AOL Bans Mail From DSL-Hosted Servers 925
kmself writes "As first reported at linux-elitists by Aaron Sherman, and with a demonstration of the denial at zIWETHEY, AOL has begun blocking mailservers identified with residential DSL lines as an anti-spam measure, apparently heedless of the huge collateral damage this move imposes (and guess who can't send mail to Mom...). This action was unannounced, and has received virtually no coverage, spare an oblique mention at News.com. It also violates SMTP RFCs, as Aaron points out, not to mention the 'good neighbor' conventions of Internet communications. Mail to AOL's postmaster is also bounced -- this is RFC-ignorant.
I strongly recommend that as a compensatory measure, non-AOL MTAs be configured to deny all incoming mail from AOL's domain."
I would say.... (Score:3, Insightful)
Re:No problem (Score:2, Insightful)
Is this a contest to see who is more ignorant? I'd put you as neck and neck with AOL in this respect.
It's their network. (Score:5, Insightful)
Like all other spam blocking attempts, there will be collateral damage. They try to keep their customers happy, and the market decides if they succeeded.
Re:ummmm... (Score:2, Insightful)
I think this is an egregious violation of the community's trust on part of AOL, not to mention that it's ridiculous considering that a LOT of the spam coming at them won't be from home lines, but from established spamwhores like pm0 and others.
So that's right, a group of 10 students can't send mail to AOL accounts because we can't afford to pay the piper for $300/month. This is RIDICULOUS. It's bad enough that we were forced away from school hosting because they "didn't have enough room" and that we actually needed features for our site, but then the fact that we can't get in touch with half of the MAST Academy student body through the wavelengths Journal email server...that's sad.
Best regards,
Jordan
Re:ummmm... (Score:2, Insightful)
We're even considering moving to Exchange for the feature (we use RHEmS now), but with AOL blocking us, I try to keep a slightly tighter ship, so to speak, in an effort to show what the Avg. Joe can do with their mailserv. I dunno guys, the Net seems to be heading down the tubes faster than we can be righteous, but I hope we don't see this again. Come on! Students having their ALTERNATIVE ENERGY publication's mail serv blocked? It's a shame.
Re:It's their network. (Score:5, Insightful)
You don't know you haven't got what you didn't get.
Admins with users can't ban AOL (Score:3, Insightful)
A year or two ago, I had AOL trouble with my free colocated server. The people who gave me the server were using IP addresses from a T1 line that they bought from a cable modem company. It wasn't on a net connected via a cable modem, but it was part of the cable modem company's block.
So AOL just silently deleted my messages. It's very frustrating, they don't tell you anything, you can't find documentation, no one will answer an email, etc.
It would be nice, at least for the first few days after they start the policy, to bounce messages with some sort of explanation, rather than just tossing them out.
I don't really have a problem with them trying to block spam -- I had access to a bigger, upstream SMTP server, so I could relay -- but it sucks that they don't tell anyone what's going on.
At the very least an AOL mail admin could post something on a mail admin's email list, so that a google search would turn up the answer. What would that take, five minutes?
Re:Good move (Score:3, Insightful)
Re:Good move (Score:3, Insightful)
No to mention, that many ISPs don't allow FROM field to contain domain names different from their own.
AOL's "solution" is an ugly patch that does't resolve the problem, neither does sending mail through ISP.
AOL's triage spam solution: block email from DSL (Score:5, Insightful)
I run my own mail server on a "business DSL" connection with a static IP address, but it runs to my home and I doubt there is any genuine distinction between "residential" and "business" DSL lines. I run my own server, of course, so that I can have a fairly powerful set of spam filters at the server side, in addition to a complex set of client-side spam filters -- all because I receive hundreds of spam emails per day, including dozens that I can identify as coming from AOL-owned servers.
I assume that AOL has only disabled receipt of email from DSL lines, and continues to send its customers' spam to folks like me. It's hard to know, since my filters already reject more than 98% of incoming email delivery attempts.
Let's at least try to be fair to AOL: they are just like the rest of us, forced to seek out triage solutions to the increasingly aggressive strategies used by spammers. Until a new structure is widely adopted for exchange of email (something that allows for true source verification and financial compensation for abuse), triage is the only solution that will work. Hence I block nearly all email from earthlink servers and customers, as well as juno.com and HUNDREDs of other domain names and IP addresses.
Re:what a buncha crap (Score:3, Insightful)
But representative of the masses. Most people don't care about anything but Web access and email -- and the more this happens, the more the Internet heads in that direction, regardless of how much we dislike it.
