On Feb 27, 2009, at 7:10 AM, Ken A wrote:
I agree that aol could do a better job of filtering the outbound, but I don't think it's a useless system. We get a few dozen from aol a day unless we have a real problem. I see the mother-daughter conversations (worst), the subscribed lazy user emails - we encourage our mailing list senders to include unsub links - partly to make it easy for _us_ to click and unsub these dummies.
And we see the 'real deal' now and then; usually an exploited php script being abused by spammers, or someone who has had their password sniffed, or stolen. Most of these are users who travel and don't use secure protocols, or have a teenager in the house (the most insecure protocol is adolescence). We appreciate aol's efforts, imperfect as they are.
The math here is easy. 1. The time cost of reading AOL's feedback loop was greater than 2 working hours every day. 2. The number of exploited systems that we received notification about was total of 3 in 2 years of reading that loop. 3. Every one of those exploited systems also got SpamCop reports. 365 x 2 years x 2 hours = 1460 hours minimum (because it rarely took only 2 hours) 1460 hours of effort / 3 compromises = 487 hours, or 3 months of work per compromise. In short, AOL provided zero value to us. Because if a SpamCop user is reporting valid receipts, I report it back to the SpamCop admins and they go have a talk with the user. NOTE: for a small mail sending provider who controls every mail server and customer in their netblock, it probably is useful. It's just useless for colocation providers and generic ISPs. And let's be honest. AOL's effort shouldn't be applauded. It's an autobot which sends false spam reports, nothing more and nothing less. Any autobot which sends false spam reports needs to be shut down. -- Jo Rhett Net Consonance : consonant endings by net philanthropy, open source and other randomness