AOL Placed on Spam Blacklist 364
Hacker-X writes "According to this item over at Spam Kings,
AOL has had a large swath of its IP addresses added to the Mail Abuse Prevention Systems (MAPS) Real-time Blackhole List (RBL).
The RBL is used by many corporations and large ISPs to filter spam.
MAPS evidently started blocking the AOL mail servers less than 24 hours after filing a complaint with AOL's abuse desk. The block was initiated in response to spam emanating from AOL mail servers."
Overzealous (Score:5, Insightful)
How does someone seriously justify this? Isn't this like cutting off one's nose to spite one's face?
Maybe it's time to come up with a hybrid system? How about a combinations of black and "gray" lists, where the gray lists are subjected to greater scrutiny or harsher limits by spam filtering software?
Re:Overzealous (Score:5, Insightful)
Re:Overzealous (Score:5, Insightful)
This should be the rude awakening to AOL - clean up your act. Stop allowing spam to be sent, or your users might start getting peeved that their emails aren't getting through. Most rookies have been through this - how embarrassing for AOL to have to go through it to!
Re:Overzealous (Score:5, Insightful)
Re:Overzealous (Score:3, Insightful)
What does this resolve? (Score:2, Insightful)
I can say this well, lets say I know how things work; they have automated spam blocking mechanisms to disable accounts who spam. A majority of accounts used for spamming are compromised, and that is the issue. Repeat offenders are terminated. No questions, and they can not reactivate. Spammers are just password cracking accounts and bulkmailing out of them. It sucks because a few people who do it ruin it for everyone!
I was helping a fellow member who couldn't CC 20 people on his biker club list. So, AOL is aware of the issue and trying their best to crack down on the bulk mail. Adding them to a blocklist WILL NOT stop bulk mail. This shakeup is not gonna "make AOL" doing anything.
Re:Won't miss them (Score:3, Insightful)
irony (Score:2, Insightful)
Re:Won't miss them (Score:4, Insightful)
I'm really glad that e-mail is such a great way to keep in touch with everyone! Even the ones I won't miss
Does that make him yahoo.com!my.cousin@aol.com?
--LWM
Genuine users blocked (Score:2, Insightful)
Now coming to /. /. (before you pounce on me, I have emailed to the id that comes up in the message, got a response that i'm in timeout zone. Forever???)
whenever i try posting from home I get a message announcing "bad postings from your subnet.. hence you have been blocked" Now I have tried connecting to various wireless networks. Still the same message. My karma is 'good'. It implies that most of my postings get modded up. Still I'm BANNED from
Now coming back to the real problem. AOL is a profit driven corporate. Imagine if they insert the names/ids of small time rivals in their list. The poor souls would have no clue what hit them.
Re:Overzealous (Score:3, Insightful)
That is to say - not everybody has the flexability to put in a user-tunable system. Some of the "black-box" systems are more tunable than others, but most of the time, if a black-list is configured - it's "black".
Hmm (Score:3, Insightful)
As much as anyone hates AOL and finds this funny, it is more the entire anti spam community in general, than AOL in the short term.
AOhell (Score:2, Insightful)
Judging by the fact that a large amount of spam we get is from AOL, I can see why they are getting blocked.
AOL profits from these spammers and they know it. Very soon, AOL needs to take control of their spammers and start blocking them. Apparently, this is either too difficult & time consuming for AOL, or they just don't care and know that the profits will just keep rolling in.
There are so many other better alternatives to AOL, I don't even know why people use AOL in the first place. I guess it is all those damn install cds they dump all over the place like rabbit poop.
Re:Overzealous (Score:2, Insightful)
Re:Overzealous (Score:5, Insightful)
AOL is not "special" in that circumstance. The short response timeframe is a little harsh...
Well, if you've had your entire domain blocked by AOL without warning, you might disagree. You might disagree strongly if after contacting AOL, they admitted you were wrongly blocked but they were having trouble figuring out how to unblock you (took a week).
