Great Circle Associates List-Managers
(January 2003)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: AOL blocks mailing list
From: Nick Simicich <njs @ scifi . squawk . com>
Date: Fri, 24 Jan 2003 01:49:49 -0500
To: Loek Jehee <loekjehe @ xs4all . nl>, list-managers @ greatcircle . com
In-reply-to: <a0521024aba55fe137295 @ [24 . 132 . 50 . 105]>
References: <5 . 2 . 0 . 9 . 2 . 20030121175402 . 00bb44c0 @ pop . earthlink . net> <5 . 2 . 0 . 9 . 2 . 20030121175402 . 00bb44c0 @ pop . earthlink . net>

At 09:44 PM 2003-01-23 +0100, Loek Jehee wrote:

I sent private mail earlier discussing the perception of problems with xs4all.nl. As part of this answer, I checked the address against a number of blacklist sources. The answer is, xs4all.nl (and specifically the address the mail I am replying to) is listed in several RBL style blacklists. postfixgate.com, ztl.dorklist.org, maildeflector, others. These are not widely used, but there are some commercial spam blockers that build their own lists based on some set of lists. One that I found puts you on based on spamtrap spam, but won't let you off as long as you are on any lists. Who knows what AOL does?

http://apps.declude.com/tools/ip4r.ch?ip=194.109.127.137

http://moensted.dk/spam/?addr=194.109.127.137&Submit=Submit

Now, if this is the case, and if AOL has decided to list xs4all, well, it is going to be tougher to get your e-mail through.

You might consider simply moving your list to a list provider who is getting mail through to AOL. My point is that I doubt it is your list, I suspect it is your provider. If they are mixing their mailing list output with mail sent by general users, well, every ISP gets spammers, every ISP will get listed in some mailing list from time to time.

I received confirmation from some subscribers that indeed they
didn't receive my earlier messages and they now wrote
Emails of complaint to the postmaster urging AOL to
"whitelist" my mailing list and threatening them to quit their
account. This might help. Let's wait and see. I didn't get
any reply from AOL on my message so far.

It may be a mailing list issue but I doubt it --- if no one on AOL is getting any of your e-mail, it may simply be that AOL has decided to block all of your e-mail - (when I say "your" I mean they may be blocking all e-mail from your server). The real reason to boycott AOL is that they silently dump this sort of stuff rather than bouncing it so that no one can tell what is going on. I've heard all sorts of tales about why AOL sucks down mail instead of bouncing it, but when they decide a server is rogue, they could border-block it rather than taking the mail, then the bounces would not be coming from them. And it would lower load on their servers. But that would take thought on their part, and some compassion for their users and the rest of the world. Why should AOL bother? They are the biggest...and the reality seems to be that users want them to block spam. They are probably willing to take some false positives. I am not one of the people who believe that all mail should be delivered or filtered at the end user's specific setup -- for one thing, I do not think that AOL users want that level of control. What they want to do is to have the problem go away.

But I do believe that they should bounce the mail. And, yes, I understand that they might end up doing a denial of service on someone. That would be alleviated by simply border-bouncing more of the spam. This seems to be a case where all mail from some server is going to be silently pitched. Border bouncing it would take care oif that.

I am very much afraid that the recent Klesh type viruses
could soon create a situation in which all mailing lists will be
banned from large mail servers because we - as their
administrators - (and the Email address of the list itself)
will definitely exist in thousands of address books so the
chance that our address will be abused by a virus on an
affected computer is extremely high.

It is usually quite simple to determine that this is a klez rather than an attack from an individual because of the server-sender mismatch. Klez amounts to another denial of service attack, but I do not think it is of the same magnitude as spam. It is also true that the entire class of mailer which is currently being attacked will eventually become obsolete. The next generation of mailers may simply not have these sorts of holes. One can hope that the designers will learn something from this massive debacle.

This might become the end of the phenomenon "mailing list".

I think that there are a number of things that might help along the end of the mailing list, but I do not think that Klez or other worms using that attack, and there are more than a handful now, are one of them - lots of people running mailing list software simply do not allow attachments, or only allow limited types that can't do the sorts of damage that the virii can. The most likely outcome for the masses is permission based whitelist-only e-mail systems. Mailing lists can survive in that environment, but people will have to open up specific senders or domains for mailing list origins. e-mail might eventually die, perhaps to be replaced with something with stronger authentication, but I doubt it.

--
SPAM: Trademark for spiced, chopped ham manufactured by Hormel.
spam: Unsolicited, Bulk E-mail, where e-mail can be interpreted generally
to mean electronic messages designed to be read by an individual, and it
can include Usenet, SMS, AIM, etc.  But if it is not all three of Unsolicited,
Bulk, and E-mail, it simply is not spam. Misusing the term plays into the
hands of the spammers, since it causes confusion, and spammers thrive on
confusion.  If you were not confused, would you patronize a spammer?
Nick Simicich - njs @
scifi .
squawk .
com - http://scifi.squawk.com/njs.html
Stop by and light up the world!


References:
Indexed By Date Previous: Re: AOL blocks mailing list
From: Bob Bish <bobbish @ earthlink . net>
Next: TLS handshake error
From: Bob Bish <bobbish @ earthlink . net>
Indexed By Thread Previous: Re: AOL blocks mailing list
From: Bob Bish <bobbish @ earthlink . net>
Next: TLS handshake error
From: Bob Bish <bobbish @ earthlink . net>

Google
 
Search Internet Search www.greatcircle.com