Forgot your password?
typodupeerror
America Online Your Rights Online

AOL Bans Mail From DSL-Hosted Servers 925

Posted by timothy
from the because-individuals-should-not-have-them dept.
kmself writes "As first reported at linux-elitists by Aaron Sherman, and with a demonstration of the denial at zIWETHEY, AOL has begun blocking mailservers identified with residential DSL lines as an anti-spam measure, apparently heedless of the huge collateral damage this move imposes (and guess who can't send mail to Mom...). This action was unannounced, and has received virtually no coverage, spare an oblique mention at News.com. It also violates SMTP RFCs, as Aaron points out, not to mention the 'good neighbor' conventions of Internet communications. Mail to AOL's postmaster is also bounced -- this is RFC-ignorant. I strongly recommend that as a compensatory measure, non-AOL MTAs be configured to deny all incoming mail from AOL's domain."
This discussion has been archived. No new comments can be posted.

AOL Bans Mail From DSL-Hosted Servers

Comments Filter:
  • by fyonn (115426) <dave@fyonn.net> on Sunday April 13, 2003 @05:28PM (#5723375) Homepage
    I thought that was a requirement of having a domain and you can lose the domain if mail is not accepted or read there? I'd have to check the rfc's but wouldn;t that be a thing, someone taking aol's domain from them because they don;t accept mail for postmaster?

    dave
  • No problem (Score:5, Interesting)

    by JanneM (7445) on Sunday April 13, 2003 @05:28PM (#5723376) Homepage
    I long ago includedevery mail from aol.com, yahoo.com and hotmail.com in my static spam filters. If anybody with such an account wants to mail me, they need to get in touch with some other account (or other means) first so I can add an excemption to them. To date I have three such excemptions total, all on yahoo.com.

    I can't very well block them further than I already do, in other words.
  • About Time (Score:2, Interesting)

    by Anonymous Coward on Sunday April 13, 2003 @05:29PM (#5723384)
    30% of the spam that comes in to our mailserver is from residential dsl ip's.

    If you are dial up or home dsl you should not be talking diectly to smtp servers anyway you should be sending mail through your provider.

    see: http://njabl.org/ they do exactly this.
  • by statusbar (314703) <jeffk@statusbar.com> on Sunday April 13, 2003 @05:29PM (#5723387) Homepage Journal
    My friend pays for a "static" Ip address on his cable modem to run some private corporate web forums. A few weeks ago, all email notifications from the forums going to anyone hosted at earthlink.net were bouncing - The message is "No email accepted from dynamic IP addresses".
    Both AOL and Earthlink have TONS of subscribers.

    If they both decide to carry on doing this, there is nothing you can do about it.

    Truth is, SMTP sucks. They are only doing this because of all the spam. Yes they are violating RFC's. Too bad...

    --jeff++
  • by lfarenw (603409) on Sunday April 13, 2003 @05:30PM (#5723393)
    I've been noticing this trend of blocking DSL/Cable originated mail for a while now. A few local ISPs block emails sent from my linux box (using Comcast cable service). Even SourceForge, that bastion of Open Source, blocks mail coming from my Postfix server--forcing me to use my Exchange server at work to send mail to my local LUG mailing list (now there's irony.).
  • this isn't new (Score:5, Interesting)

    by ejaw5 (570071) on Sunday April 13, 2003 @05:31PM (#5723401)
    I found out about this issue few months after i got my DSL connected almost a year ago. Used to be I'd use sendmail to send email out, and worked great since I could put my email address (which was defined through a domain name email forward) in the reply-to field. then, one day i get a message from AOL claiming I'm running an open mail relay, or using a "banned" IP. Got me worried a little bit, but I found out the real reason after i got a friend to nmap my box
  • by Dynastar454 (174232) on Sunday April 13, 2003 @05:31PM (#5723405) Homepage Journal
    It should be pointed out that AOL isn't blocking "All DSL" MTAs but those that have dynamically assigned IP addresses. On one hand, this is a stinky, no-good, rotten thing for them to do. On the other hand, the elitest in me says "go get a real [speakeasy.net] DSL connection if you're going to run your own MTA." :-) But really, I know it's not an option for some, and this move by AOL is pathetic.
  • by rolfwind (528248) on Sunday April 13, 2003 @05:31PM (#5723407)
    I used to sell stuff on ebay and as such, always needed to reach customers pronto. And AOL email addresses as the unfortunate side effect of being the most unreachable.... either a high percentage never got the mail or it gets bounced.

