Slashdot Mirror
AOL Placed on Spam Blacklist
Hacker-X writes "According to this item over at Spam Kings,
AOL has had a large swath of its IP addresses added to the Mail Abuse Prevention Systems (MAPS) Real-time Blackhole List (RBL).
The RBL is used by many corporations and large ISPs to filter spam.
MAPS evidently started blocking the AOL mail servers less than 24 hours after filing a complaint with AOL's abuse desk. The block was initiated in response to spam emanating from AOL mail servers."
Overzealous RBL admins screw everyone. If they think everyone is going to sit back and not mind that major ISPs like AOL have been blacklisted, they are (hopefully) if for a rude awakening.
How does someone seriously justify this? Isn't this like cutting off one's nose to spite one's face?
Maybe it's time to come up with a hybrid system? How about a combinations of black and "gray" lists, where the gray lists are subjected to greater scrutiny or harsher limits by spam filtering software?
That what was all this school was for... to teach us how to solve our own problems. -- janeowit
I don't want to hear from anyone who uses AOL anyways.
No smoking sigs indoors.
Is that where spammers go when they've been bad? AOL?
now if we could just seal the whole thing up in duct tape then we'd be done with the whole problem!
But what about the innocent users? havent they suffered enough? they're on AOL for gods sake.
Starsucks
You mean AOL isn't the only one forwarding spam?
I'm a big fan of MAPS, but one would think that over the years they've developed some very high-level contacts over at AOL and that they would call these guys up and talk it out before undertaking a major blacklisting.
Some BL lists have no published way to get off once on. There should be some consistency to at least getting removed. I speak from experience of having "inherited" an IP addr from my hosting provider that was formerly an open-relay. It took a lot of effort over 2 weeks to clean that mess up.
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
HA HA!
Hokey statistics and ancient misconceptions are no match for a good thought in your head, kid!
I have been filtering AOL along with many other free email hosts, straight to the trash. If I know someone with an email there, I whitelist them.
I just about spewed my lunch across my lovely dual monitors... don't do that!
Damien
AOL is definately a group that deserves a bit of their own treatment. I've found so many networks get blocked for insignificant things. I have a mailing list of just my members, and no one else. Because one person accidently hit "Abuse" (of the 40 AOL people on the list), we were blacklisted. Not just an IP, but a
It's not the first encounter I've had with AOL. Anyone who sends mail eventually finds themselves blacklisted with AOL. They're just a pain in the ass. Unfortunately, you can't just convince anyone using AOL's email to switch to someone else. If only it were so easy.
At one time, AOL blacklisted my home IP. It was a static IP, which I was the only user of. I don't know which genius did it, but someone who I was personally mailing (like, not even Bcc lists or newsletters) must have hit the abuse button.
I'm sure it helps them out. If they can knock out 25% of their mail load at any given time, it's 25% less mail they have to process. Who cares which 25%, eh?
Serious? Seriousness is well above my pay grade.
You can please some of the people some of the time... but this should just about please everyone :)
Support NYCountryLawyer RIAA vs People
This doesn't resolve anything except make end users on both sides angry. This is very unproductive for both parties.
I can say this well, lets say I know how things work; they have automated spam blocking mechanisms to disable accounts who spam. A majority of accounts used for spamming are compromised, and that is the issue. Repeat offenders are terminated. No questions, and they can not reactivate. Spammers are just password cracking accounts and bulkmailing out of them. It sucks because a few people who do it ruin it for everyone!
I was helping a fellow member who couldn't CC 20 people on his biker club list. So, AOL is aware of the issue and trying their best to crack down on the bulk mail. Adding them to a blocklist WILL NOT stop bulk mail. This shakeup is not gonna "make AOL" doing anything.
I say we put AOL on all the blacklists and push them back off of the intarweb!
I say we take off and nuke them from space!
It's the only way to be sure.
FTA:
"the RBL blacklist is used by some of the biggest ISPs in the world, including RoadRunner, USA.net, BT, Telstra -- and AOL itself"
I could send an email from my own account, to my own account, and it would be deleted as spam.
