AOL Placed on Spam Blacklist
Hacker-X writes "According to this item over at Spam Kings,
AOL has had a large swath of its IP addresses added to the Mail Abuse Prevention Systems (MAPS) Real-time Blackhole List (RBL).
The RBL is used by many corporations and large ISPs to filter spam.
MAPS evidently started blocking the AOL mail servers less than 24 hours after filing a complaint with AOL's abuse desk. The block was initiated in response to spam emanating from AOL mail servers."
I'm a big fan of MAPS, but one would think that over the years they've developed some very high-level contacts over at AOL and that they would call these guys up and talk it out before undertaking a major blacklisting.
Some BL lists have no published way to get off once on. There should be some consistency to at least getting removed. I speak from experience of having "inherited" an IP addr from my hosting provider that was formerly an open-relay. It took a lot of effort over 2 weeks to clean that mess up.
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
Isn't that what everyone does with the black lists anyway? I think most of the smarter software packages just use the information as part of their normal weighting systems for determining whether or not to reject a message as spam. Ie, if the message looks spammy, and it is from a site on an RBL, then it probably is spam. If it's just from an RBL, then pass it on as normal.
Throw the bums out!
I don't want to hear from anyone who uses AOL anyways.
Yeah, who wants to do business, say, with tens of millions of people.
I've got e-commerce clients that, unable to communicate gracefully with AOL users, would run into trouble with a third or more of their customers. This is not trivial, it's blacklist BS, and a sign of how that solution to the problem is part of the problem.
Don't disappoint your bird dog. Go to the range.
FTA:
"the RBL blacklist is used by some of the biggest ISPs in the world, including RoadRunner, USA.net, BT, Telstra -- and AOL itself"
I could send an email from my own account, to my own account, and it would be deleted as spam.
There are 2 kinds of people in this world. Those that can keep their train of thought,
MAPS stopped being a reputable service ever since they joined MFN/Abovenet. I say this as someone who previously supported MAPS and even donated to their legal defense fund.
It was quite sad to see them fall to the dark side. It's even sadder to see that MAPS is still in active use by anyone outside of MFN.
AOL is not "special" in that circumstance. The short response timeframe is a little harsh, but I don't keep up on my blacklist policies, so I can't compare it to others.
I don't disagree with you. AOL shouldn't get preferential treatment because they are big, but blacklisting major ISPs comes with the very real possibility of hurting many other businesses by association. Yes, the same is true of the little guys, but the potential loss rate is likely much lower.
That's why I suggest the gray/black list combo. If you could graylist someone immediately, and use that as a means for stricter spam control - combine it with Known Good Senders, whitelists, better heuristics or tougher Bayesian filtering - while mitigating the potential for lost business by not outright blocking all messages, I think that is an amicable solution. Blacklisting then becomes the consequence for not resolving your spam problem, not for simply having one.
That what was all this school was for... to teach us how to solve our own problems. -- janeowit
Who said it bothers some people? They most likely don't get the traffic bill every month. And also since some providers think they can block everyone and whitelist only the one that have signed there agreement I don't really care any more about mailserver who are listed. I only care about national mailserver and the rest is allowed to unlist themselfs. I even think there comes a moment this year or next year that some RFC-issues are being required to mail my mailservers.
I quit using MAPS years ago because it was no longer effective, especially for business use. Their solution to one spam from a customer of a large ISP is to block the whole ISP or, if you were lucky, just the whole contiguous IP space that one spam came from. Still, this meant something like a quarter of the Fourtune 500 had mail servers being blocked, which is unacceptable for a business-to-business email server. Worse, it rarely blocked much spam.
In fact, I just searched the MAPS RBL for the last ten spams rejected by my mail server and only two of the hosts were listed in the MAPS RBL.
So it's OK to blacklist a little guy that has a misconfigured/hacked email server that is spitting out spam, but if a big fish does this, we should justify and make excuses for them??
.. blacklist them (whether they're AOL or a little isp). Of course, you should probably send a message to abuse@ their domain trying to inform them..
NO -- it's not ok to blacklist the little guy either.
If they're misconfigured/hacked, and spitting out spam, sure
Too many lists don't check though. They get a complaint, and bam, blacklist. I run a small web/mail server (300 domains, 16 IPs), and this is highly annoying. We've been blacklisted before because someone complained about a legitimate mailing list they were on. No double-checking, no investigation into the complain, we just got blacklisted immediately.
Most recently, we were blacklisted by SORBS because another system that shares colocation with our server was hacked. Immediately, they blacklisted the entire subnet. This affected us, and numerous other customers that have no affiliation other than sharing colocation space.
I noticed we were on the list when someone in the office complained about not being able to send mail to an address she could send to a couple hours earlier. Upon looking into it, we eventually found out that teh entire subnet was blocked (and we couldn't even request to remove the block), so we contacted our ISP. They told us they had just discovered that hacked system and disconnected it, and tried to get the block removed from SORBS.
In all, our ISP had found and disconnected the system within 3 hours of it being hacked, yet we were on the list at least 24 hours. During this time, none of our customers can send mail to anyone with a provider using SORBS. Our server was fine, their servers are fine, but because of a completely unrelated incident with unrelated people, it affects hundreds more.
The big problem is, it's basically impossible to run a mail server without using RBL's (we tried).. you just get hammered. RBLs are definately useful, but there are too many run by over-zealous admins with basically an itchy trigger finger. Hopefully stunts like this will make people realize the problems with RBLs and maybe we can drop the ones that are run this way.
Speak before you think