You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Mike Jackson <mj...@barking-dog.net> on 2005/05/18 18:16:15 UTC
(OT, slightly) dealing with AOL spam reports?
A couple days ago, I set up AOL's "feedback loop" (though the loop part is a
misnomer, since you can't actually respond to the messages) so I could
monitor complaints against my employer's servers. Looking through the
messages AOL says their members reported as spam, I noticed that none of
them actually originated on my servers; they were all messages that were
sent to addresses at the servers, then forwarded to AOL accounts, and since
AOL records the IPs of all servers the message touched, I'm tainted by them.
So, how do you deal with this? My setup on the servers is like this:
* Sendmail
* Using Spamhaus SBL/XBL to deny listed servers at MTA level
* Most of the AOL forwarding is done via Sendmail's virtusertable
* Mail passed to SA via procmail on a per-user basis (not site-wide, yet,
but that's in the plans)
The solutions I've already thought of and rejected:
* Invoking SA via milter and denying spam at the MTA level, but few
customers would want spam denied outright (heck, I know I wouldn't). Of all
these possible solutions, though, it's the only one that wouldn't leave my
server's mark on the message.
* Setting up user accounts for the users with AOL forwards, filtering the
mail through SA, then delivering it only if SA didn't mark it as spam, but
that's a lot of users to set up.
* Doing the preceding with a single user account and redirecting the mail to
the right addresses via procmail and/or formail, but that wouldn't scale
well and would wind up being a mess.
* Invoking a policy of not forwarding to AOL accounts, but we're a web
design/hosting firm with about 200 domains, and a handful of customers have
AOL addresses, and that sort of policy wouldn't stand.
Any other workable suggestions? (And please, no suggestions that involve
changing MTAs. It's not going to happen.)
Re: (OT, slightly) dealing with AOL spam reports?
Posted by Marcel Veldhuizen <ma...@subbot.net>.
At 01:43 19-5-2005, Ryan Sorensen wrote:
>My biggest concern though is messages that come in from spammers, get
>filtered by spam assassin (they have ***SPAM*** tags in the subject) and
>then go on to the AOL forwards. These are defanged messages that still get
>reported as spam. I have to believe that AOL isn't stupid enough to
>blacklist me for relaying the message... i hope?
Unfortunately, THEY ARE that stupid.. It makes sense in a way, as there is
no way to tell the difference between a mailserver forging trace headers
and an actual forward, but it causes a world of problems.
Several larger shared webhosting companies have disabled forwarding to AOL
accounts for this very reason. Some idiot customers of theirs reported mail
as spam and got their own webhost's mailserver blacklisted \o/
Marcel Veldhuizen
The Netherlands
Re: (OT, slightly) dealing with AOL spam reports?
Posted by jdow <jd...@earthlink.net>.
From: "Ryan Sorensen" <ry...@bizquest.com>
> > Mike Jackson wrote:
> >
> >> A couple days ago, I set up AOL's "feedback loop" (though the loop
> >> part is a misnomer, since you can't actually respond to the messages)
> >> so I could monitor complaints against my employer's servers. Looking
> >> through the messages AOL says their members reported as spam, I
> >> noticed that none of them actually originated on my servers; they were
> >> all messages that were sent to addresses at the servers, then
> >> forwarded to AOL accounts, and since AOL records the IPs of all
> >> servers the message touched, I'm tainted by them.
>
>
> I have the same problem. Users will come to my site and inquire on a
> financial listing, and report the response as spam. Often, they will
> report the confirmation emails as spam.
>
> My biggest concern though is messages that come in from spammers, get
> filtered by spam assassin (they have ***SPAM*** tags in the subject) and
> then go on to the AOL forwards. These are defanged messages that still
> get reported as spam. I have to believe that AOL isn't stupid enough to
> blacklist me for relaying the message... i hope?