    My advice is to get a yahoo email address, not only does it not block mail, but you won't be inundated with junkmail because they filter most of it in another folder for you. So far, they never put in anything valuable or legitimate in there so it seems to work fine. The other reason is it is ISP agnostic.... that way if you cancel AOL, you don't have to give every a new email address.

    My 2 cents^.^
  • Services like Verizon, that use DHCP and/or PPPoE and already have a "no servers" policy? What's the criteria, here??? It will be interesting to see how AOL differentiates "residential" DSL from other types of DSL.

    I use SpeakEasy DSL via Covad. This service is technically residential, because my servers are sitting in my house. But I have a legitimate domain, and static IPs on my servers. However, reverse DNS lookups return "dslwww-xxx-yyy-zzz.phl.yadayadayada," NOT my registered domain name.

    I just successfully sent myself a test message from my domain mail to my AOL account, so I'm not being blocked yet. I guess I'll start sending a test message once or twice a day to make sure it still works, until AOL clarifies their policy. And if I do get blocked, there's gonna be some hell raised about it. My servers are locked down tight and laways have been. Shutting out all DSL-hosted mailservers to keep out spam is like burning your house down to keep it from being burglarized.

    ~Philly
  • its not just DSL... (Score:2, Interesting)

    by Mark19960 (539856) <Mark@freequ[ ].net ['est' in gap]> on Sunday April 13, 2003 @05:43PM (#5723465) Homepage Journal
    They are targeting broadband in general.
    I work for an electronics repair company...
    we use road runner buisness class.
    At work, I just recently wrote an application that interfaces with our database, and sends our customers email containing the status of their equiptment.
    I just checked to see how many emails we send to that domain, and its a fair amount, I would say 15% of our customers.
    this would create a problem for us communicating with potential or current customers.
    im all for fighting spam, but are we collateral damage in this war?
  • by Anonymous Coward on Sunday April 13, 2003 @05:43PM (#5723466)
    No.

    Plenty of people out there have a domain and yet use their.name@their.isp.com as their email address. Nothing wrong with that. Some RFCs *do* state that you have to make all reasonable attempts to receive mail for postmaster@yourdomain.com *if* you run a mail server for that domain, but I've never heard of someone losing a domain over it.
  • by gladbach (527602) on Sunday April 13, 2003 @05:43PM (#5723470)
    a) most likely you shouldn't have an smtp server on your residential broadband connection anyways.

    b) it is a known fact that a lot of spam comes from the said connections that they banned.

    c) just use your isp provided smtp server you idjits. if that doesnt allow you to bcc more people than you want, then either you are spamming, or get smart enough to not have to use your smtp server.

    d) this is NOT hard to work around. If I needed a smtp server, I could at this moment probably get hooked up by 6 different people off the top of my head.

    e)all in all, this is not a big deal. and yes, this is coming from someone who has in the past and probably will in the future host a webserver etc off of my residential line.
  • I guess this is sort of like the New York branch post offices not delivering mail from Florida, because that's where a lot of junk mail originates from.

    I have a fairly nasty conspiracy theory on why AOL and Comcast are cooperating on this. By shutting out the innovative do-it-yourselfers on the Internet from their network, they squelch potential competition from their "value-added" services.

    The next step might be to block web servers that don't originate from big corporate server farms. After all, who knows what could be on those independent things but kiddy porn and terrorist training instructions?

    The irony is that the great mass of obtrusive commercialism on the Internet originates on the corporate, big-player side. AOL was the innovator in turning the WWW into a virtual shopping mall.

    You would like to think, however that this will backfire on them, as customers look to alternatives to their increasingly sanitized pseudo-Internet network.