It may be pitiful -- but it's probably indicative of the future. Already, extensive random firewalling has made HTTP one of the few mechanisms that can be relied on to work in all environments.
Sigh.
Re:Good move (Score:5, Insightful)
There's no RFC that says you have to accept mail from *everyone*. You're free to bounce mail to whomever you like.
As to why this is an effective technique:
1) Most of these "home servers" don't have a PTR record at all.
2) Those that do, almost NEVER have one pointing to the domain they claim to be recieving for.
3) All these residential users should be using their ISP as a relay. That's what the ISP is there for.
4) Since there's no reason for them to need to send it out *not* through the ISP as a relay host, the majority of these users are spammers or just ignorant. In the first case, it's good to block them. In the second, maybe they will get a clue.
I'm generally against crippling services on the ISP end, but I've even thought that maybe it's high time that ISPs do what AOL does, and block outbound port 25. Incomming is another story, but as the parent and I have pointed out- the residential users should be using their ISP's mail servers as relay hosts.
- Serge Wroclawski
Re:Eathlink does this too. (Score:5, Insightful)
The fact is, SMTP is based on the flawed assumptions that every e-mail sent is one that the recipient wants to see because nobody would ever spam, and that there's no harm in letting the message travel unencrypted because nobody would ever snoop.
It's time for reform in the overall e-mail system, the only problem is that there's a huge installed user base that'd be forced to upgrade in order for a new e-mail protocol to work. It's gonna take something silly like this to get out of hand for that to happen.
Re:If you want to send mail... (Score:5, Insightful)
What about game servers - I can't host a match of Age Of Kings for my friends?
So, really, those TOS are a joke. A bit OT, all of this, I guess.
Privatized mail (Score:5, Insightful)
any mail from Florida, due to the large number of mail-order scams originating from that state
Don't laugh too hard on that one, there are schemes in place of trying to privatize and eliminate the whole of the US mail system including first class postage. While it might be neat to have all your mail sent by one company like UPS and while the post office does need to get its act together ASAP, my concern is that rural areas would by stuck with only one greedy private company as their only means of communication (thus making it expensive to send or recieve mail at all). Remember, the postal system in the US is a time-honored tradition that has been the envy and model for the rest of the planet. It is also in good working order, thus if AOL chooses not to accept e-mail anymore, why not just bombard them with snail mail? We could also return their bloody disks right back to them while we're at it. Maybe after they get several hundred thousand they'll get the hint.
And if you think the AOL-Time-Warner lawyers will allow their most lucrative domain to be taken from them then I have to disagree. I figure they've already got a loophole in the fine print somewhere that is as easily exploited as the pictures of children for those old Sally Struthers commercials (the ones where the kids keep starving but she kept growing). There hsa to be some reason behind this that is not yet shared, hopefully their decision has a more rational basis than some of the arguments for privatizing the US postal system.
Re:No problem (Score:2, Insightful)
Re:About Time (Score:5, Insightful)
50% of the spam I receives has an odd number of letters in the domain name,
but I wouldn't consider filtering based on that.
A 70% false negative rate is pretty meaningless without knowing the false positive rate as well.
What percentage of your non-spam email comes from dsl ip's?
Sounds like a load of claptrap to me.
Care to cite an RFC that suggests such a thing?
How about a good network reason why email should be relayed instead of sent directly?
-- this is not a
Broken ISP Mailservers (Score:2, Insightful)
Connected to mail.bellsouth.net.
Escape character is '^]'.
220 mail.bellsouth.net ESMTP server (InterMail vM.5.01.04.25 201-253-122-122-125-20020815) ready Sun, 13 Apr 2003 19:17:26 -0400
MAIL FROM:<>
250 Sender <> Ok
RCPT TO:<slashdot@slashdot.org>
550
QUIT
221 imf35bis.bellsouth.net ESMTP server closing connection
<> is an important from address - it's used by the mailserver when it bounces a message, so that the bounce can't be bounced back and forth in a loop
For that particular server I used to test that, I had to arrange to send email via someone else's mailserver using smtp auth >:|
Re:No problem (Score:3, Insightful)
Blocking Mail Servers that don't have Reverse DNS (Score:3, Insightful)
This issue is somewhat related, and is just another part of the big issue of preventing users from setting up their own services upon their Internet connections. If you can't send an receive any data that you want, it's not true Internet access. Now, I am not talking about setting up a mail server at work behind the corporate firewall, or on the college LAN. I am talking about the DSL line that I pay $55 to $150 a month for.