There are 2 kinds of people in this world. Those that can keep their train of thought,
To me this is ironic, because AOL is currently refusing e-mail from my server, due to unspecified (and assuredly inaccurate) allegations of spam coming from it.
http://alternatives.rzero.com/
MAPS stopped being a reputable service ever since they joined MFN/Abovenet. I say this as someone who previously supported MAPS and even donated to their legal defense fund.
It was quite sad to see them fall to the dark side. It's even sadder to see that MAPS is still in active use by anyone outside of MFN.
Now we need to find a way to black-hole all of the AOL CDs being spamed to my snail mail address!
Google is getting blocked to spam too:
This is an automatically generated Delivery Status Notification
Delivery to the following recipient failed permanently:
[an address forwarded to gmail.com]
Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 10): 554 Service unavailable; Client host [64.233.184.203] blocked using bl.spamcop.net; Blocked - see http://www.spamcop.net/bl.shtml?64.233.184.203
--
The address: 64.233.184.203 is wproxy.gmail.com
Now coming to /. /. (before you pounce on me, I have emailed to the id that comes up in the message, got a response that i'm in timeout zone. Forever???)
whenever i try posting from home I get a message announcing "bad postings from your subnet.. hence you have been blocked" Now I have tried connecting to various wireless networks. Still the same message. My karma is 'good'. It implies that most of my postings get modded up. Still I'm BANNED from
Now coming back to the real problem. AOL is a profit driven corporate. Imagine if they insert the names/ids of small time rivals in their list. The poor souls would have no clue what hit them.
fuvoo: watch something
Because customers are paying them to do it. If Kelkea (the new MAPS owners) lose enough business because they put a large chunk of AOL on their blacklist, then they'll think twice before making large decisions like this.
However, my guess is that they won't lose any business at all.
You've fought them for blacklisting your client's what?
Oh, you don't know the difference between possessive and plural. How long have you been using this language?
While I'm delivering pedantry, I may as well also point out that an IP-based blacklist containing every AOL IP in existence would not stop spoofed AOL mail. It's spoofed; it's not coming from AOL's relays.
I quit using MAPS years ago because it was no longer effective, especially for business use. Their solution to one spam from a customer of a large ISP is to block the whole ISP or, if you were lucky, just the whole contiguous IP space that one spam came from. Still, this meant something like a quarter of the Fourtune 500 had mail servers being blocked, which is unacceptable for a business-to-business email server. Worse, it rarely blocked much spam.
In fact, I just searched the MAPS RBL for the last ten spams rejected by my mail server and only two of the hosts were listed in the MAPS RBL.
It seems like the anti's aren't doing themselves much good at the moment, when events like this hit the news, the block lists just loose credit in people's minds
As much as anyone hates AOL and finds this funny, it is more the entire anti spam community in general, than AOL in the short term.
Business Voyeur
AOL is listed on SpamCop too. http://www.spamcop.net/w3m?action=checkblock&ip=20 5.188.157.37
Running a small web hosting company, I use RBLs, but I would never consider using one with lunatics in charge (e.g. MAPS) just because it would generate too many compliants from my clients.
That said, I am glad there *are* people using MAPS, and I have absolutely no sympathy for AOL. They have some of the most idiotic and overzealous spamfilters on the planet, and I've been burned by them on a number of occasions. My server IPs have never been on any public blacklist, and I've never had any trouble getting email to other mass providers (Hotmail, Gmail, Yahoo). But there has been a steady stream of problems with AOL.
As far as I'm concerned, if this hurts them, good. They're getting a taste of their own medicine.
[UPDATE: Looks like MAPS changed its mind. As of Tuesday afternoon ET (GMT -4:00), AOL's listing at the MAPS site is gone, and a lookup shows AOL's mail servers no longer seem to be on the MAPS RBL list. No word yet on whether AOL resolved the spam problems, or if MAPS just decided to give AOL more time.]