    And how does one fool their IP filters anyway? It makes one want to "spam" everyone of AOL's customers with a protected-from-legal-prohibition-because-it-is-not -commercial-speech protest email.
  • Re:Good. (Score:2, Interesting)

    by profplump (309017) <zach-slashjunk@kotlarek.com> on Sunday April 13, 2003 @05:51PM (#5723534)
    If they were really spamming AOL, they wouldn't need a mail server -- their could just tell their mail client to use mailin-03.mx.aol.com as the SMTP server, and it would gladly accept any mail bound for aol.com. Or at least it would before this ridiculous policy. The ability of people to run mail servers is not an issue -- SMTP doesn't care.
  • Re:Good move (Score:5, Interesting)

    by rossz (67331) <<ogre> <at> <geekbiker.net>> on Sunday April 13, 2003 @05:55PM (#5723558) Homepage Journal
    you should still use your upstream SMTP server for outgoing mail
    And what if your upstream provider is unreliable. Back when I had cablemodem with AT&T@Home, the service was so bad I swore to never rely on anyone else for email ever again. Emails sent through their servers had a habit of disappearing or taking months (yes, I said months) to finally arrive at their destination. Complaints resulted in the boilerplate response of "email service is for entertainment purposes only". For broadband in my area I can choose cablemodem or dsl. To get a static ip on dsl requires a jump in the monthly payment that I honestly can't afford at the moment (I'm an unemployed tech worker in the Bay Area, do the math). The rare contract work that I am getting requires email I can trust.
  • Mexico (Score:3, Interesting)

    by Roadmaster (96317) <roadmr@tomechang ... m ['nan' in gap]> on Sunday April 13, 2003 @06:00PM (#5723589) Homepage Journal
    Mexico's only DSL provider, Telmex/Prodigy, has been disallowing use of their SMTP servers to relay any mail not having a local @prodigy.net.mx part. The problem comes for a lot of people who connect via Prodigy DSL, but have other domains, hosted elsewhere, and want to have addresses @mycompany.com or similar. Whether Prodigy did this as a measure to coerce customers into getting "integral" solutions from them and kicking other ISPs and consultants out of the game is open to debate.


    So far, the option we've been using for our customers is configuring a local SMTP server which then delivers directly to destination. We use Linux for this, and configure it so that it only allows incoming SMTP from the local network.


    Recently, however, customers started reporting lots of bounced messages. Further diagnostics indicate several large mail providers are now blocking SMTP connections from dynamically assigned DSL IP addresses. I personally checked this happening with yahoo, AOL and Earthlink.


    It sucks that the Internet is becoming such a hostile place; I think of those quiet towns where everybody can leave their doors unlocked at night. Now it's become like any large city where doing such a thing is equivalent to giving away all your belongings. It also sucks that Prodigy (and, doubtless, other ISPs worldwide) won't let customers use their SMTP servers; this is, after all, a service I'm paying for. Fairly, we should get a discount for NOT using their servers, given that they're completely useless for our configuration.


    For now, the solution we've devised is using SMTP AUTH to let the customers' email be sent using our own SMTP server, which normally won't allow SMTP relaying from addresses outside our own IP network. However this feels like a hack and puts additional configuration burden on us.


    Is spam the ultimate cause for all this hostility on the net? maybe so. And if that's the case, here's another reason why perhaps the next war we see should be the one against spammers.

  • by SN74S181 (581549) on Sunday April 13, 2003 @06:01PM (#5723597)
    RFC stands for 'Request For Comments' and if I am not mistaken, that wording is a very significant indicator of the consensus-based standards on the Internet.

    Nobody can 'bust' you for not abiding by a Request for Comments. Perhaps some people would like to comment on this. heh
  • by Builder (103701) on Sunday April 13, 2003 @06:10PM (#5723656)
    I personally think this is a good thing. I know a lot of ISP's who've voluntarilly added all of their dialup and DSL IP addresses to various RBL's. They insist that you use their upstream SMTP server.

    This way, you can still send mail, and ISP's don't have to police all of their users to ensure that they aren't running open relays.
  • by ThatDamnMurphyGuy (109869) on Sunday April 13, 2003 @06:15PM (#5723681) Homepage
    Define "dynamically assigned" in the context of DSL.
    I have a 'business' dsl package. My IPs are static to my account, but they are assigned dynamically to the router. Will AOL know the difference between my email server, and some dhcp dsl users? Doubtful.
  • by cribcage (205308) on Sunday April 13, 2003 @06:21PM (#5723714) Homepage Journal

    I strongly recommend that as a compensatory measure, non-AOL MTAs be configured to deny all incoming mail from AOL's domain."
    Yeah...because when a big corporation does something wrong, we should exact revenge upon all of its customers.