Recently I put up a personal mail server off of my DSL line. It uses Courier for the MTA. I am able to send and receive mail to most hosts on the internet, but a few will not accept messages from my mail server. I was curious as to why, so I did an investigation.
It turns out that these mail servers check reverse DNS for the IP address that I am using for a mail server. Doing a forward DNS check would be just fine, but a reverse DNS check? It does not stop spam, and worse, it blocks legitimate mail servers.
My ISP is pretty stupid on the technical wise. They use EIGRP as their IGP and they leave their customers on a live EIGRP enabled interface. I could inject routes into their IGP if I wanted to. Most of their Cisco routers also have HTTP and finger enabled. They definitely don't do anything about reverse DNS. There is no way that I can register my mail server (mail.opendreams.net) with the IP that I use (66.192.31.140).
The mail servers that I have so far discovered block mail from me include;
The University of Central Florida, @pegasus.cc.ucf.edu, pegasus.cc.ucf.edu
Datanomix Inc, @datanomix.com, mail.datanomix.com
How did I find out? Here is an example of a telnet to port 25 that I did...
user@sorrows-->telnet pegasus.cc.ucf.edu 25
Trying 132.170.240.30...
Connected to Pegasus.cc.ucf.edu.
Escape character is '^]'.
EHLO mail.opendreams.net
450 Client host rejected: cannot find your hostname, [66.192.31.140]
QUIT
221 Bye
Connection closed by foreign host.
The mail server won't even talk to me.
Issues like this will make mail on the Internet no longer a sure thing. There will be mail routing and blocking issues all over, and you can't be sure that one mail server will talk to another. This is not acceptable.
I personally think that there needs to be U.S. Federal laws made to protect the rights of Internet users. The reason that I think that law is necessary is that there is no competition in many areas for internet access. If there was, I could just switch carriers, but I have no options.
Re:Privatized mail (Score:5, Insightful)
Err.... (Score:2, Insightful)
Running domains on dynamic IP addresses is 3 types of lame.
- A.P.
Re:Blocking Mail Servers that don't have Reverse D (Score:3, Insightful)
Re:What a Terrific Idea... (Score:5, Insightful)
Actually, we should; it's called putting pressure on the corporation. If we were to pressure the corp, then they'll give in if enough users are f-ed up.
Re:Privatized mail (Score:5, Insightful)
According to the constitution, by law Congress must provide a postal system. Short of a constitutional ademendment, they are just a lawsuit away from any "reform" ideas being thrown out.
And frankly our postal system is a bargain. Try sending 2 oz letter 3500 miles for $0.36 in any other country in the world.
Now if you only had a telephone and a broadband service like that...
Re:Eathlink does this too. (Score:4, Insightful)
You don't need a new protocol. The one we have will work fine.
What people need to do is stop trusting every email connection that's made, and instead insist that every email connection comes from a listed MX.
This is easy to do: check the MXes for the domain listed in the SMTP "MAIL FROM" command (not to be confused with the "From:" header in the email message itself) and reject the connection if the IP address of the connection doesn't match one of the listed MXes for the domain. If you want to send email from a system that isn't a real MX, list it as a low priority one and block incoming SMTP traffic to that box (something anyone with any brains will be doing anyway), so that all incoming email goes only to the MXes that can handle incoming email.
End result: it forces spammers to buy a domain (that won't last very long since it'll be blacklisted immediately if it starts sending spam), makes it easy to create useful blacklists that work, and ultimately significantly increases the costs of spamming. And finally provides a way of reliably ignoring open relays (because you can blacklist the domain associated with the open relay).
And all of this can be done now, with no changes to SMTP required at all.
So why are we all sitting around on our asses complaining about spam when a viable solution already exists?
Terrible Move (Score:3, Insightful)
The only reasons you should be using some other server to transmit your mail instead of doing it yourself are
- Your connection isn't reliable enough - That's a problem for dial, not DSL.
- Your machine or mail delivery software isn't connected reliably enough to handle reattempts on messages that didn't get delivered successfully the first time - Laptops have this problem, and it _is_ easier to write mail client software that hands everything to a proxy server than software that tries direct delivery first and then falls back to using the proxy.
- Your mail software isn't smart enough to handle complex deliveries - That was a real problem back when we had UUCP and Bitnet and other non-SMTP mailers in common use and the Internet was only for universities and defense contractors, but we've fixed that problem, though some mail client software isn't smart enough.