I've had many years of emails I've sent to users at AOL accounts simply vanish into the ether. No bounces, no receiving of the emails on the other side. Maybe this will wake them up to some type of responsibility of running a accurate and reliable mail service, and policing their own users to weed out the bad apples.
Apparently AOL got their heads out of their collective asses. MAPS pulled the entries as of noon Eastern time (-5 GMT).
First rule of holes; When in one, stop digging.
AOL has had a large swath of its IP addresses...Sorry I can't show you this listing.
Judging by the fact that a large amount of spam we get is from AOL, I can see why they are getting blocked.
AOL profits from these spammers and they know it. Very soon, AOL needs to take control of their spammers and start blocking them. Apparently, this is either too difficult & time consuming for AOL, or they just don't care and know that the profits will just keep rolling in.
There are so many other better alternatives to AOL, I don't even know why people use AOL in the first place. I guess it is all those damn install cds they dump all over the place like rabbit poop.
He who knows best knows how little he knows. - Thomas Jefferson
On my systems, if Spamhaus XBL returns 127.0.0.x the connection is severred BEFORE transfer. You're not wasting my bandwidth, processing, disk space, time!
I'm also in favor of blocking country TLD's that I don't deal with on a regular basis. Strangely, I have no customers in Russia, China, Poland, Korea and many other less significant nations.
In my "house" the spam tripwires are very sensitive and when they get tripped, the tripper is outa there, Baby!
AOL LOL
People who use RBLs with overzealous admins, and force everyone on their network to use them as well suck. For your own personal server, just stop using MAPS RBL. What sucks is when you have BOFH types using RBL lists at ISPs, where individual users have no control over how their mail is filtered. On the other hand, AOL is overzealous with their own spam blockers, so meh. (Third hand: how much you want to bet AOL gets taken off the list the second they fix the problem, unlike small ISPs)
autopr0n is like, down and stuff.
No, for most people these filters are implemented at their ISP, and they have no control over it.
autopr0n is like, down and stuff.
One of my most frequest complaints from my customers has to do with their inability to send email to AOL customers. AOL has shown little restraint when it comes to blacklisting others. This is a nice wake up call for AOL. Live by the blacklist, die by the blacklist.
How's your Portuguese? Bitch!
Vá foder-se.
Inigo Montoya, you sent me SPAM, prepare to die.
I've got e-commerce clients that, unable to communicate gracefully with AOL users, would run into trouble with a third or more of their customers. This is not trivial, it's blacklist BS
Is MAPS forcing you to use their lists? No. So what's your problem?
My next sig will be ready soon, but subscribers can beat the rush
...but what will I do with my remaining 67578 free hours?
-- often wrong; never in doubt
Now maybe MAPS has put the last nail in its own coffin. In the beginning I could see the reasoning (no better solution) but as time has passed so has their usefulness, and honestly their integrity (if they ever had any, I didn't follow it that closely).
Quack, quack.
HA HA HA HA! I didn't get the joke
sarchasm
mostly funny because of the last aol ad i saw on tv. it depicted two aol employees walking into the corporate office, as the doors shut behind them on some solicitor yelling about 'great' stuff. on another note - of the 8 pieces of spam in my (free as in promo) aol account's mailbox, 7 are from inside aol.
well, with less spam today I cannot say I am complaining at all...
And really.. my rbl and filtered spambox only has a couple hundred spams in it, whereas it normally has ~600 by this time...
I might blackhole aol mails after this just to cut down on my daily intake of the processed pig.
anime+manga together at last.. in real time.
RTFA y'all
Karmic retribution at its finest!
"I worked hard for it. I deserve it. And I have it," Campbell said. "It's all mine."
Isn't that like having flames emanate from my ass after eating at Taco Bell?
Or is it more like people emanating from a theatre during a screening of "Gigli: Special Edition"?
Surprise, surprise!
Tag lost or not installed.
I would have blocked AOL just on principal. I mean, who actually uses AOL?
Spam is good innovative capitalism.
Only communists want to stop spam. I live in the United States of American, and therefore, can do what I like.