    That's very mature. Particularly in the case of AOL, which services the vast majority of under-educated internet users. You'll fuck up all of their personal email communications, and they won't have the first clue why.

    Brilliant solution.

    crib

  • Re:I would say.... (Score:5, Interesting)

    by Lonath (249354) on Sunday April 13, 2003 @06:24PM (#5723731)
    There has to be some other underlying reason to move to block e-mail for this one group of internet users,

    <tin-foil-hat>Does any part of AOLTW compete with DSL, like umm cable modems maybe? </tin-foil-hat>
  • by analog_line (465182) on Sunday April 13, 2003 @06:30PM (#5723755)
    For a long while I've seen several stories in the ongoing war against the spammers, and the more draconian the measures get (blocking all of East Asia as many in these discussions proudly claim to have done) the Internet e-mail system appears to be in it's death throes already.

    When you start blocking such a significant percentage of the world in a blanket measure, wouldn't it be simpler and more effective to screw tortuous blacklists and just implement a whitelisting procedure? I mean, if over half of all the e-mails businesses get aren't legitimate, why in the world are these businesses throwing money down the drain by continuing to pay for something that doesn't work over half the time?

    IP+address whitelisting is really the only way to go if you want a useful messaging system based on SMTP anymore. That, or completely revert to instant messaging/private web boards. I'm sure some kind of system could be worked out to allow for simple temporary whitelisting which would let a user allow mail to himself from a certain address for 2 hours, or whatever the local admin defined as the maximum allowable time. Then, at the end of the day, if a user checked the box asking for this addresss/mail server IP combination to be put on the permanent whitelist, it gets sent with all the other such requests to an administrator who vets the list, then adds whatever addresses pass muster onto the permanent whitelist. You could add functionality that has tripwires if you start getting spam from that person...so many peices allowed before a warning, so many before removal from the whitelist for a week, then forever, etc... Yes, it places a demand on the mail administrator, but certainly no more of a demand than the running battle currently takes up.

    Personally I have very little use for regular Internet e-mail. I use it occasionally, because you still need an official e-mail address for various registrations, and for reciepts for buying stuff online. For actually talking to people, I use AIM of whatever instant messaging system they may use. I've considered creating a new AIM identity just for clients to get in touch with me through, but there isn't much nuance in logging and most don't deliver messages recieved when you're not logged on.

    I wish there was a way I could relegate Internet e-mail to the same status my mailbox has. Namely, flip through to see if there are any bills and dump everything else directly into the trash without bothering any further with it.
  • by TheMonkeyDepartment (413269) on Sunday April 13, 2003 @06:33PM (#5723772)
    As one of the nameless multitudes who receives thousands of "Get Rich Quick," "Gallons of Cheap Viagra" and "Teen Sluts With Shaved *****" spams, I have been wondering something for a while:

    What's the feasibility of coming up with and implementing a brand new mail protocol -- one which somehow prevents (or at least extremely complicates) the transmission of bulk, unsolicited mail? On the server level, you could build in source address verification (so spammers couldn't disguise the source of the mail) and bandwidth limitations -- so for example, someone sending out 1000 emails could do so, but with a geometric lag for each mail they send. (Isn't this called a "tar pit"?)

    In other words, since e-mail was invented in a time when spam didn't exist, it seems like we could improve upon the protocol considerably and make it harder for spammers to do their dirty work. Not being an SMTP expert, I don't know what this would require -- perhaps someone could fill me in?
  • Re:Good move (Score:4, Interesting)

    by wbattestilli (218782) on Sunday April 13, 2003 @06:34PM (#5723777)
    My ISP is not sufficiently reliable to use their mail servers. This is why I run my own. They have a lousy uptime and are vulnerable to the email worm of the week.

    I also cannot switch providers because my provider has a local broadband monopoly.