>
> I have been running like this for a number of months now, and so far
> have not had any trouble. I simply slap the users on my system that send
> messages that could be considered UCE and ignore the rest. I probably
> get 50 - 80 TOS notifications per day, and maybe two or three *a week*
> are legitimate violations. So far I haven't been taken off the whitelist.
You may have to deny forwarding the ***SPAM*** bearing messages. Deflect
them locally to a web mail spam reader application that the users can
check if and when they wish. (Auto-delete in a day or two.) It's a lot
of work and inconvenience. But it can work nicely.
{^_^}
Re: (OT, slightly) dealing with AOL spam reports?
Posted by Ryan Sorensen <ry...@bizquest.com>.
> Mike Jackson wrote:
>
>> A couple days ago, I set up AOL's "feedback loop" (though the loop
>> part is a misnomer, since you can't actually respond to the messages)
>> so I could monitor complaints against my employer's servers. Looking
>> through the messages AOL says their members reported as spam, I
>> noticed that none of them actually originated on my servers; they were
>> all messages that were sent to addresses at the servers, then
>> forwarded to AOL accounts, and since AOL records the IPs of all
>> servers the message touched, I'm tainted by them.
I have the same problem. Users will come to my site and inquire on a
financial listing, and report the response as spam. Often, they will
report the confirmation emails as spam.
My biggest concern though is messages that come in from spammers, get
filtered by spam assassin (they have ***SPAM*** tags in the subject) and
then go on to the AOL forwards. These are defanged messages that still
get reported as spam. I have to believe that AOL isn't stupid enough to
blacklist me for relaying the message... i hope?
I have been running like this for a number of months now, and so far
have not had any trouble. I simply slap the users on my system that send
messages that could be considered UCE and ignore the rest. I probably
get 50 - 80 TOS notifications per day, and maybe two or three *a week*
are legitimate violations. So far I haven't been taken off the whitelist.
-Ryan Sorensen
Re: (OT, slightly) dealing with AOL spam reports?
Posted by Bookworm <qm...@bkwm.com>.
Mike Jackson wrote:
> A couple days ago, I set up AOL's "feedback loop" (though the loop
> part is a misnomer, since you can't actually respond to the messages)
> so I could monitor complaints against my employer's servers. Looking
> through the messages AOL says their members reported as spam, I
> noticed that none of them actually originated on my servers; they were
> all messages that were sent to addresses at the servers, then
> forwarded to AOL accounts, and since AOL records the IPs of all
> servers the message touched, I'm tainted by them.
>
> So, how do you deal with this? My setup on the servers is like this:
<snipped>
> * Setting up user accounts for the users with AOL forwards, filtering
> the mail through SA, then delivering it only if SA didn't mark it as
> spam, but that's a lot of users to set up.
<snipped>
This is NOT a suggestion to change MTA. On my server, which is using
Qmail, all emails are filtered through spamassassin and ClamAV, even
those which are forwards. Might there be a similar method to drop a
process in between the receive and delivery steps of sendmail? It
seems rather strange that sendmail would receive the email and then pass
it on without it going through at least your system spamassassin.
I guess the question here would be: "At what point is spamassassin
currently being called in your mail system."
BW
Re: (OT, slightly) dealing with AOL spam reports?
Posted by Mike Atkinson <mi...@wawasee.net>.
Mike Jackson wrote:
> * Invoking a policy of not forwarding to AOL accounts, but we're a web
> design/hosting firm with about 200 domains, and a handful of customers have
> AOL addresses, and that sort of policy wouldn't stand.
This doesn't directly address your question, but we have found that the AOL
feedback loop is a joke; or more precisely, large numbers of AOL customers are
once again proven to be clueless.
It is amazing to me how many people click the this is spam button in their AOL
email client for items that are definitely not spam. Things like little Suzie
thanking her grandmother for the nice birthday gift/party, someone notifying
an AOL customer of the death of a family member, etc. I'd say that 40-50% of
the AOL TOS complaints we get are in regard to items where there is obviously
a personal relationship and the email is nothing even remotely resembling
spam. The remainder are forwarded jokes, pictures, etc. which I can
understand some people being annoyed by that sort of activity, but again, it
is obviously from friends and asking that friend not to forward would be the
civilized thing to do rather than filing a spam complaint against them.