What I hate are those fscking CDs AOL keeps sending. Some of the cases are ok, but in general they're a pain in the ass. Hey, AOL, WE DON'T NEED YOUR STUPID 'FREE' CDs!!!
Heh, I don't want your clients.
You'd be suprised how few businesses would suffer from blocking AOL completely. I blocked 'em off ten years ago and I'm doing just fine, thank you.
Until AOL implements SMTP (what they do now isn't SMTP, it's their own bastard email protocol - SMTP requires a live human to monitor the postmaster address) nobody should talk to them.
You're just encouraging them (and others) to blow off the RFCs when you allow them to talk to your mailserver.
welcome our new AOL-blacklisting overlords.
I don't know anyone that uses MAPS - which makes it nobody right?
I tried to send a link the other day for an innocuous fun holiday site to my in-laws and AOL blocked it. For 2 weeks I couldn't send my brother e-mail at AOL because they were blacklisting my domain even though it was due to an incorrect IP address in THEIR system. Finally today I got a call from a business associate telling me her e-mail couldn't get through to my work account (different mail account than above) because SpamCop had sent back a message stating it was blacklisted. After some research on the IP address and some snooping, sure enough, I confirmed it was Blacklisted. I had my admin open the filter for that particular IP address but I doubt we'll be seeing much AOL e-mail on either server for a while... KARMA'S A BITCH-EH AOL??????
how did you get un blacklisted? Some of these places have no contacts and no way to get out of blacklist or to even find out how you were placed in. Can anyone share how they got off a list? The steps involved and the timeframe. Everyone likes to joke about AOL but it is serious stuff to be wrongly accused because someone near your ip MIGHT have sent a single spam.
finally somebody has the fucking balls to tell it like it is
AOL was blocked from 1 spam email coming from a server. RTFA. That is ridiculous. AOL is one of the few ISPs that is active against spam and is very progressive in the field. They don't send out any spam, dont let their customers, etc... If you get caught sending spam on purpose you'll never be a customer again. If you're infected, AOL's outbound spam filters will 99.9% of the time stop it. Yes that is right, AOL scans inbound and outbound during a service for the internet. People bitch and moan when they get black listed, well don't send email that users might not want or interpret as spam. AOL listens to their customers, if the customer says its spam, then its spam regardless of what you say.
Regards,
Steve
Wow, MAPS is up to their usual shoot-now-ask-questions-later approach. Reminds me of times not long ago... We stopped using MAPS after the last incident, and our level of spam has not increased that I've noticed. I encourage others to try for a few days without MAPS (SORBS and spamcop seem all right) to see if they really notice a difference.
let me tell you that the folks staffing MAPS today bears little resemblance to the MAPS of a few years ago.
I remember a while back when AOL did something similar. They just arbitrarily decided to block any mail from a server whose reverse lookup was a dsl host of some sort.
I have business class DSL and run my own server and was un able to e-mail anyone I knew on AOL for a short time. At that time I had a host who wouldn't reconfigure the reverse lookups.
However, working for a college, I understand the problems this will create. A lot of people out there have AOL accounts, either because they don't want to have to think while they are online or that is all they can get. Believe it or not, the latter does occur in some places, but it is fewer and farer between.
LOL
He who knows best knows how little he knows. - Thomas Jefferson
Dear Internet user:
Since you haven't responded to the mountians of CDs we have mailed you, we thought an email was appropriate.
AOL is not only fast, fun, and ultra cool, but you can have it at the amazingly LOW price of $21.95 a month. This gets you all the great AOL content and some must have tools like the anti-spam and pop-up blocker.
Don't delay any longer. Sign up today!
AOL
This way the accidentally blacklisted server has several days to straighten things out while the really spammy server gets overloaded with huge mail queue.
Using my skem milter is one way to do that intelligently... :-)
In Soviet Washington the swamp drains you.
