Can AOL's "this is spam" feedback loop be abused with a single person responding to a single message many, many times? Inquiring minds want to know. Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita ________________________________________________________________________ DO NOT send mail to the following addresses: davidc@brics.com -*- jfconmaapaq@intc.net -*- sam@everquick.net Sending mail to spambait addresses is a great way to get blocked. Ditto for broken OOO autoresponders and foolish AV software backscatter.
On Feb 24, 2005, at 11:52 AM, Edward B. Dreger wrote:
Can AOL's "this is spam" feedback loop be abused with a single person responding to a single message many, many times? Inquiring minds want to know.
No it can't be abused [by the average AOL user] - when you click the "Report Spam" button the message disappears from your mailbox. I tested this from within AOL version 10.3 for Mac OS X. -- Jeff Wheeler Postmaster, Network Admin US Institute of Peace
It's too bad that about 1/3 of the reported mails are valid opt-in lists. Ahh well -- this is a nice mechanism that AOL provides, IMO. Matt Taber Network Admin WMIS Internet - www.wmis.net -- "If you really want something in this life, you have to work for it. Now, quiet! They're about to announce the lottery numbers..." - Homer Simpson Jeff Wheeler wrote:
On Feb 24, 2005, at 11:52 AM, Edward B. Dreger wrote:
Can AOL's "this is spam" feedback loop be abused with a single person responding to a single message many, many times? Inquiring minds want to know.
No it can't be abused [by the average AOL user] - when you click the "Report Spam" button the message disappears from your mailbox. I tested this from within AOL version 10.3 for Mac OS X.
-- Jeff Wheeler Postmaster, Network Admin US Institute of Peace
On Thu 24 Feb 2005 (12:40 -0500), Valdis.Kletnieks@vt.edu wrote:
On Thu, 24 Feb 2005 12:28:58 EST, Matt Taber said:
It's too bad that about 1/3 of the reported mails are valid opt-in lists.
Proof that any network management or security or anti-spam scheme that implies end users with functional neurons is doomed from the get-go.
I don't understand this complaint - we process AOL TOS Notifications daily and I find perhaps 1 in a hundred or so are not valid complaints. -- Jim Segrave jes@nl.demon.net
At 08:17 AM 3/1/2005, Jim Segrave wrote:
On Thu 24 Feb 2005 (12:40 -0500), Valdis.Kletnieks@vt.edu wrote:
On Thu, 24 Feb 2005 12:28:58 EST, Matt Taber said:
It's too bad that about 1/3 of the reported mails are valid opt-in lists.
Proof that any network management or security or anti-spam scheme that implies end users with functional neurons is doomed from the get-go.
I don't understand this complaint - we process AOL TOS Notifications daily and I find perhaps 1 in a hundred or so are not valid complaints.
I can attest that we do not see the same here as you are seeing (1 in 100). I'd agree more with the 1/3 being stupid AOL users reporting regular messages that were either forwarded from their own account that we host to their AOL account or mailing lists that they signed up for as spam. In fact, I read an interesting email last night that was from AOL scomp because someone with an AOL email address was tired of arguing with someone else they know via email so they just reported it as spam... not realizing that we get a copy of it and are now privy to a personal feud among family members or friends. <sigh> The majority of them though, are messages from lists that they signed up for themselves and don't understand how to get off the list (despite the fact it's written at the bottom of every message to the list with a link). If you run some high volume lists you'll start seeing dumb reports from AOL scomp. My impression is that many AOL users think that feature is for deleting mail. I've not seen AOL software in years, but maybe if AOL put some sort of warning when they submit these messages... Maybe it's just the user base @ AOL that our mail servers deal with. :) Otherwise, I think that it can be helpful in identifying issues. Just my $0.02. Vinny Abello Network Engineer Server Management vinny@tellurian.com (973)300-9211 x 125 (973)940-6125 (Direct) PGP Key Fingerprint: 3BC5 9A48 FC78 03D3 82E0 E935 5325 FBCB 0100 977A Tellurian Networks - The Ultimate Internet Connection http://www.tellurian.com (888)TELLURIAN "Courage is resistance to fear, mastery of fear - not absence of fear" -- Mark Twain
On Tue, 01 Mar 2005 09:28:31 -0500, Vinny Abello <vinny@tellurian.com> wrote:
I can attest that we do not see the same here as you are seeing (1 in 100). I'd agree more with the 1/3 being stupid AOL users reporting regular messages that were either forwarded from their own account that we host to
Well - there's a way out, sort of. 1. Route .forwarded email out a separate IP (besides cutting down on accepting and forwarding spam) or 2. Find some way - like an X-Forwarded-For header, that AOL can tag on. --srs -- Suresh Ramasubramanian (ops.lists@gmail.com)
On Wed, 2 Mar 2005, Suresh Ramasubramanian wrote:
Well - there's a way out, sort of.