    I am neither ignorant or a spammer. I simply would like to have a server that is predictible.
  • by Ryquir (172934) on Sunday April 13, 2003 @06:44PM (#5723822)
    While some people and companies can, are willing and do throw their weight around by blocking net offenders. Very often those people/organizations are in the extreme minority. That form of blocking is also very much the last resort tactic hurting both the person being blocked and the blocker equally.

    Truthfully while blocking @hotmail and @yahoo and @aol has a certain appeal as a admin of a site. If we were to do that, I can't think of any user which would not be irate with us rather than their own ISP. Regardless of how explaintory we were, today's joe average user (and almost every user who's not joe average) doesn't care how they get it, they want their e-mail and all hell breaks loose if they don't get it.

    Secondly when your a site that does business with customers, mention of today's economy assumed, you just can't say "screw this set of customers they use XYZ, since XYZ doesn't play nice we won't do business with you."

    So how can we, "punish the wicked" but "spare the innocent?"

    Until there is a universal or at the very least "good" way of getting small and large internet users to understand why they aren't just a island unto themselves the internet will continue to have problems like this.

    I don't blame AOL for what they are doing, at our site we've seen an uptic in spam of more than 100 percent in the last 8 months and at least 20 percent just this month alone. What AOL will ultimately have to discover though, is that in the end their goal is not acheivable, since spammers don't care and have never cared that a recipient does or does not get their e-mail. For that reason I'd rather see them and others work together to develope a solution which we all can support.

  • by apexchin (622309) on Sunday April 13, 2003 @06:47PM (#5723846)
    Ok, normally I'm all for the liberal "screw the big corporation" /. agenda, but there are several problems in this case... 1. The RBL (specifially the DUNS list) has been advocating this very thing for years now. Many administrators (yours truly included) find it to be the most useful of the spam-blocking lists. So tell me again why is it suddenly bad when AOL does the same thing as DUNS by their own accord? 2. No self-respecting ISP is *ever* going to block mail from AOL. Because they respect them? No.... because of the potention legal liability in blocking such mail without permission of each and every one of their users. E-mail has long been held to be the most protected of the Internet services in courts... screw with that at your peril. 3. It's an easy work-around. Someone has already posted the sendmail fix, here's the one for qmail. In /var/qmail/control/smtproutes add the following line (yes, with the preceding colon): :mail.yourisp.net 4. My guess is the AOL user agreement specifically prohibits running servers of any kind on residential dialup/DSL service. Don't like it? Then either a) hide those servers better (non-standard ports) or b) find someone else to take your money. That's all, have a nice day. Jeff My
  • Re:Privatized mail (Score:5, Interesting)

    by kaszeta (322161) <rich@kaszeta.org> on Sunday April 13, 2003 @06:59PM (#5723928) Homepage
    I dont' understand why everyone is so down on the USPS

    I used to like the USPS, then I moved someplace that isn't served by the USPS. While I live in a somewhat rural environment, my town has over 5000 residents, but only 1 part-time mail carrier (and no plans to *ever* get another according to the local postmaster), so if you aren't on the one street that's on the route, you don't get mail. They canceled rural route service years ago. And they ran out of PO boxes back in 2000, and again, they don't plan on ever getting any more of them. And they think there is nothing wrong...

    On a related note, I hate businesses that can't understand that my PO Box is my *only* USPS-servicable address, businesses that insist on sending correspondence to my shipping address instead of my billing address, and rebates that don't accept PO Boxes.

  • Re:Trivial fix (Score:2, Interesting)

    by Anonymous Coward on Sunday April 13, 2003 @07:09PM (#5723982)
    In /etc/mail/sendmail.mc: define(`SMART_HOST',`smtp.server.of.you.isp')

    That's a good idea except:

    1. The spammers are relaying through you, AOL blocked your mail server, now you forward your mail to your ISP. Spammers are still relaying through you and you're happily forwarding it through your ISP's relay.

    2. Some ISPs do stupid shit like check the From address in the header and only let you relay if it's in one of their approved domains. I think Verizon does (or did) this.

