Slashdot Mirror

← Back to Stories (view on slashdot.org)

AOL Placed on Spam Blacklist

Posted by Zonk on from the it-wasn't-there-before? dept.

Hacker-X writes "According to this item over at Spam Kings, AOL has had a large swath of its IP addresses added to the Mail Abuse Prevention Systems (MAPS) Real-time Blackhole List (RBL). The RBL is used by many corporations and large ISPs to filter spam. MAPS evidently started blocking the AOL mail servers less than 24 hours after filing a complaint with AOL's abuse desk. The block was initiated in response to spam emanating from AOL mail servers."

15 of 364 comments (clear)

  1. Overzealous by Oculus+Habent · · Score: 5, Insightful

    Overzealous RBL admins screw everyone. If they think everyone is going to sit back and not mind that major ISPs like AOL have been blacklisted, they are (hopefully) if for a rude awakening.

    How does someone seriously justify this? Isn't this like cutting off one's nose to spite one's face?

    Maybe it's time to come up with a hybrid system? How about a combinations of black and "gray" lists, where the gray lists are subjected to greater scrutiny or harsher limits by spam filtering software?

    --
    That what was all this school was for... to teach us how to solve our own problems. -- janeowit
    1. Re:Overzealous by Dionysus · · Score: 5, Insightful

      How about people stop using RBLs if it bothers them that certain ISPs get blocked?

      --
      Je ne parle pas francais.
    2. Re:Overzealous by PDXNerd · · Score: 5, Insightful

      So it's OK to blacklist a little guy that has a misconfigured/hacked email server that is spitting out spam, but if a big fish does this, we should justify and make excuses for them??

      This should be the rude awakening to AOL - clean up your act. Stop allowing spam to be sent, or your users might start getting peeved that their emails aren't getting through. Most rookies have been through this - how embarrassing for AOL to have to go through it to! ;-)

    3. Re:Overzealous by FortKnox · · Score: 5, Insightful

      Being in a blacklisted IP-Range before, I can share your frustration. But I do believe the motives behind this isn't to keep AOL blacklisted, but to motivate AOL to fix their outgoing spam problems. Nothing says "Fix people spamming from your service" like thousands of angry customers...

      --
      Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
    4. Re:Overzealous by ShaniaTwain · · Score: 5, Funny

      How about a combinations of black and "gray" lists, where the gray lists are subjected to greater scrutiny or harsher limits by spam filtering software?

      What about silver lists that block AOL cd's?

      --
      Starsucks
    5. Re:Overzealous by Saxton · · Score: 5, Informative

      Well, it looks like things got turned around anyway:

      [UPDATE: Looks like MAPS changed its mind. As of Tuesday afternoon ET (GMT -4:00), AOL's listing at the MAPS site is gone, and a lookup shows AOL's mail servers no longer seem to be on the MAPS RBL list. No word yet on whether AOL resolved the spam problems, or if MAPS just decided to give AOL more time.]

      --
      My name is Aaron Landry, and I approve this message.
    6. Re:Overzealous by Oculus+Habent · · Score: 5, Interesting

      AOL is not "special" in that circumstance. The short response timeframe is a little harsh, but I don't keep up on my blacklist policies, so I can't compare it to others.

      I don't disagree with you. AOL shouldn't get preferential treatment because they are big, but blacklisting major ISPs comes with the very real possibility of hurting many other businesses by association. Yes, the same is true of the little guys, but the potential loss rate is likely much lower.

      That's why I suggest the gray/black list combo. If you could graylist someone immediately, and use that as a means for stricter spam control - combine it with Known Good Senders, whitelists, better heuristics or tougher Bayesian filtering - while mitigating the potential for lost business by not outright blocking all messages, I think that is an amicable solution. Blacklisting then becomes the consequence for not resolving your spam problem, not for simply having one.

      --
      That what was all this school was for... to teach us how to solve our own problems. -- janeowit
    7. Re:Overzealous by Matts · · Score: 5, Informative

      You need to look at the facts a bit closer. AOL *has* cleaned up its act, more than anyone else on the entire internet. It's stunningly clean for an ISP of its size.

      This was caused by one spam. Let me just repeat that: out of 60 million users MAPS saw one spam coming from AOL's outbound mail servers.

      Now AOL does have a set of IPs out of which some spam does emanate - the rlyIPXX block (64.12.138.(7-9)). This is the IPs that they redirect direct-to-port25 mail through, and they actively encourage people to block this range. It's been publicly stated that they intend to shut this activity down real soon now, but in the meantime most people just block that range and don't see a problem.

      Check the anti-spam newsgroups and mailing lists some time. AOL is hugely respected in anti-spam terms these days. And deservedly so.