1. Route .forwarded email out a separate IP (besides cutting down on accepting and forwarding spam)
or
2. Find some way - like an X-Forwarded-For header, that AOL can tag on.
--srs
Your third option is best. (Excuse the signature-pun. :) SRS does not require SPF, and provides auditability for forwarded mail: http://spf.pobox.com/srs.html -- -- Todd Vierling <tv@duh.org> <tv@pobox.com>
On Wed, 2 Mar 2005 11:15:51 -0500 (EST), Todd Vierling <tv@duh.org> wrote:
Your third option is best. (Excuse the signature-pun. :)
SRS does not require SPF, and provides auditability for forwarded mail:
In which case dont futz about with SES (thats yet another name for SRS i think, I prefer to think I'm the only SRS around) - use BATV instead. Its specced for exactly what #3 says. srs -- Suresh Ramasubramanian (ops.lists@gmail.com)
Once upon a time, Jim Segrave <jes@nl.demon.net> said:
I don't understand this complaint - we process AOL TOS Notifications daily and I find perhaps 1 in a hundred or so are not valid complaints.
It is almost the reverse for us; a small number of valid complaints in a sea of false complaints. I've seen account info, half of private conversations (and I do mean private), hotel reservations, and more reported as spam on a regular basis. I also get complaints about confirmed opt-in mailing lists (majordomo and/or mailman lists with unsubscribe info at the bottom of each message) that the user apparently thinks the "Spam" button is the same as unsubscribe. That does not scale up; the whole point of using mailing list software is that so the mail server admin doesn't have to manually process subscribe/unsubscribe lists. Our mailing lists are set up to "bulk mail" (i.e. one message with multiple recipients), so since AOL filters out the complaining address, I can't manually unsubscribe those users. I haven't seen the AOL interface myself, but I've read that the "Spam" button is next to or near the "Delete" button, leading to mis-clicks. Even if that isn't so, there are definately a significant number of users that use the buttons interchangeably. -- Chris Adams <cmadams@hiwaay.net> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.
On March 1, 2005 at 14:17 jes@nl.demon.net (Jim Segrave) wrote:
I don't understand this complaint - we process AOL TOS Notifications daily and I find perhaps 1 in a hundred or so are not valid complaints.
Here about 99% are not valid or interesting. Which is to say, I had one small burst once caused by an infected customer machine which we got shut off fast and fixed. The rest are virtually all just people on mailing lists hosted here sending each and every completely on-topic posting to TOS. I suppose I should figure out some way to track them so I can boot them off those lists since AOL removes all identifying information. -- -Barry Shein Software Tool & Die | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Barry Shein wrote:
On March 1, 2005 at 14:17 jes@nl.demon.net (Jim Segrave) wrote:
I don't understand this complaint - we process AOL TOS Notifications daily and I find perhaps 1 in a hundred or so are not valid complaints.
Here about 99% are not valid or interesting.
Which is to say, I had one small burst once caused by an infected customer machine which we got shut off fast and fixed.
The rest are virtually all just people on mailing lists hosted here sending each and every completely on-topic posting to TOS.
I suppose I should figure out some way to track them so I can boot them off those lists since AOL removes all identifying information.
Apparently the ratio of valid/invalid AOL notifications is a usefull indicator on the cleanliness of the relevant network. Some might suggest that large amounts of untrackable inaccurate complaints are themselves abuse.
On Tue 01 Mar 2005 (22:36 -0500), Joe Maimon wrote:
Barry Shein wrote:
On March 1, 2005 at 14:17 jes@nl.demon.net (Jim Segrave) wrote:
I don't understand this complaint - we process AOL TOS Notifications daily and I find perhaps 1 in a hundred or so are not valid complaints.