It would be very nice of RBL managers could give me data such as size of affected blacklist, estimated % of traffic that is bad, and other factors so that I could combine that with my own criteria to manage the spam.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
A medium-sized ISP with 10,000 customers with 10% of outgoing mail being spam should be treated the same as a mega-ISP with 10% of its outgoing mail being spam.
Same goes if the % is 99% - in that case I'd blackhole them entirely no matter how big or small they were.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Many ISPs exempt their own networks from filtering... particularly blacklists, etc.
I use Spam Sleuth Enterprise and it uses the IP blacklists as one of many determinations.
The e-mail servera that simply rely on the RBL for a go/no-go answer are asking for trouble.
Paul Vixie sold a service that the community built to his long time companion - David Rand. Rand is a sleezy operator and has been for a long time, he has done shady things with Abovenet and people who cross him in any way (not nec. spamming) seem to end up on the MAPS RBL's.
Kelkea and Rand are doing this because they want to become the defacto "reputation rating" vendor on the net (because facist BLs are falling out of favor for more agile types of spam blocking, like URL BLs), so he/they are trying desperation measures - think Verisign type stuff. All your email belongs to us.
is to go after the people who are advertising through spammers. If you hold those businesses responsible for the spam, then they will stop seeing spam as a reasonable option.
There are a couple of foreseeable problems:
1. Someone is always going to hire a spammer (viagra merchants, member-enlargment firms, etc.). The problem won't ever completely go away.
2. It could be used as a means of forcing competition out of business (eg., Microsoft hires a spammer to create fake Linspire spam or vice-versa).
3. Pure accidents - some idiot clicks the wrong button in their mailing software and the the internal corporate viagra offer goes out to all the customers on the lawn-mower sales list.
4. Someone just decides to be an a-hole about things.
Of the problems listed above, #1 and #3 already exist. #2 and #4 are hypotheticals, but could actually happen.
The only thing we haven't done in the entire process of blocking spam, is to hold the original advertisers responsible. Instead, we go after the spammers, ignoring the fact that they have to get their money from somewhere.
"My God...it's full of trolls!"
I've got some problems right now with AOL that blacklisted a complete class of adresses in which my mail server belongs. The catch is this server sits next to me, I closely monitor it, and it never generated any spam. I got caught in a spam cross-fire and there's NO way I can get in touch with someone there that manages that ban list (not without wasting a complete day over the phone at least, I gave up after 2 hours).
Oh and the nice thing is it's not even sending you a message back nor smtp server response, it just closes the connection. Nice when you're trying to figure out what's wrong.
Now usually I wouln't care about AOL, the problem is that some board members are using AOL and I can't just go and tell them it's crap and they should open a gmail account or something like that. You don't do that, and besides, they have lots of other contacts and exchanges that work and they would need to have lots more trouble to justify moving to another server.
So basically this is probably pissing not only me but several other people with similar problems. So the way I see this right now is (unfortunately) good for them, and maybe at some point they'll do something to make this better both for their users, but also for people who actually want to contact them as well.
Spamcop and some others at least has some way to tell them "look, we don't spam, test us and remove us from your blacklist, thanks!" Why don't they?
So if anything can put pressure on them to make things better, and show them that they cannot just bully people around without having a taste of their own medecine, I'm all for it, it's a win win in any cases; users get pissed and switch, or they get their act together and things work out like they should.
--- Metamoderating abusive downgraders since my 300th post.
Normally, I'd agree with you. But someone's been using my gmail address in the "From" field of spam messages, and GMail doesn't recognize the bounces from AOL as spam.
All AOL has to do is improve its own spam filtering system to the point of not being harmful to non-AOL customers, and I'd be happy. But they haven't done that.
tasks(723) drafts(105) languages(484) examples(29106)
SMTP is fine with an ignored postmaster address. Indeed, due to the spam problem, having a human monitor a postmaster address is just stupid. The only real way to handle abuse is from out of channel methods like a phone call.
It is people like me who use the RBL's and have my email server setup to reject (with proper attribution) email from sites on the RBL's.The person sending you the message will get their message kicked back to them with a very clear "We rejected your message because your domain/IP address is on a blacklist at www.xxx.xxx".