      --

      Matt. Want XML + Apache + Stylesheets? Get AxKit.
    8. Re:Overzealous by jenkin+sear · · Score: 5, Informative

      I have to agree. We run some very large (1MM subscribers) mailing lists for our customers - not spam, just company announcements and such. AOL had a great process for getting whitelisted with them- they checked that you were legit, that your mail servers handled bounces correctly, and that your systems were rfc whatever compliant.

      Compared to Yahoo and MSN/Hotmail, AOL is completely buttoned down and has their act together.

      --
      What a strange bird is the pelican, his beak can hold more than his belly can.
    9. Re:Overzealous by berzerke · · Score: 5, Insightful

      AOL is not "special" in that circumstance. The short response timeframe is a little harsh...

      Well, if you've had your entire domain blocked by AOL without warning, you might disagree. You might disagree strongly if after contacting AOL, they admitted you were wrongly blocked but they were having trouble figuring out how to unblock you (took a week).

      How many double opt-in e-mail lists have been blocked simply because some AOL luser couldn't figure out how to unsubscribe (or didn't even try to) and just hit the report as spam button? (Hint: I know of 3 just off the top of my head.) AOL blocking is automatic. Guilty until proven innocent. Is 24 hours really that harsh given what AOL does to others?

      Of course, if we could all convince the idiots that buy from spam to stop buying, this whole problem would disappear on it's own.

  2. Accountability by winkydink · · Score: 5, Interesting

    I'm a big fan of MAPS, but one would think that over the years they've developed some very high-level contacts over at AOL and that they would call these guys up and talk it out before undertaking a major blacklisting.

    Some BL lists have no published way to get off once on. There should be some consistency to at least getting removed. I speak from experience of having "inherited" an IP addr from my hosting provider that was formerly an open-relay. It took a lot of effort over 2 weeks to clean that mess up.

    --

    "I'd rather be a lightning rod than a seismometer." -Ken Kesey

  3. this is out of hand by nganju · · Score: 5, Interesting


    FTA:
    "the RBL blacklist is used by some of the biggest ISPs in the world, including RoadRunner, USA.net, BT, Telstra -- and AOL itself"

    I could send an email from my own account, to my own account, and it would be deleted as spam.

    --
    There are 2 kinds of people in this world. Those that can keep their train of thought,
  4. why is anyone still using MAPS? by frankie · · Score: 5, Interesting

    MAPS stopped being a reputable service ever since they joined MFN/Abovenet. I say this as someone who previously supported MAPS and even donated to their legal defense fund.

    It was quite sad to see them fall to the dark side. It's even sadder to see that MAPS is still in active use by anyone outside of MFN.

  5. Re:A.O. What? by TFGeditor · · Score: 5, Insightful

    Actually, this surprises me as an exception rather than the rule as far as AOL is concerned.

    (I posted the following in an earlier discussion on a different topic, but it is 100 percent applicable here.)

    I am not an AOL customer, have never been, never will be (at least, not by choice), but I am glad AOL is there to serve the unwashed masses. Because a huge portion of their customer base is, shall we say, "uninformed," AOL has taken a number of measures to protect them (and their network) from malicious traffic. Based on anecdotal observation, it seems to be working.

    Because hundreds of people have my "public" email address in their address books, I recive dozens (sometimes hundreds) of virues per week whenever there is an outbreak. However, I cannot recall the last time I received one from an AOL user.

    I receive hundreds of (filtered) spam messages daily, but again, cannot recall receiving any from an AOL machine. (This based on source IP address, not the forged FROM line.)

    On the flip side, 30-40 percent of spam comes from zombied Comcast and RoadRunner accounts (most from Comcast). The rest come from non-North American IP addresses.

    Like I said, limited anecdotal observation, but it appears to me AOL is doing something right, and is the perfect ISP for the "uninformed" user.

    Considering the size of their customer base, imagine how much more junk/malicious 'net traffic there would be without AOL.

    --
    Ignorance is curable, stupid is forever.
  6. Re:Receivers *choose* to use RBLs by zakezuke · · Score: 5, Insightful

    Is MAPS forcing you to use their lists? No. So what's your problem?

    So in the end no one is accountable. The ISP doesn't make the list MAPS does, so it's not their fault. MAPS says no one has to use their lists so it's not their fault they just make the list. Any collateral damage is just a figment of your imagination. Nobody's fault, nobody's problem.

    This is the major issue I have with many spam lists. You are fed this circular logic and the only way to break the circle is to change ISPs and hope you don't have a problem again.

    --
    There is no sanctuary. There is no sanctuary. SHUT UP! There is no shut up. There is no shut up.