Here about 99% are not valid or interesting.
Which is to say, I had one small burst once caused by an infected customer machine which we got shut off fast and fixed.
The rest are virtually all just people on mailing lists hosted here sending each and every completely on-topic posting to TOS.
I suppose I should figure out some way to track them so I can boot them off those lists since AOL removes all identifying information.
Apparently the ratio of valid/invalid AOL notifications is a usefull indicator on the cleanliness of the relevant network.
Or alternatively, some networks have few users who communicate with AOL customers - they aren't currently big-time in the Netherlands - and the ratio of valid to invalid complaints has sweet FA to do with anything else. We don't set up mail forwarding for residential customers so that's another non-issue. -- Jim Segrave jes@nl.demon.net
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yo Joe! On Tue, 1 Mar 2005, Joe Maimon wrote:
Apparently the ratio of valid/invalid AOL notifications is a usefull indicator on the cleanliness of the relevant network.
Or it just may tell you the clue level of the recipients. I run a mail server that only sends alerts to paying customers. These customers pay several hundred dollars a year for these alerts. The subject line and body text are clearly tagged as to the sedning source. AOL users STILL report it as spam! I have tried to get AOL to whitelist our server but no luck. RGDS GARY - --------------------------------------------------------------------------- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 gem@rellim.com Tel:+1(541)382-8588 Fax: +1(541)382-8676 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFCJhJR8KZibdeR3qURAkJsAKCORAdYmHPYM3rbUEaGxFuJ6KkdUACfYVZF PIlSidJJwnYT5hoSxa1nur8= =S6CI -----END PGP SIGNATURE-----
Speaking on Deep Background, the Press Secretary whispered:
The rest are virtually all just people on mailing lists hosted here sending each and every completely on-topic posting to TOS.
I've not gotten the AOL'ed treatment, but man how clueless is the userbase now-a-daze? I run a few lists, and despite the unsub address appearing in both the headers and visible dot.sig; still get dozens of "how do I.." per week. I miss the Good Old Daze; when men were men, and addresses had bang paths... ......cwru!ncoast!wb8foz -- A host is a host from coast to coast.................wb8foz@nrk.com & no one will talk to a host that's close........[v].(301) 56-LINUX Unless the host (that isn't close).........................pob 1433 is busy, hung or dead....................................20915-1433
It's too bad that about 1/3 of the reported mails are valid opt-in lists.
The other 1/3rd are actual spam, but legitimately forwarded as the user requested from a personal or business domain to an AOL account. Any server in the path gets tagged as a spam source. And the remaining third seems to be just plain old normal personal correspondence ... which I find weird.
Ahh well -- this is a nice mechanism that AOL provides, IMO.
Agreed, though maybe they should look at SpamAssasin or Postini. Take their end-users out of the filtering mechanism somehow. --chuck -- ______________________________________________________ There's only so much stupidity you can compensate for; there comes a point where you compensate for so much stupidity that it starts to cause problems for the people who actually think in a normal way. -Bill, digital.forest tech support
--On Thursday, February 24, 2005 10:18 AM -0800 chuck goolsbee <chucklist@forest.net> wrote:
It's too bad that about 1/3 of the reported mails are valid opt-in lists.
The other 1/3rd are actual spam, but legitimately forwarded as the user requested from a personal or business domain to an AOL account. Any server in the path gets tagged as a spam source.
Actually only the server that connected to AOL and relayed the mail into them. I have this same kind of gripe/complaint. Only for me about 2/3rds of my scomp reports are this. The other third are the below...only veeeery rarely is an actual spam reported from our system, except in the case of where we occasionally have a fraudulent signup come through and then start spamming.
And the remaining third seems to be just plain old normal personal correspondence ... which I find weird.
This happens because, atleast in many versions I don't know about currently, DELETE and SPAM buttons were right next to eachother, causing mis-clicks.
The other 1/3rd are actual spam, but legitimately forwarded as the user requested from a personal or business domain to an AOL account. Any server in the path gets tagged as a spam source.
