am explaining to the bloke on the phone the situation, namely that we are getting "Report cards" without any kind of information as to why people are complaining, with no headers or anything at all to help us.

    REP:"oh, that's because you don't currently have a feedback loop with us."
    ME : "huh? but we received your report cards in the abusemail box."
    REP:"Yes, but you don't have a feedback loop with us"
    ME :"You know, there are databases on the net where you can get the abuse contact information for ISPs and things like that."
    REP:"Yes, but we made our own database"
    ME :"Couldn't you have used those as a base for your own database?"
    REP:"I cannot comment on that" ... and here are some other juicy interesting tidbits of information from this conversation...

    REP: So what are your mail server's IP adresses.
    ME : We have several : we're an ISP.
    REP: Alright, then give em to me.
    ME : That's why we use DNS names for our mail servers : if one breaks, we change the IP to another server while we fix the previous one.
    REP: So you can't give me the IPs? ...

    --
    Peace and happyness to you, by LullySing ;)