How many double opt-in e-mail lists have been blocked simply because some AOL luser couldn't figure out how to unsubscribe (or didn't even try to) and just hit the report as spam button? (Hint: I know of 3 just off the top of my head.) AOL blocking is automatic. Guilty until proven innocent. Is 24 hours really that harsh given what AOL does to others?
Of course, if we could all convince the idiots that buy from spam to stop buying, this whole problem would disappear on it's own.
Receivers *choose* to use RBLs (Score:4, Insightful)
I've got e-commerce clients that, unable to communicate gracefully with AOL users, would run into trouble with a third or more of their customers. This is not trivial, it's blacklist BS
Is MAPS forcing you to use their lists? No. So what's your problem?
Re:Won't miss them (Score:1, Insightful)
Re:AOhell (Score:5, Insightful)
Bullshit. MCI profits from spammers. You're talking out of your ass. You think they care about the monthly dialup access fees from spammers? AOL until recently had Carl Hutzler, one of the most respected names in anti-spam, who has turned AOL around and made them one of the leaders in anti-spam, from outbound port 25 blocking to SPF. Ask anyone on NANAE
MAPS is run by some righteous little twits driving their fiefdom of an RBL into irrelevance at flank speed. Most responsible admins have moved on to some subset of SORBS, Blitzed OPM, and the Spamhaus XBL, with perhaps SPEWS turned on for advisory data only.
You on the other hand just think you're hot shit because you don't like AOL.
Re:A.O. What? (Score:5, Insightful)
(I posted the following in an earlier discussion on a different topic, but it is 100 percent applicable here.)
I am not an AOL customer, have never been, never will be (at least, not by choice), but I am glad AOL is there to serve the unwashed masses. Because a huge portion of their customer base is, shall we say, "uninformed," AOL has taken a number of measures to protect them (and their network) from malicious traffic. Based on anecdotal observation, it seems to be working.
Because hundreds of people have my "public" email address in their address books, I recive dozens (sometimes hundreds) of virues per week whenever there is an outbreak. However, I cannot recall the last time I received one from an AOL user.
I receive hundreds of (filtered) spam messages daily, but again, cannot recall receiving any from an AOL machine. (This based on source IP address, not the forged FROM line.)
On the flip side, 30-40 percent of spam comes from zombied Comcast and RoadRunner accounts (most from Comcast). The rest come from non-North American IP addresses.
Like I said, limited anecdotal observation, but it appears to me AOL is doing something right, and is the perfect ISP for the "uninformed" user.
Considering the size of their customer base, imagine how much more junk/malicious 'net traffic there would be without AOL.
Re:Overzealous (Score:2, Insightful)
To spammers, hitting the unsubscribe button is no different than saying "I'm here! Look at me, I have an E-mail address that I use! Send more!"
It's just easier to deny a subscription that you don't want, than to risk making 100 more.
Re:Accountability (Score:5, Insightful)
The assumption of anti-spam activists seems to be that spam wouldn't be possible without the knowing collusion of evil ISPs. Obviously, evil, greedy people will only respond to threats to their income. So never mind negotiations -- blacklist 'em until they repent.
Which ignores the difficultly of enforcing a spam policy. You can't just terminate somebody's account the first time somebody accuses them of spamming -- it's not fair, and will probably get you sued. Having worked at an ISP, I can tell you they get lot of bogus spam complaints, mostly from people who don't know how to figure out who owns an IP block, or who misread mail logs. And in some cases, the owner of the IP block just rents rack space to the SMTP provider. Which may well do a poor job of policing spammers -- but you have to make some attempt to get them to improve before you ditch a customer who's paying you tens of thousands of dollars a month.
MAPS and their ilk also seem totally ignorant of Hanlon's Razor [jargon.net]. Very often ISPs assign their abuse issues to unsocial geeks whose communication skills and capacity for objective thought is quite limited. So of course they return MAPS's arrogant ignorant anger with more of the same. The resulting interaction is not conducive to solving the problem.
So yeah, ISPs are not blameless. But they're not the greedy bastards the stupid bastards at MAPS like to get mad at.