For a while we tried to notify our customer about these spam complaints but
too often, it would devolve into our customer thinking that we were accusing
them of spamming. In most cases, asking the AOL customer why they have filed
the spam complaint against their friend just ends up in a TOS complaint about
my inquiry.
We have customers with forwards to AOL accounts, if they do an AOL TOS
complaint on an email that forwarded through us, the forward is deleted.
(Yes, on occasion, the AOL complaint is legit and we deal with those but there
are very, very few of these.)
--
Mike Atkinson - mike@wawasee.net
Re: (OT, slightly) dealing with AOL spam reports?
Posted by Kelson <ke...@speed.net>.
jdow wrote:
> Er, turn off your open relay as a starter. What you described is typical
> open relay performance. And of course it taints you. The spammers are
> simply relaying off your system. Until you stop the spam relays you
> have no leg to stand on.
...Or maybe he has particular users whose accounts on his server forward
to an AOL address. As described later in the message.
--
Kelson Vibber
SpeedGate Communications <www.speed.net>
Re: (OT, slightly) dealing with AOL spam reports?
Posted by Mike Jackson <mj...@barking-dog.net>.
> Er, turn off your open relay as a starter. What you described is typical
> open relay performance. And of course it taints you. The spammers are
> simply relaying off your system. Until you stop the spam relays you
> have no leg to stand on.
I'm not sure I agree with you a hundred percent on your police work, there,
Lou. In fact, you're way off base. Say we host example.com, and Bob has
email address bob@example.com but wants to forward it to bob@aol.com.
There's an entry in Sendmail's virtusertable that forwards bob@example.com
to bob@aol.com. That happens right away without the message processing
through procmail or any other filtering.
Re: (OT, slightly) dealing with AOL spam reports?
Posted by Ryan Sorensen <ry...@bizquest.com>.
jdow wrote:
> Er, turn off your open relay as a starter. What you described is typical
> open relay performance. And of course it taints you. The spammers are
> simply relaying off your system. Until you stop the spam relays you
> have no leg to stand on.
It's hardly fair to accuse him of being an open relay (a fairly strong
insult) with out fully understanding his situation.
I have a similar situation. My server hosts 3000 email accounts for
various virtual domains, and many users choose to forward their email
accounts to their personal accounts - many of which are at AOL. They
then proceed to report defanged spam reports and other spam to AOL.
Since the mail passed thru my system, I get the TOS report. In no way is
this an open relay.
-Ryan Sorensen
Re: (OT, slightly) dealing with AOL spam reports?
Posted by jdow <jd...@earthlink.net>.
From: "Mike Jackson" <mj...@barking-dog.net>
> A couple days ago, I set up AOL's "feedback loop" (though the loop part is
a
> misnomer, since you can't actually respond to the messages) so I could
> monitor complaints against my employer's servers. Looking through the
> messages AOL says their members reported as spam, I noticed that none of
> them actually originated on my servers; they were all messages that were
> sent to addresses at the servers, then forwarded to AOL accounts, and
since
> AOL records the IPs of all servers the message touched, I'm tainted by
them.
Er, turn off your open relay as a starter. What you described is typical
open relay performance. And of course it taints you. The spammers are
simply relaying off your system. Until you stop the spam relays you
have no leg to stand on.
Of course, if they are legitimate mailing list messages and some twit
has decided reporting list messages as spam is a good way to get off
the list there's nothing you can do unless AOL tells you which list
member(s) complained. This is an annoying habit entirely too many
people have.
{^_^}
Re: (OT, slightly) dealing with AOL spam reports?
Posted by "Christopher X. Candreva" <ch...@westnet.com>.
On Wed, 18 May 2005, Mike Jackson wrote:
> * Invoking a policy of not forwarding to AOL accounts, but we're a web
> design/hosting firm with about 200 domains, and a handful of customers have
> AOL addresses, and that sort of policy wouldn't stand.