    3. Internet traffic is easy enough to sniff, but do you want to make it simple for your ISP to log and catalog what messages you send to who? I'm sure only terrorists care about this, but why should my ISP need to know who I send e-mail to? Just another reason I don't use their stupid pop or imap. Do I trust some fat lazy admin at the ISP not to sit there and read my email for his jollies? It's less likely he's going to SPAN a port off a switch and sniff all my traffic than it is for some faggot lazy bitch to read my mail spool. (Yes this happened to me).

  • Re:I would say.... (Score:2, Interesting)

    by dhunley (16816) on Sunday April 13, 2003 @07:26PM (#5724062) Homepage
    Hate to prove how innefectual your tin hat is, but Ihave a Time-Warner cable modem, and they're blocking my emails as well.
  • Re:Privatized mail (Score:2, Interesting)

    by TeraCo (410407) on Sunday April 13, 2003 @07:44PM (#5724153) Homepage
    Well, in Australia it's only .47 AUD, which is about 25 cents US.. we also don't pay to receive cellular calls..
  • Re:About Time (Score:4, Interesting)

    by einhverfr (238914) <chris.traversNO@SPAMgmail.com> on Sunday April 13, 2003 @08:00PM (#5724237) Homepage Journal
    30% of the spam that comes in to our mailserver is from residential dsl ip's.

    Yet another reason to choose Speakeasy. I have a static IP and I am not blocked by AOL (already tried).
  • by captaineo (87164) on Sunday April 13, 2003 @08:27PM (#5724416)
    Actually it might not be necessary to overhaul every SMTP/POP3 client. You could invent a new email system (encrypted, authenticated, whatever) that accepts incoming messages via SMTP and delivers mail via POP3. I'm thinking of a secure "bridge" between the initial SMTP server and the destination POP3 server. Sort of like a VPN, but for email rather than IP packets. This way existing clients could use the system with little or no modification.

    The receiving side would probably be the easiest - the destination server that receives email for you (probably at your ISP) would have to be provided with a private key to decrypt your incoming email. This could be done automatically by your ISP. Naive users and their email clients would just see the unencrypted messages via POP3.

    The outbound side might require modifications to insert special headers in the SMTP message to authenticate yourself to the system (e.g. you could send a digital signature, which the SMTP server would verify against your stored private key).

    This system wouldn't be as secure as end-to-end encryption (anyone with access to your mail server could subvert the private keys), but it would be a heck of a lot better than what we do today, and virtually 100% backwards-compatible with existing mail clients.

    A web interface might be another good way to deliver the next generation of email. Yahoo or MSN could incorporate encryption and authentication without changing anything in their existing web interfaces.
  • Funny... (Score:4, Interesting)

    by BrokenHalo (565198) on Sunday April 13, 2003 @08:37PM (#5724464)
    My MTAs have been set up to blackhole AOL mail (on a whitelist basis) since about 1997 or 98 :-). I had almost forgotten... At that time, I was getting a heap of spam from their domains, and as I'm in Australia and AOL doesn't have a significant coverage here it's pretty safe from false positives.
  • by hhknighter (629353) on Sunday April 13, 2003 @09:01PM (#5724634)
    ban their own marketing morons from sending those damn AOL CDs.

    Those things serve the same purpose as Spam: "If you spam them, they will come"
  • I'm on a cable modem and it doesn't accept mail from my mail server either... If I try to send to my friend's Compuserve (owned by AOL now) address... I'm on a cable modem. The way the message is phrased, they make it sound like I'm the cause of the spam woes... I mean, that is just ridiculous. My server is secured, I am very selective about who is allowed to relay.

    Here's the message it sends back as it appears in my mail server log:

    00:08:31 5 SMTP-409(cs.com) Disconnect Received
    00:08:31 5 SMTP-409(cs.com) Disconnect Confirmed
    00:08:31 4 SMTP-409(cs.com) Input Line: 550-The IP address you're using to connect to AOL is either open to the\r
    00:08:31 4 SMTP-409(cs.com) Input Line: 550-free relaying of e-mail, is serving as an open proxy, or is a dynamic\r
    00:08:31 4 SMTP-409(cs.com) Input Line: 550-(residential) IP address. AOL cannot accept further e-mail\r
    00:08:31 4 SMTP-409(cs.com) Input Line: 550-transactions from your server until either your server is closed to free\r
    00:08:31 4 SMTP-409(cs.com) Input Line: 550-relaying/proxy, or your ISP removes your IP address from their list of\r
    00:08:31 4 SMTP-409(cs.com) Input Line: 550-dynamic IP addresses. For additional information, please visit\r
    00:08:31 4 SMTP-409(cs.com) Input Line: 550 http://postmaster.info.aol.com.\r
  • Re:I would say.... (Score:2, Interesting)