Re:UPDATED (Score:1, Insightful)
Use RBL for TEMPORARY (4xx) rejections (Score:3, Insightful)
This way the accidentally blacklisted server has several days to straighten things out while the really spammy server gets overloaded with huge mail queue.
Using my skem [virtual-estates.net] milter is one way to do that intelligently... :-)
The only way this is ever going to work ... (Score:2, Insightful)
There are a couple of foreseeable problems:
1. Someone is always going to hire a spammer (viagra merchants, member-enlargment firms, etc.). The problem won't ever completely go away.
2. It could be used as a means of forcing competition out of business (eg., Microsoft hires a spammer to create fake Linspire spam or vice-versa).
3. Pure accidents - some idiot clicks the wrong button in their mailing software and the the internal corporate viagra offer goes out to all the customers on the lawn-mower sales list.
4. Someone just decides to be an a-hole about things.
Of the problems listed above, #1 and #3 already exist. #2 and #4 are hypotheticals, but could actually happen.
The only thing we haven't done in the entire process of blocking spam, is to hold the original advertisers responsible. Instead, we go after the spammers, ignoring the fact that they have to get their money from somewhere.
Re:Receivers *choose* to use RBLs (Score:5, Insightful)
So in the end no one is accountable. The ISP doesn't make the list MAPS does, so it's not their fault. MAPS says no one has to use their lists so it's not their fault they just make the list. Any collateral damage is just a figment of your imagination. Nobody's fault, nobody's problem.
This is the major issue I have with many spam lists. You are fed this circular logic and the only way to break the circle is to change ISPs and hope you don't have a problem again.
Re:Overzealous (Score:2, Insightful)
Viruses? Mark them spam.
Mailing list you subscribed to, but can't be bothered to use a web or email based tool to unsubscribe? Mark it spam.
But the problem is that all the other email coming from the same ISP no longer gets to any AOL recipients.
I supposed you advocate buldozing all the houses on the block that has an alleged gang or drug house?
How about incarcerating everyone with the same last name as each and every convicted felon?
Drive by shooting from a blue Pontiac? Impound all blue Generals Motor vehicles, that will take care of it.
I am. (Score:5, Insightful)
It is people like me who use the RBL's and have my email server setup to reject (with proper attribution) email from sites on the RBL's. The person sending you the message will get their message kicked back to them with a very clear "We rejected your message because your domain/IP address is on a blacklist at www.xxx.xxx".
How much easier does it get then that? Simple. I read the logs and the discussions. I've only had one problem since I put in the blacklists. And that was from a company with BellSouth who had had other problems with blacklists because BellSouth didn't handle the IP addresses correctly.
Now, balance that against the thousands of rejected spams EVERY SINGLE DAY and the course is clear.
With less than
so what's the problem? (Score:3, Insightful)
As for all the whiners complaining about being blacklisted, you don't have a 'right' not to be blacklisted. You don't have a 'right' to send your email to people who've decided they don't want it - and they have decided this, because they're using the blacklist. If they *do* want your email they'll stop using the blacklist that blocks you.
Time to get over yourself. You have no right to send email to anyone you please. Anyone can block you at any time, for any reason, and there's nothing you can do about it. Hell, I use a whitelist for my home network and that means that unless I know you your mail will NEVER get through. Are you going to tell me that I don't have a right to reject your mail out of hand?
Max
Re:Overzealous (Score:2, Insightful)
Why do kneejerk idiots on Slashdot assume that nobody actually subscribes to email newsletters? Newsflash - there are millions of genuine confirmed opt-in newsletters and mailing lists related to commercial products. And these mailing lists, which are not spam by anyone's definition, have a genuine problem with being blocked by overzealous spam reports.
(By "genuine confirmed opt-in" I mean that your name is only added if first you fill out a dedicated form, and then you reply to the first email from the list to confirm that you want to be on it. Do you accept that there is a faint possibility that people who join such lists might actually be soliciting email?)
If I'm wrong, I'm wrong, but Spammers Lie and that's a fact.
Spammers lie, yes. How the fuck does that justify accusing people of lying when you have NO EVIDENCE WHATSOEVER that they are spamming?
You are clearly rude as well as stupid.