Actually only the server that connected to AOL and relayed the mail into them. I have this same kind of gripe/complaint. Only for me about 2/3rds of my scomp reports are this.
I see the same thing. At least 2/3rds are spam forwarded along as described above. I have to give some credit to AOL WRT handling that type of situation -- they're much better than MSN/Hotmail who do not have a whitelist or feedback loop and simply stop accepting mail for 12+ hours from any server that reaches a particular spam threshhold. They refuse to do anything about it, even after trying to explain the situation because "It's the Symantec software that does it." Of course that fact they're causing affected servers to get their mail queues backed up with mail awaiting delivery to MSN/Hotmail isn't their problem either. Grrr... Andrew
Date: Thu, 24 Feb 2005 13:46:20 -0500 From: andrew2@...
I see the same thing. At least 2/3rds are spam forwarded along as described above. I have to give some credit to AOL WRT handling that type of situation -- they're much better than MSN/Hotmail who do not have a whitelist or feedback loop and simply stop accepting mail for 12+ hours from any server that reaches a particular spam threshhold.
We now refuse to forward mail that's almost certainly spam. Users may POP it, but forwarding is out. Jared [if you're listening], care to provide an "scomp POC"-type database on puck? Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita ________________________________________________________________________ DO NOT send mail to the following addresses: davidc@brics.com -*- jfconmaapaq@intc.net -*- sam@everquick.net Sending mail to spambait addresses is a great way to get blocked. Ditto for broken OOO autoresponders and foolish AV software backscatter.
On 02/24/05, "Edward B. Dreger" <eddy+public+spam@noc.everquick.net> wrote:
I see the same thing. At least 2/3rds are spam forwarded along as described above. I have to give some credit to AOL WRT handling that type of situation -- they're much better than MSN/Hotmail who do not have a whitelist or feedback loop and simply stop accepting mail for 12+ hours from any server that reaches a particular spam threshhold.
We now refuse to forward mail that's almost certainly spam. Users may POP it, but forwarding is out.
Very good idea, given the lack of any standard way for a receiving ISP to know that the mail was forwarded. -- J.D. Falk uncertainty is only a virtue <jdfalk@cybernothing.org> when you don't know the answer yet
chuck goolsbee wrote:
It's too bad that about 1/3 of the reported mails are valid opt-in lists.
The other 1/3rd are actual spam, but legitimately forwarded as the user requested from a personal or business domain to an AOL account. Any server in the path gets tagged as a spam source.
I believe one has an extra duty to be as strict as possible about accepting email to be forwarded to external parties: Read: Setup for every usuable blocklist, including you own, which rejects email outright. And spamassassin setup to reject any reasonable low FP score threshold. And none of that "tag em all and let the user sort it out" business. Its not legitimate to cover your eyes and forward probable garbage to someone else. You want it on your system, thats your decision. AOL blocklisting high percentage garbage senders, including those merely forwarding, is perfectly valid in my book. To blocklist all servers in the path or just the most recent one is a local decision
JM> Date: Thu, 24 Feb 2005 14:17:24 -0500 JM> From: Joe Maimon JM> To blocklist all servers in the path or just the most recent one is JM> a local decision Want to DoS someone? Have fun with bogus "Received:" headers in actual junk mail. Developing heuristics to try detecting this is interesting. It's not impossible, but it's hardly an exact science. Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita ________________________________________________________________________ DO NOT send mail to the following addresses: davidc@brics.com -*- jfconmaapaq@intc.net -*- sam@everquick.net Sending mail to spambait addresses is a great way to get blocked. Ditto for broken OOO autoresponders and foolish AV software backscatter.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Joe Maimon wrote: | I believe one has an extra duty to be as strict as possible about | accepting email to be forwarded to external parties: | | Read: Setup for every usuable blocklist, including you own, which | rejects email outright. And spamassassin setup to reject any | reasonable low FP score threshold. And none of that "tag em all | and let the user sort it out" business. | | Its not legitimate to cover your eyes and forward probable garbage | to someone else. You want it on your system, thats your decision. | AOL blocklisting high percentage garbage senders, including those | merely forwarding, is perfectly valid in my book. | | To blocklist all servers in the path or just the most recent one is | a local decision Now here I would disagree. These are specific requests by individuals to forward mail to from one of their own accounts to another one of their own accounts. I do not think AOL (or anyone) should consider mail forwarded at the customers request as indicating that our mail servers are sending spam. As that is apparently not the case I have seriously considered as a matter of policy refusing to install mail forwards to AOL customers. Mark Radabaugh Amplex -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCHjCqg0PQSWMG2wsRAnnfAJ9IE+GIuYnBrDKrE3OlpAvZIuuXbQCfSEAS GSSlg8c0AHPh044rMDauHyI= =OjDT -----END PGP SIGNATURE-----
MR> Date: Thu, 24 Feb 2005 14:53:14 -0500 MR> From: Mark Radabaugh MR> As that is apparently not the case I have seriously considered as a MR> matter of policy refusing to install mail forwards to AOL customers. Or give users a choice between filtered forward and no forward. Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita ________________________________________________________________________ DO NOT send mail to the following addresses: davidc@brics.com -*- jfconmaapaq@intc.net -*- sam@everquick.net Sending mail to spambait addresses is a great way to get blocked. Ditto for broken OOO autoresponders and foolish AV software backscatter.