Variation of this -- inform then they can not use "Report as spam" on
forwarded mail, and if they do so then you can no longer forward to AOL
because it will be blocked.
Give them two warnings if you want, then tell them you can't forward to AOL
for them any longer.
==========================================================
Chris Candreva -- chris@westnet.com -- (914) 967-7816
WestNet Internet Services of Westchester
http://www.westnet.com/
Re: (OT, slightly) dealing with AOL spam reports?
Posted by Doc Schneider <ma...@maddoc.net>.
Bob McClure Jr wrote:
> On Wed, May 18, 2005 at 09:16:15AM -0700, Mike Jackson wrote:
>
>>A couple days ago, I set up AOL's "feedback loop" (though the loop part is
>>a misnomer, since you can't actually respond to the messages) so I could
>>monitor complaints against my employer's servers. Looking through the
>>messages AOL says their members reported as spam, I noticed that none of
>>them actually originated on my servers; they were all messages that were
>>sent to addresses at the servers, then forwarded to AOL accounts, and since
>>AOL records the IPs of all servers the message touched, I'm tainted by them.
>>
>>So, how do you deal with this? My setup on the servers is like this:
>>
>>* Sendmail
>>* Using Spamhaus SBL/XBL to deny listed servers at MTA level
>>* Most of the AOL forwarding is done via Sendmail's virtusertable
>>* Mail passed to SA via procmail on a per-user basis (not site-wide, yet,
>>but that's in the plans)
>>
>>The solutions I've already thought of and rejected:
>>
>>* Invoking SA via milter and denying spam at the MTA level, but few
>>customers would want spam denied outright (heck, I know I wouldn't). Of all
>>these possible solutions, though, it's the only one that wouldn't leave my
>>server's mark on the message.
>>
>>* Setting up user accounts for the users with AOL forwards, filtering the
>>mail through SA, then delivering it only if SA didn't mark it as spam, but
>>that's a lot of users to set up.
>>
>>* Doing the preceding with a single user account and redirecting the mail
>>to the right addresses via procmail and/or formail, but that wouldn't scale
>>well and would wind up being a mess.
>>
>>* Invoking a policy of not forwarding to AOL accounts, but we're a web
>>design/hosting firm with about 200 domains, and a handful of customers have
>>AOL addresses, and that sort of policy wouldn't stand.
>>
>>Any other workable suggestions? (And please, no suggestions that involve
>>changing MTAs. It's not going to happen.)
>
>
> As I understand it, once you have your server listed on the AOL
> feedback loop, it is whitelisted, so that may solve the immediate
> problem.
>
> <rant>
> The big problem with AOL's system is clueless (l)users who hit the
> "report as spam" button accidentally or intentionally. I am the owner
> of a mailing list hosted on the server of an IPP. We started getting
> postings rejected by AOL's servers. I voluntarily listed myself as
> the stuckee to get the feedback for the list server. I found that the
> vast majority of feedback I got was from some subscriber to one of the
> other lists, who, I guess, thinks hitting the spam button is a good
> way to get unsubscribed from the list, because s/he has about half the
> brains of a good fence post and can't figure out how to unsubscribe
> him/herself. The other problem is that, for privacy reasons, AOL
> expunges the recipient's address, so we have no idea whom to
> unsubscribe.
>
> It's a stupid system.
>
> I heard of one list owner who solved his problem by unsubscribing all
> his AOL listers, I think, after posting or emailing them that all of
> them need to subscribe themselves.
> </rant>
>
> Cheers,
Bob,
I too join the AOL feedback loop after seeing massive aol denials.
I run a bunch of mailing lists here as well and have them all now
running Mailman and using the personalization setting with a little snip
of code that shows who reported it as spam, if I get a report, then I
come down on them like a thundering herd of buffalo. They get one
warning then they're unsubbed and banned. I've told a list I run, which
is the worst one for getting reported to aols stupid system, to write
aols tech suppport and let them know the buttons to report as spam and
delete are way too close and can be hit by accident.