    by ShannaraFan (533326) on Sunday April 13, 2003 @09:54PM (#5724926)
    I'm a TWC/Roadrunner customer, and found out two weeks ago that I can no longer send mail to AOL accounts from my server.
  • sue 'em (Score:2, Interesting)

    by autopr0n (534291) on Sunday April 13, 2003 @10:17PM (#5725058) Homepage Journal
    it's your right as a citizen to get mail!
  • Re:I would say.... (Score:2, Interesting)

    by njb42 (556147) on Sunday April 13, 2003 @10:35PM (#5725148) Homepage
    But they also block cable modems and dialups. Maybe this is a new story for Slashdot, but AOL's been doing this for at least a few weeks. When I moved my server from a frame-relay connection to Comcast Pro at home, AOL (and several other ISP's) began blocking every single message from my box. Some of the RBL lists also blacklist every IP block that is known to be used for dialup, DSL, or cable. Solution? See if your ISP has an outgoing mail server you can use. AOL blocks my cable modem but not smtp-out.comcast.net.
  • Re:About Time (Score:3, Interesting)

    by ajs (35943) <ajsNO@SPAMajs.com> on Sunday April 13, 2003 @10:48PM (#5725201) Homepage Journal
    A 70% false negative rate is pretty meaningless without knowing the false positive rate as well.
    What percentage of your non-spam email comes from dsl ip's?


    It's actually a pretty high rate of ham (as the SpamAssassin project folks call it) that comes from such addresses. My mail all originates from such an address, and I know several others for whom this is true. The flawed logic of "source x produces much spam, thus eliminating source x will make my life better" has many logical holes in it, as you point out, but that's not stopping AOL :-(

    If you are dial up or home dsl you should not be talking diectly to smtp servers anyway you should be sending mail through your provider.

    Sounds like a load of claptrap to me.
    Care to cite an RFC that suggests such a thing?
    How about a good network reason why email should be relayed instead of sent directly?


    It's not just (as you rightly point out) not in the RFCs, it's about as far as you can get from the intent of them.

    The idea behind SMTP is to make every node on the Net the master of its own communications. You can create a relay and go through it, but that's not required because such a requirement would mean that you're going to have to create a beauracracy around the designation of valid and invalid relays.

    The correct way to deal with the problem is to have an identity that earns or loses respect in the global community. By default your identity is your IP address. Clearly if you have an IP that used to belong to someone else (because you got it via DHCP, your ISP handed you a CIDR block that just freed up because a spammer went out of business, or any other reason) you are going to inherit their rep, so little weight can be put on that. You can then add new layers of identity. For example, digital key verification in the SMTP protocol via TLS (I do this now).

    Once your site has an identity, you can begin to earn or lose the trust of those in the community. Blacklists become trust databases were your IP or key map to 127.0.0.1-255 (a trust value) or 0 for no-match.

    This would be an easy enough thing to develop, and could really help make filtering mail much easier and yet everyone who wants to can maintain a trust database, and anyone who wants to use your trust database can.

    What could be better!
  • by alexburke (119254) <slashdotmail AT alexburke DOT ca> on Sunday April 13, 2003 @11:34PM (#5725501)
    WELLLLL actually, after microsoft took over hotmail.com they DID forget to renew. A guy in the Nashville Linux User's Group is actually responsible for purchasing the domain and contacting microsoft to transfer it to them. He was compensated and got a little extra, although not much.. He also got quite a bit of fame, a hardcore linux user saves microsoft's hotmail? heh

    Actually, after much hemming and hawing, Microsoft sent him a cheque (check for you Americans) for US$500. He sold it on eBay... for, IIRC, a little over US$1,000.
  • by rearden (304396) on Monday April 14, 2003 @12:44AM (#5725857) Homepage
    The biggest problem that I see with this move by AOL is for businesses with their own E-Mail Servers. Many of my clients use Exchange, Lotus, etc as their email server for the groupware features. Since many of these clients are small to medium businees they operate on Business DSL and cable connections.