On Thu, Feb 24, 2005 at 02:53:14PM -0500, Mark Radabaugh wrote:
Now here I would disagree. These are specific requests by individuals to forward mail to from one of their own accounts to another one of their own accounts.
But a request to forward mail is not a request to facilitate abuse by forwarding spam.
I do not think AOL (or anyone) should consider mail forwarded at the customers request as indicating that our mail servers are sending spam.
Why not? Did it come from your servers? On your network? If "yes", then it's YOUR spam, and you should expect to held fully accountable for it. If that's an unpleasant notion, and I'll stipulate that it sure is for me, then you need to do whatever you need to do in order to put a sock in it. We are long past the time when excuses for relaying/forwarding/bouncing spam were acceptable. The techniques for mitigating these -- at least to cut down a torrent to a trickle -- are well-known, well-understood, well-documented and readily available in a variety of implementations. More generally, the best place to stop spam is as near its source as possible. So if you're the forwarder, you're at least one hop closer to the source than the place you're forwarding to -- thus you should have a better chance than they do of stopping it. And you should at least make a credible try: nobody expects perfection (though we certainly hope for it) but doing _nothing_ isn't acceptable, either. So, for instance: take advantage of the AOL feedback loop. Anything that they're catching -- that you're not -- indicates an area where you can improve what you're doing. Find it, figure it out, and do it. Everyone benefits -- including all your users who aren't having their mail forwarded. ---Rsk
Due to AOL scomp and SPF we have stopped forwarding all together. Existing accounts are grandfathered and we are working on migrating them all to IMAP-SSL. ALL new accounts have to IMAP their mail from our servers. I get WAY too much junk from forwarded mail going to AOL. I also get way too many tech support calls about forwarded mail being rejected because of SPF -Matt
At 03:08 PM 2/24/2005, Matthew Crocker wrote:
Due to AOL scomp and SPF we have stopped forwarding all together. Existing accounts are grandfathered and we are working on migrating them all to IMAP-SSL. ALL new accounts have to IMAP their mail from our servers. I get WAY too much junk from forwarded mail going to AOL. I also get way too many tech support calls about forwarded mail being rejected because of SPF
-Matt
Forwarded mail shouldn't be rejected as a result of SPF if your mail server is using SRS to rewrite the from addresses in the "mail from" part of the SMTP transaction of the forwarded emails... as long as your SPF record isn't messed up of course. :) Vinny Abello Network Engineer Server Management vinny@tellurian.com (973)300-9211 x 125 (973)940-6125 (Direct) PGP Key Fingerprint: 3BC5 9A48 FC78 03D3 82E0 E935 5325 FBCB 0100 977A Tellurian Networks - The Ultimate Internet Connection http://www.tellurian.com (888)TELLURIAN "Courage is resistance to fear, mastery of fear - not absence of fear" -- Mark Twain
Forwarded mail shouldn't be rejected as a result of SPF if your mail server is using SRS to rewrite the from addresses in the "mail from" part of the SMTP transaction of the forwarded emails... as long as your SPF record isn't messed up of course. :)
I know but that just wreaks of a hack which I'm not currently willing to do. It works better for us to terminate the forwarding and sell the customer full mail service. My SPF record isn't messed up as far as I know. -Matt
On Thu, 24 Feb 2005 17:02:23 -0500, Vinny Abello <vinny@tellurian.com> wrote:
Forwarded mail shouldn't be rejected as a result of SPF if your mail server is using SRS to rewrite the from addresses in the "mail from" part of the SMTP transaction of the forwarded emails... as long as your SPF record isn't messed up of course. :)
No point in implementing SRS There is however a point in asking people who persist in publishing -all records to consider changing those to ~all or ?all, and then telling people who treat spf hard failures as 100% sign of spam not to. --srs (fresh from watching a Meng Wong / Dave Crocker / Jim Fenton panel at apricot 2005) -- Suresh Ramasubramanian (ops.lists@gmail.com)
It's too bad that about 1/3 of the reported mails are valid opt-in lists.