- They're providing a service you don't want to do yourself - Maybe some kind of timestamping or notary service or encryption gateway or anonymizer or tunnel into your corporate Intranet.
But that's about it.Re:This is a good thing (Score:5, Insightful)
But having your own SMTP server doesn't provide any functionality that you can't get from Comcast at base price anyway.
Actually, it provides three bits of functionality:
This move by AOL is a good thing.
No, actually, it's a fucking bad thing. But you won't realize it until the day that you want to send your friend on MSN email but can't, and neither of you can talk to your parents who are on AOLMail, both of which are playing games to close their protocols to make sure that GnuMail can't play.
Providing an open replacement for SMTP that has the authentication and accountability that SMTP is sorely lacking would be a good thing. Segregating the Internet address space into ghettoes is not.
If you want residential mail, do it right. (Score:2, Insightful)
This is what I'm doing, and haven't had any problems being blocked by the big boys. I would assume their filters are pretty basic... probably finding a dhcp-* or the likes during a reverse lookup is how they're doing their filtering.
In CA at least, there's just no reason to give your broadband money to one of the 800lb gorillas with so many third party providers willing to give you a static IP and things like reverse DNS hosting for a tiny premium over the *Bell services. If your chosen broadband provider won't allow you to relay mail to addresses other than their own, then why again are you paying them so much money every month?
Re:Good move (Score:4, Insightful)
Right, I'll bite.
Let's pretend I am an idiot who has a cable modem. And let's pretend that said cable modem issues an IP within the verboten rage. And now let's pretend that I have my own email domain completely unrelated to that of my ISP's, and that I use sendmail to send mail out.
With me so far?
Now, let's pretend that said ISP has implemented authentication requirements -- in other words, I must identify myself with a SMTP AUTH username and password before my ISP's server will accept my outbound mail.
So. How do I configure my sendmail so that it uses my ISP's server as a relay (SMARTHOST definition) but feeds it the magic username and password first?...
Any ideas?
Re:Privatized mail (Score:3, Insightful)
I assume that joke here is that there are hardly any other countries in the world which have 3500 miles for a letter to go. Even if the mail in, say, Japan were free, you still couldn't send a letter 3500 miles. I guess nobody got it.
Re:Privatized mail (Score:3, Insightful)
Because it's losing money [usps.com]. They lost quite a bit [schooldata.com] last year.
Also, if you've ever waited in line at a post office, you know that some aspects of their service are not exactly the model of efficiency.
Re:Good move (Score:4, Insightful)
I have several customers who have Verizon DSL, but have domains hosted elsewhere, with mail hosted elsewhere, without authenticated SMTP relay. I would imagine, while certianly doing this to decrease their spam problem, that there's some sort of collusion (spoken or unspoken) industry wide to try and force ISP customers to use their bandwidth provider's services, hence making them more money.
Re:About Time (Score:4, Insightful)
Never tried to announce a new baby to more than 10 people?
Never sent out "I'm moving, my new snail mail address is..."?
I guess if you don't have more than 10 friends, you'd never need to bcc more than 10 people. But if that's the case, I feel sorry for you.
Me too, why this is so evil. (Score:5, Insightful)
We must fight this in order to presever open communications on the internet. It won't reduce spam, it will simply provide exclusive franchises for email to larger ISPs and they certianly will fill your box with lots of adverts. Next they will close down other services, such as web and chat sites. Service, concentrated in a few careless hands, will be very poor and all of us will suffer. Be very afraid.
Here's the chain of events:
Notice that most of this has already happened. The No Electronic Theft Act and other cable laws already make it against the law to violate your user agreement to "obtain services without authorization". The baby bells are hard at work trying to extend such laws to their own networks. Oh yeah, AOL has already cut off peerage to smaller ISPs. If that's not an effective block on email, I'm not sure what is.
Once enough power is concentrated, the internet as we know and think of it, open to all, will go down the memory hole. Even the memory of it will be erased. It will look more like TV or the Post Office. Ppeople will be taught to be thankful for all the garbage that gets pushed on them and that nothing could be better.
It's not hard to run a mail server. Reasonable software like that provided by Debian comes configured well and has easy to understand set up and configuration files. Run one today and tell your friends. Performance is awsome and this justifies the effort even if your crapy provider blocks incomming mail requests. Tell your service provider that they should change their terms to allow it.
Oh yeah, there's something else to do. I killed my 8 year old AOL account and sent the $10 a month to the free software foundation. Build a wireless node.