How much easier does it get then that?Simple. I read the logs and the discussions. I've only had one problem since I put in the blacklists. And that was from a company with BellSouth who had had other problems with blacklists because BellSouth didn't handle the IP addresses correctly.
Now, balance that against the thousands of rejected spams EVERY SINGLE DAY and the course is clear.
With less than
Only Spamcop seems to allow a user to actually file a spam report, although good luck with abuse@* because at least SBC ignores email there.
I've been trying to get 40K+ trojan emails from 64.163.43.* shut down as MAPS isn't blocking it, FTC @ spam@uce.gov doesn't care, abuse@sbcglobal.net doesn't care, etc etc..
I use SpamAssassin and Exim4.
I don't bother processing all the crap from the blacklists. I just reject them with a note that they were found to be in blacklist "X".
I figure that if there is a real person sending it, they'll contact someone where I work through some other means (like a phone call).
Rejecting messages at SMTP time is fine with me.
Shashdot article 2 years from now: AVG becomes the first antivirus software to recognize the following files as malicious: acsd.exe, aim.exe, aolacsd.exe, aoltray.exe, companion.exe, oscore.dll, shellmon.exe, wanmpsvc.exe. The creators of these files target the elderly and computer illiterate by stuffing their snail mail boxes with cds containing copies of the harmful executables. The user is then deceived by the program to believe nonsense such as AOL==email or AOL==The Internet. The viruses apparently migrate from the host computer directly into the minds of the users. Once infected, the users find themselves writing checks each month to AOL for what their corrupted minds perceive as "services" provided by the AOL viruses.
The only known method for disinfection is to have the user's grandson/granddaughter (who is visiting for Thanksgiving) delete the memory (of the host computer AND the user), reinstall the OS and console the user with a gmail invite (which now has 2TB+ of storage and is, of course, still in beta).
I use three RBLs, MAPS will never be part of my RBL list.
MAPS to me are like email zealot extremist. They try to push their weight around like digital age terrorist.
The article says that there were several runs of spam. They did mention that they appeared to be coming from a single spammer, but more then a few spams were being shot out of AOL's cannons.
MAPS is a fairly respectable blacklisting service. We've used them for years. It's a pay-for service and they are usually on the money. Getting removed from maps is a fairly straight forward process too.
Spamcop, on the other hand, is a dog.
- It's not the Macs I hate. It's Digg users. -
AOL does need to clean up there act. They won't allow any emails sent from .ufl.edu domain to reach any of there users. They claim that too much spam is originating from ufl.edu. Looks like AOL is getting a taste of their own medicine.
If you don't have a firewall that can block that class C entirely, you can do the same crudely at your mail host with:
route add -net 64.163.43.0 255.255.255.0 127.0.0.1
[may need some slight tweaks for various OSen]
My mum is on AOL, and half the time I can't respond to her emails because AOL have decided to RBL my ISP's entire subnet because, apparently, someone has been spamming.
Here's the message they send back:
The URL leads to a page telling me that my IP address was responsible for excess floods. Well it wasn't - it must have been someone else on my subnet. When I chased it up with their "feedback loop form" (whatever that might be) they proceeded to completely ignore me.
I'm so glad they finally got a taste of their own medicine!
What exactly is the problem here? People subscribe to blacklists because they think the folks maintaining the blacklist are doing a good job; if they aren't the subscribers will stop using that blacklist. End of story.
As for all the whiners complaining about being blacklisted, you don't have a 'right' not to be blacklisted. You don't have a 'right' to send your email to people who've decided they don't want it - and they have decided this, because they're using the blacklist. If they *do* want your email they'll stop using the blacklist that blocks you.
Time to get over yourself. You have no right to send email to anyone you please. Anyone can block you at any time, for any reason, and there's nothing you can do about it. Hell, I use a whitelist for my home network and that means that unless I know you your mail will NEVER get through. Are you going to tell me that I don't have a right to reject your mail out of hand?
