AOL Treats Florida Emergency Alerts Mail As Spam

ScentCone writes "Florida's Indian River County has 4,200 subscribers to their e-mailed emergency alerts, which provide a heads-up on hurricanes, tornados, and other weather events. Subscribers like it, but if they're using AOL mailboxes, those alerts are being treated as spam. All of the subscribers get the mail blast as weather events unfold, and spam pattern detectors are being set off. The county emergency coordinator laments the resulting unreliability of the communication channel, and while few of us at this point think of cross-domain e-mail as reliably mission critical, the AOL-bound portion of a 4200-address blast doesn't seem like much in the spam scheme of things. My experience is that it doesn't take many receivers to mark mail as spam before the domain-wide filters lower some scoring threshold, and the pattern detectors kick in. How many of us run systems that include explicitly voluntary, opt-in e-mail subscription mechanisms which are then reported as spam by the subscribing recipients? This seems increasingly common, and even the whitelisting by smarter recipients doesn't fix it."

Misuse of email?

[nizo]

...e-mailed emergency alerts, which provide a heads-up on hurricanes, tornados, and other weather events...

I think this sums up the problem right here; are these people relying on email to keep them updated on potentially life-threatening situations? Don't get me wrong, these messages shouldn't be marked as spam, but depending solely on these email warnings is seriously asking for trouble, considering how many different things can delay these messages or even cause them to disappear completely. Email wasn't designed to be a bulletproof message delivery system.

Re:Misuse of email?

[El+Cubano]

I think this sums up the problem right here; are these people relying on email to keep them updated on potentially life-threatening situations?

The same can be said of radio, television, and even telephone. The point is that it is an additional means of notification. I.e., if you get the information out via enough different types of media, hopefully everyone will get it.

It's not like they said that the email is now the only way to get the alerts. I presume the National Weather Service still makes the appropriate announcements and the local TV and radio stations also carry the information.

E-mail for emergencies?

[winkydink]

I dunno about you, but I'm going to look to a more universal broadcast media (radio, tv) for emergency info, not, "Hey, the sky's looking kinda dark & ominous, I better go check my email."

Re:E-mail for emergencies?

[JPelorat]

Clearly you've never worked at a facility that didn't allow radios or televisions, or had outside windows easily viewable from all locations.

Some of us work in functional caves, and only get to see the outside world a few times a day. My office, the server room, is like this. I'm in here pretty much all day. Sometimes the drive-home weather is a surprise..

The real problem...

[slavemowgli]

The real problem here is not the fact that spam filters aren't 100% perfect and will give false positives occasionally. FWIW, the real problem is not that people subscribe to (opt-in) mailing lists and then mark the messages they get as spam, either.

The REAL problem is that ISPs and Webmail providers use non-user specific spam filters that allow malicious users to perform what is essentially a denial of service attack. Of course, the users in this particular example who flagged the emails as spam are probably just stupid, not malicious, but I at least could just as well imagine spammers signing up for webmail services, sending each other spam and flagging it as valid email, for example, in an effort to "teach" the spam filter that it's not really spam after all.

The only real solution would be to move to a per-user filter configuration, but it's not clear to me how practical that would be. You could use a bayesian filter with automatic learning that also gets updated when the user reports false positives/negatives, and initially use another system (like SpamAssassin) until the filter is fully trained; but it's not clear what the computing costs of that really are (not to mention diskspace requirements for the token databases).

Considering the fact that signing up for these web-based services is usually free, I think that we will see more of this in the future.

Laziness

[jjeffrey]

The problem here is laziness. So many of us, me included, rather than just unsubscribing from opt-in lists, hit the junk button in our mail client. On my mac that's harmless. When an AOL user does it and the client reports home, it causes chaos. And it takes *forver* to get off these lists. I run a mail forwarding service for some local companies, Yahoo decided I was sending SPAM (I wasn't, but SPAM was being sent to the people I was forwarding mail for). I had to fill in the same form describing my "mailing list policy" three times, each time explaining I don't have a list and therefore don't need a policy..... Current anti spam systems are self defeating. We need something better. SPS is NOT it - http://www.spfsucks.com/ - Domain Keys is better, but really I think we need something better than SMTP. My suggested way forward would be that to be accepted by an e-mail system the mail *must* be signed with the identity of the sender, and their public key listed with a CA. Then before your server accepted the mail you could verify the sender, and SPAMmers could have their certs revoked quite quickly. Would probbaly need to be a government organisaiton though - don't want veriswine doing it.

Nothing to see here, move along

[gasp]

Oh come on! This is news? An organization is sending out a valid and useful message to a list of subscribers, and some of them have an ISP spam filter that misclassifies it as spam? So we jump on the company providing the filter as if this was intentional or policy?

Wake up, false positives for spam filters are not news, and it's disingenuous to have a headline that implies "ooh, look what the evil AOL is doing now..." Bah, FUD.