Works for me anyway, YMMV,
-Doc
Re: (OT, slightly) dealing with AOL spam reports?
Posted by "Christopher X. Candreva" <ch...@westnet.com>.
On Wed, 18 May 2005, Bob McClure Jr wrote:
> As I understand it, once you have your server listed on the AOL
> feedback loop, it is whitelisted, so that may solve the immediate
> problem.
Not really. I can tell you the magic number is 10. As in, if someone goes
on vacation, gets back, and reports 10 messages in a row as spam because
they fscking "Report as spam" button is next to "delete" and they can't
tell the difference, the IP that sent those messages will be blocked for at
least 4 hours.
==========================================================
Chris Candreva -- chris@westnet.com -- (914) 967-7816
WestNet Internet Services of Westchester
http://www.westnet.com/
Re: (OT, slightly) dealing with AOL spam reports?
Posted by Bob McClure Jr <ro...@earthlink.net>.
On Wed, May 18, 2005 at 09:16:15AM -0700, Mike Jackson wrote:
> A couple days ago, I set up AOL's "feedback loop" (though the loop part is
> a misnomer, since you can't actually respond to the messages) so I could
> monitor complaints against my employer's servers. Looking through the
> messages AOL says their members reported as spam, I noticed that none of
> them actually originated on my servers; they were all messages that were
> sent to addresses at the servers, then forwarded to AOL accounts, and since
> AOL records the IPs of all servers the message touched, I'm tainted by them.
>
> So, how do you deal with this? My setup on the servers is like this:
>
> * Sendmail
> * Using Spamhaus SBL/XBL to deny listed servers at MTA level
> * Most of the AOL forwarding is done via Sendmail's virtusertable
> * Mail passed to SA via procmail on a per-user basis (not site-wide, yet,
> but that's in the plans)
>
> The solutions I've already thought of and rejected:
>
> * Invoking SA via milter and denying spam at the MTA level, but few
> customers would want spam denied outright (heck, I know I wouldn't). Of all
> these possible solutions, though, it's the only one that wouldn't leave my
> server's mark on the message.
>
> * Setting up user accounts for the users with AOL forwards, filtering the
> mail through SA, then delivering it only if SA didn't mark it as spam, but
> that's a lot of users to set up.
>
> * Doing the preceding with a single user account and redirecting the mail
> to the right addresses via procmail and/or formail, but that wouldn't scale
> well and would wind up being a mess.
>
> * Invoking a policy of not forwarding to AOL accounts, but we're a web
> design/hosting firm with about 200 domains, and a handful of customers have
> AOL addresses, and that sort of policy wouldn't stand.
>
> Any other workable suggestions? (And please, no suggestions that involve
> changing MTAs. It's not going to happen.)
As I understand it, once you have your server listed on the AOL
feedback loop, it is whitelisted, so that may solve the immediate
problem.
<rant>
The big problem with AOL's system is clueless (l)users who hit the
"report as spam" button accidentally or intentionally. I am the owner
of a mailing list hosted on the server of an IPP. We started getting
postings rejected by AOL's servers. I voluntarily listed myself as
the stuckee to get the feedback for the list server. I found that the
vast majority of feedback I got was from some subscriber to one of the
other lists, who, I guess, thinks hitting the spam button is a good
way to get unsubscribed from the list, because s/he has about half the
brains of a good fence post and can't figure out how to unsubscribe
him/herself. The other problem is that, for privacy reasons, AOL
expunges the recipient's address, so we have no idea whom to
unsubscribe.
It's a stupid system.
I heard of one list owner who solved his problem by unsubscribing all
his AOL listers, I think, after posting or emailing them that all of
them need to subscribe themselves.
</rant>
Cheers,
--
Bob McClure, Jr. Bobcat Open Systems, Inc.
robertmcclure@earthlink.net http://www.bobcatos.com
God is more interested in our availability than our ability.