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
.cn, .kr, .za, .biz
'nuff said!
It's that simple.
Be extra sure you won't have spam, and you won't get the ban!
Businesses end up removing the RBL. Nothing like pissed off execs screaming at you after they find out the company smtp server is blocking AOL and 15% of the customer base. If your running a personal email server, sure who cares if you block aol. Like any of your friends use aol. But blocking emails from the world largest isp from emailing your business will result in lost revenue. AOL users won't complain to AOL, they'll just go to the next business on the list.
Have you ever been to a turkish prison?
What in the world would we use for coasters???
hawk, who had to keep himself fromm laughing as he brought in an XP disk for replacement--his wife had thought that it was a coaster
[* shakes head *]
Seems that someone doesn't know better than to speak ill of the BOFH . .
He'll learn . .
hawk, who always buys BOFH's a beer
There's no technical reason for it, and they don't start out that way, but nevertheless it's true. Every single RBL is run by weenies, and only weenies pay attention to them.
AOL had a great process for getting whitelisted with them- they checked that you were legit, that your mail servers handled bounces correctly, and that your systems were rfc whatever compliant.
AOL is *STILL* RFC ignorant!
(Unless abuse@aol.com is working properly again like it should....)
http://spf.pobox.com/
It's not a perfect solution but it's a darn good start to at least legitimizing the sources of email.
Looking in my mail server logs, I'm seeing more people use SPF but there are still way too many domains that don't.
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
A better system imo would be to reach grounds both sides would agree to. Like sending out a warning to the hosting company of that range of ips and if the spam doesn't stop within X hours or they don't hear a reply, then they can block it.
or if preferred, they can set a temporary block for X hours on that range, send the email. after the X hours, the block will be lifted. and if they receive any more reports, then the temporary block will change to days, etc.
just a few suggestions on how these systems can be made better.
HD Trailers
Or you could just write, "Return to Sender" on the CD box and put it back in your mailbox. The Post Office then has to send it back to AOL and bill them for the return postage. If enough people did this, the return postage costs for AOL might get noticed.
If people don't like the RBLs, spam them. Send them fake spam reports from ISPs all over the place. Eventually they won't be able to tell legitimately reported spam from falsely reported spam.
While I'm not a fan of MAPS, AOL isn't much better. They do IP blacklisting just as much as MAPS, and they're even harder to get ahold of when working to get IPs delisted.
I just wish MAPS was an ISP that AOL could blacklist. That would be entertaining.
They had a 'list' of whitelisted mailservers of which our company wasnt a part. We called their admins, they asked us to contact OUR isps to signup their forms so the whole block becomes whitelisted. They wouldnt accept the mailserver admin. They will only accept the ISP itself filling out their coveted forms.
I called the ISP and they went huh?!? The ISP had nothing to do with our mailservers for which we are admins.
I was hoping something like this would happen, so we can tell our AOL customers we're on their blacklist and they're on ours. They should really get out and get a yahoo or gmail email account... where life is normal and people dont have to call their ISPs to fill out forms to get on lists just to send a damn email.
"Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
Everyone who uses the term "double opt-in" to describe that process is a liar, even if some random person attempted to write a definition to support that lie on a web page.
Well I've seen a lot of comments saying it would adversley affect legitimate business to ban the aol domains, my reply to this would be that if the businesses are being affected then they would need to change to a more reliable ISP who takes the concerns of it's subscribers to heart. If you want AOL to change, the only way to do that is to hit the in the only place they care about. If AOL is getting blacklisted, and you can't get email to your subscribers or customers, you change to someone who can make it happen. Large corps only listen to profit. Remove their subscribers, you remove their profits. I think it's about time someone finally showed AOL that they are not immune because they make hunderded of millions on the profit sheet.
I run a few mail servers for many companies, and we have been using RBLs. It's only come up maybe 2-3 times in several years that customers have called wondering why their sender had mail bounced back. We forcably rejected (5xx) mail to provide quick feedback to the sender.