    There are two problems that I have begun to notice. One, that the DSL and Cable providers are not doing a good job with PTR records and consequently the reverse DNS usually is something like xxx.xxx.xxx.atl.bellsouth.net instead of mail.companyname.com. Secondly, Bellsouth and others are now blocking ALL relaying through their servers that do not end in @bellsouth.net.

    This means that for some of my clients they are being blocked from sending email to AOL. Why? Because for Bellsouth (and many others) having a Static IP means that they simply set a reservation on their DHCP server. This means that they are "dynamic" IP's even though the companies are paying $10 to $20 more per month to have "static" IP's. Also, these "Business Accounts" are drawing IPs from the same blocks as residential IPs. In one case the IP address for my client at home (down the street from his office) is usually only a few numbers off from his mail servers "static" IP.

    While I can understand why AOL is doing this, I do not see how this solution is going to fix things. AOL is assuming that the problem is ignorant users and malicious spamers and that ALL ISP's are doing things like they should. We all know this is not true. Many T1 providers do not even setup proper Zones and PTR's for the IP's. On smaller ISP providers there is often no differentiation from Dynamic IP blocks and Static blocks, as they also use "reservation" based systems.

    The flaw in AOL's thinking is that they can fix a broken protocal by filtering messages based on RFC's being followed by ISP's. I dont see this working well for long.

    IMHO
  • by Transient0 (175617) on Monday April 14, 2003 @01:04AM (#5725943) Homepage
    ---QUOTE---
    I'll keep running my mail server, and AOL can keep ignoring me, but I'm going to start sending my friends and familly to AOL's competition, must as I hate to because that's mostly folks like MSN and the regional phone companies.
    ---ENDQUOTE---

    I actually had a couple of friends on AOL and when I noticed this a couple of weeks ago, I just told them to stop using their AOL accounts and offered them accounts on my home mailserver, which they both accepted, it being much cooler.

    I reccomend that you offer the same to anyone you can no longer e-mail because of this, and then have them send an e-mail to AOL indicating this policy as the reason they have opted to stop using the service.
  • Re:No problem (Score:3, Interesting)

    by hoggoth (414195) on Monday April 14, 2003 @09:14AM (#5727617) Journal
    I have a sendmail milter running that refuses mail that claims to come from AOL/HOTMAIL/MSN but the server sending the mail doesnt end in aol.com, hotmail.com, or msn.com . This removes all of the forged aol/hotmail/msn mail and cuts out 80% of my spam.

  • by ajs (35943) <ajsNO@SPAMajs.com> on Monday April 14, 2003 @09:23AM (#5727696) Homepage Journal
    A status of 550 should only be sent in response to a command, not to connection.

    Correct, and what's more they issue that 550 ending with "550 Goodbye" and then a connection reset (TCP-"R") packet, which is also in violation of the RFC.

    If you run SpamAssassin [spamassassin.org], I highly recommend adding:
    score RCVD_IN_RFCI 0 3 0 3
    to your /etc/mail/spamassassin/local.cf. If everyone on the net does this, it won't block AOL's mail (or any other RFC-ignorant site), but it will mean that you have a much lower level of tollerance for spam-like mail from them.

    It's not punative so much as showing them the right way to have solved this problem. Yes, AOL gets a lot of mail; yes, filtering spam out of it is hard; but if they simply weighted blacklists based on how accurate they are (as SA does) and then combined the results of several lists from dynips to rfci to relays with those weights, then they could make an accurate assessment, inform the sites that are blacklisted appropriately (in conformance with the RFC).

    Ultimately, even after issuing that 554, if someone pushes on with a "RCPT To: postmaster@aol.com", they should accept it so that the site has a usable route for delivering mail to assert that the problem has been solved, but that would be a rare occurance if the lists were public and used/maintained correctly.

    Bah.

You had mail, but the super-user read it, and deleted it!

Working...