Re:Eathlink does this too. (Score:5, Insightful)
Which in itself is an RFC violation.
Give me a Visa card with a $2000 limit and I can own about 200 domains inside of 24 hours. Considering SPAMmers are purchasing $750k houses with the proceeds from their efforts, I'd say that's not a huge problem.
Now consider what happens when SPAMmers start routinely issuing "MAIL FROM: <kcbrown@sysexperts.com>"
Oh, wait, they already do that, and implementations like you suggest would only re-double their efforts. I'd rather not find myself at the wraith of people who have the capabilities to send 10 billion messages/month in my name, thanks.
Terms of service (Score:2, Insightful)
Re:Good move (Score:2, Insightful)
Umm
If you need email you can trust, what's wrong with Hotmail or Yahoo! or any other free mail service?
-- Dossy
Re:Say what? (Score:3, Insightful)
If you could, MS would've been out of business a long time ago.
And blocking AOL is a way to get them to realize that they're being dumb about it. Their customers will soon realize "hey, I can't get mail from or to anywhere... wtf?" and switch to an ISP (AOL is *NOT* an ISP.)
Re:Eathlink does this too. (Score:4, Insightful)
> connection doesn't match one of the listed MXes
> for the domain
Wrong assumption: incoming SMTP server = outgoing SMTP server. Many large and small organizations use different machines to recieve and send mail via SMTP. In other words, you'll end up rejecting a huge (50-80?) percentage of legitimate mail.
Re:Eathlink does this too. (Score:3, Insightful)
The doamins aren't their only expense. Now they also have to pay for their own hosting as well, as well as for the DNS servers that will be authoritative for their domains. They won't be able to make nearly as much use of open relays because the domains associated with any open relays will be blacklisted as quickly as theirs (and the definition of an "open relay" becomes more complicated under my scheme anyway, because an open relay has to either claim that it's sending your email under its domain or it has to be listed as an MX for your domain).
Those 200 domains aren't going to last you very long...perhaps a couple of weeks once the blacklisting mechanisms become good (and note that blacklisting can happen on a local level now, too). So that $2000 you talk about grows to $50,000 over the course of a year. That's going to eliminate a lot of spammers.
What happens when they do that is that the system they're connecting to looks up the MXes for sysexperts.com and -- surprise -- finds out that the IP address the connection is coming from doesn't match any of the MX records for sysexperts.com...and drops the connection right then and there. It doesn't register the sysexperts.com domain in the blacklist because there's no need: it's obvious that the connection was a forgery! The purpose of the blacklist is to eliminate domains that are successfully sending spam, i.e. the ones for which the connection address matches the MX lookup but for which the payload is still spam -- the domains that either belong to the spammers or which are open relays, in other words.
Spammers will be able to send email in your name just as they can right now, but only because the enforcement mechanism I describe operates on information from the "MAIL FROM" SMTP command and not the "From:" header. It would be possible to enforce it on the "From:" header, too, but that will cause a lot more inconvenience, since some people legitimately rely on the ability to define the "From:" header to be whatever they want.
Now, you may be right about the economic argument, but the technique I describe will simultaneously cost spammers more money (which is always a good thing) and more time and make it easier to fight spam at the same time, because blacklists will become a lot more effective (since now you can target domains instead of dynamically-assigned IP addresses) and a lot fairer (since you won't be targeting netblocks that could contain legitimate users). To relate back to the original article, because it'll completely eliminate the need to block IP addresses and will thus drastically reduce the need for ISPs to block SMTP (inbound or outbound).
By the way, I think it's ridiculous for ISPs to be blocking SMTP when they could easily limit the number of outbound SMTP connections originating from any of their IP addresses to something low enough to make spam impractical but high enough for legitimate use.
Re:bouncing mail to postmaster? (Score:5, Insightful)
Then it's time for it to get ugly. AOL breaks the protocol by issuing at 550 (not a 554) and not leaving the session open until timeout or client issues "QUIT" (you are allowd to say "553 Get bent" to every command issued, but you're not allowed to disconnect).
Let the blacklisting of AOL begin!
RFCs aside, though, they're blacklisting folks for getting an address assigned by a protocol. This is arbitrary and foolish. It also eliminates a lot of good mail.
I'll keep running my mail server, and AOL can keep ignoring me, but I'm going to start sending my friends and familly to AOL's competition, must as I hate to because that's mostly folks like MSN and the regional phone companies.
Re:Privatized mail (Score:2, Insightful)
Article 1, Section 8
Clause 1: The Congress shall have Power To...