I find it's a lot more than that, but my network is small and I know most of my users so the amount of spam we emit is tiny. Since my list mail is all VERPed and AOL only removes the address from the To line (they know it's silly, their lawyers made them do it), it took me only a few minutes to write a perl script that picks the list name, domain, and subscriber address out of the bounce address and reformats it into an unsubscribe message to mj2. Works great. Now I have a new problem of AOL users asking where their list mail went. Sigh. I tell them that if they want to resubscribe, they're welcome to do so, and when they hit the spam button again they'll be off the list again. Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor "I shook hands with Senators Dole and Inouye," said Tom, disarmingly.
All, Thanks for the many on- and off-list replies. Things begin to make a bit more sense. We recently began hosting a list with several AOL subscribers, and this week's complaint volume is five times what it was last week. With one complaint per ~4 AOL subscribers (who are but 4.6% of the total list) this time around, and _zero_ complaints from anywhere else, I thought something was amiss. 'tis a pity AOLers can't tell "delete" from "unsubscribe" from spam. Time to VERPify the list and unsubscribe people mercilessly. *grumble* On the cynical side: Has anyone considered an "inverted" blacklist -- i.e., a _destination_-based mail blocking mechanism? Rejecting mail to parties with excessive bogus complaint rates certainly might simplify life for those tasked with handling "abuse" incidents. ;-) On a more positive note: One AOL user unsubscribed correctly. I don't mean to bash all AOLers... just the ones who are a bit... confused. Thanks to all, Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita ________________________________________________________________________ DO NOT send mail to the following addresses: davidc@brics.com -*- jfconmaapaq@intc.net -*- sam@everquick.net Sending mail to spambait addresses is a great way to get blocked. Ditto for broken OOO autoresponders and foolish AV software backscatter.
On Thu, Feb 24, 2005 at 07:08:07PM +0000, Edward B. Dreger wrote: [...]
On the cynical side: Has anyone considered an "inverted" blacklist -- i.e., a _destination_-based mail blocking mechanism? Rejecting mail to parties with excessive bogus complaint rates certainly might simplify life for those tasked with handling "abuse" incidents. ;-)
It's interesting that you should ask that today. A few days ago we started throwing around an idea along these lines: - N = # of bogus abuse/spam reports for a given destination - X = # of reports where we stop delivering mail to a given destination - for 0 < N < X -- deliver the mail, but also inform the sender that the destination address has reported spam/abuse coming from our network, and that if it continues, we won't deliver mail to that destination anymore. - for N > X -- tell the sender that we aren't delivering the mail because it is likely to get us put on a blacklist. We haven't fleshed things out completely, because we're not sure the cure is better than the disease yet... -- John Osmon
participants (22)
-
andrew2@one.net
-
Barry Shein
-
Chris Adams
-
chuck goolsbee
-
David Lesher
-
Edward B. Dreger
-
Gary E. Miller
-
J.D. Falk
-
Jeff Wheeler
-
Jim Segrave
-
Joe Maimon
-
John Levine
-
John Osmon
-
Mark Radabaugh
-
Matt Taber
-
Matthew Crocker
-
Michael Loftis
-
Rich Kulawiec
-
Suresh Ramasubramanian
-
Todd Vierling
-
Valdis.Kletnieks@vt.edu
-
Vinny Abello