Of course, it's that 2-3 that stand out. We are transitioning to a scoring algorithm, pretty much what SpamAssassin has. Being in 3 or more RBLs means it's probably Spam. In one RBL? Then increase the likeliness in Spam scoring (which is what SpamAssassin does- between 0.5 and 2.0 depending on the list).
This is the way to do it- it stops lists from controlling who you accept mail from, but still uses the services. It requires fair certain to reject mail, and it makes sense.
-M
when you see the word 'Linux', drink!
Have you looked at AOL's SPF records? I recently did, because I was getting spoofed AOL mail through our SPF-checking server. Here it is, from their SPF page:
The "?all" at the end says, "if it isn't from one of our approved servers, don't block it anyway."
You'd have a hard time convincing me to not block you, too, if your IP is truly dynamic. Yes, I know that not all "dynamic" IP blocks are really dynamic, and some ISPs (SBC comes to mind...) are real dicks when it comes to doing proper reverse-DNS for static IPs on business DSLs (SBC even refuses to accept mail from static IPs on SBC DSLs!)...
But over 99% of all DSL traffic to our servers is SPAM or WORMS, and that percentage includes the traffic from the DSL-based mail servers I maintain for clients.
If you've never sent something to us before and you're in an ISP's DSL block, you're going into a 451 bounce hold until I can gather more information. Your MX record better match the IP sending to me, or it's getting classified as an open proxy, and the bounce becomes a 554. Show signs of legitimacy (proper MX records, SPF is nice, etc.), and I'll add your IP to our whitelists, and it doesn't matter WHOSE RBL you're in, your mail will go through.
But don't feel bad. I do business in Mexico and Japan, plus have customers who deal with most of South America, but those countries are all in our "soft bounce" list, for the same sort of investigation.
One of the big necessities we had when picking our current system was that it had to be able to validate an address during the SMTP exchange; it does this by having access to the same database the mail storage back-end uses for deciding where to stuff the message after it is accepted. If it isn't in the database, the message gets rejected before it enters the hard-working parts of the system.
That's just one of the gauntlets it passes through on our system, but it stops 20% of the traffic. Our internal block lists get another 50%, all with the speed of a few SQL queries. The 30% that's left do not impose much load on the other tests, and our whitelists jump over the later tests for recognized senders.
But, if you are like some universities and businesses, and can't reject ANYTHING due to policy, it's a moot point, anyway...
I've noticed that some of my users get over 100 copies of the same spam from the same IP in the space of 45 to 60 minutes. Normally pharmacy or porn spam from compromised dial-ups and all with the same structure and URLs so its the same spammers doing it again and again.
This started about 2 months ago and I didn't understand why and thought it may be broken spamware - but then it crossed my mind that this is most likely an attempt to force delivery to hosts which use greylisting. Unfortunatley greylisting doesn't take into account mailbombs and they'll get through if enough new connections are opened from the same IP, same sender to the same recipient for long enough.
Forced me hack my system to rate limit spam and auto blacklist the source IPs of this crap (at least it stops the 100s of duplicates of the original spam).
They blacklist the entire range of comcast IP's. I can't send mail to any AOLuser without using someone else's mail server. It gets hard and hard to do this. I've never sent spam from my mail server yet I can't get unblocked b/c they won't even respond. I only have to friends on AOL anymore, so I might go ahead and blacklist all of AOL. Everyone else should do the same.
I can testify that it happens. Inteligent people do use the "junk mail" button expecting it would stop mailings they don't want anymore.
Specific incident: My wife subscribed to certain newsletters supplying info on Southern California when she planned our trip to San Diego. After we came back I noticed that she's still getting those on her Hotmail(TM) account, so I told her "you probably don't need these anymore" and she replied "right" and immediately clicked the "Junk Mail" button. She's not stupid (she's actually licensed to cut people up, though she's expected to stitch them up before they leave the OR if they don't die). But she's not aware of spam issues (she hardly gets any spam) and for her "junk mail" is just any commersial mail she gets. More than 99% of it is solicited. And she probably represents the majority of users.