Clause 7: To establish Post Offices and post Roads;
Re:What a Terrific Idea... (Score:2, Insightful)
Much better than this idea of "kids play" with doing to them what they are doing to us.
We did this to ourselves (Score:5, Insightful)
IMO too much time is spent ranting about how Tha Man is keeping the $30/mo broadband user down by not allowing the minority who know how to run a secure server to use their residential line as a commercial line. We should be putting a hell of a lot more energy bitching about the masses of clueless users who randomly click on any email attachment they get, setup their P2P apps in slut-mode, and otherwise connect to the Internet in such a way that they become:
- just another hop for viruses to propagate through
- just another misconfigured AnalogX proxy [analogx.com] or Lovgate [symantec.com] infected SMTP/NNTP open relay
- just another DDoS drone host
Its sad, but the majority of broadband users have forced this action. If people understood the concepts of due diligence and responsibility we wouldn't have David Ritz and others spending huge amounts of time battling USENET spam, ISPs getting slammed with DoS all the time (and I mean that litterally), and spam gangs doing automated scans of broadband networks for open relays so they can spread their email polution.Its a myth that spam only comes from networks in Asia that don't give a damn. It comes from Ma and Pa's Windows 98 box that got infected with one of several variants of Lovgate [symantec.com] and helps spam the planet, all from their speedy little DSL/cable connection.
Before the /. community jumps down AOL's throat at this carpet-bomb tactic, we need to realize that it is a business response to the realities of security on broadband networks. If users took responsibility for their connections and had good firewalls, anti-virus and intelligent email practices then this problem probably wouldn't exist.
Re:bouncing mail to postmaster? (Score:3, Insightful)
No they're not. But if you think that way they are.
Imagine if you will that AOL had tens of thousands of support calls asking why friends and loved ones were getting bounces. I have a friend at work whose wife was asking why she couldn't send mail to their priest on AOL. Another friend can't get my mail, and I told him to just call AOL until they fix it. I've suggested to other friends and familiy that they switch.
My hunch is that most of the people that AOL is blocking this way are the technically savvy folks who their friends and familly go to for help. If we all start telling ten or so of our friends to call up AOL and ask why they can't get mail from us.... AOL's spam problems will begin to seem less important.
Understand this: I'm not suggesting spamming their phones. I'm not suggesting that anyone "get revenge". It's simply a matter that the service, as advertized, is broken. They don't actually accept mail from large chunks of the net, and that needs to get to all of their customers.
The customers will decide....
Re:No problem (Score:2, Insightful)
Forced? Who the fuck is forced? Did AOL suddenly become a state-run organization? If you're going to talk about choice, how about look at the whole issue. People CHOOSE to be customers of AOL. Their continued use of AOL suggests agreement, whether verbal or not, of the policies of AOL. So nobody is forced.
Re:We did this to ourselves (Score:3, Insightful)
*applause*
It's partially the fault of the residential lusers, but it's largely the fault of their ISPs' negligence/
If ISPs had blocked outbound port 25 from residential broadband from Day One -- the same way they were already blocking outbound port 25 for residential dialup cusomters -- we wouldn't have this problem.
By default, port 25 should have been blocked on residential DSL and cable modems.
That would rid the world of spam bounced off open proxies from the 99.9% of residential broadband (l)users who have neither the desire nor the intention to talk SMTP through anything other than their ISP's central mail server.
You're a user, not a (l)user? You wanna run an SMTP server on your own? Call your ISP and ask for the block to be removed, and voila, it's removed.
The ISPs had a choice: Block port 25 and hire 100 call center serfs to unblock on request, or not block port 25 and hire 10000 abuse desk serfs to deal with the deluge of spam. (Result: ISP pays to hire 100 people, and you do get to run your own mail server, because traffic from your netblocks is still worth listening to.)
The ISPs choose poorly - With a budget to hire 100, they hired a woefully inadequate number of abuse desk serfs, and ignored the rest of the complaints.
The result - your ISP is still out the costs of hiring 100 drones, but I'm deluged with spam, and 4.0.0.0/8, 200.0.0.0/6, 12.0.0.0/8, and 24.0.0.0/8, along with others, are netblocka-non-grata. You wanna talk to my port 25? Talk to the 550, man, because your ISPs negligence (in protecting my inbox from the predictable cluelessness of your neighbors) ensured that my MTA ain't gonna be listening.
Re:AOL isn't the only one. (Score:2, Insightful)
Re:We did this to ourselves (Score:2, Insightful)