At 09:16 PM 11/15/99 -0600, Adam Bailey wrote:
>On 11/15/99 6:40 PM, James Lick <email@example.com> wrote...
>>On Mon, 15 Nov 1999, Nick Simicich wrote:
>>> Also, AOL is basically in complete violation of RFCs by not bouncing the
>>> mail to the RFC821 MAIL FROM address. They can get away with it, because
>>> they are big.
>>Ironically, in the past AOL was screamed at for doing just what you
>>suggest. When they got a mass spam from a forged address, all the bounces
>>end up mailbombing some poor sap who happens to own the domain in
>>question. Because AOL is very big and is considered a target rich
>>environment by spammers, this means that AOL ends up bouncing a lot of
>>mail in a very short time.
>You're right, I had forgotten about that. Didn't CyberPromo try to sue
>AOL claiming the massive bounces were a Denial of Service attack?
Somone told me last night that the person who designed the mail system for
AOL was not an idiot studying to be a moron, but a real smart fellow. I
would think that a smart fellow would have added something to bounce
handling looking for bounce rates and only inhibiting bounces to sites or
addresses when the bounce rate exceeded some reasonable threshold, such
that there were obvious problems rather than dumping one-off bounces on the
The CyberPromo case was AOL holding all of the bounces sent from forged
RFC8221 addresses and correctly (IMHO) vectoring them back to CyberPromo
(the actual origin), not bouncing to the RFC821 MAIL FROM address. This
was an intentional act under AOL's control and not them simply following
standard procedures, and I believe that a reasonable person would not find
that one related to the other.
The reality is that AOL is the only big mail sink following these
procedures (or at least the only one I know of and the only one that anyone
complains about on this list). Everyone has occasional glitches. AOL has a
mail system designed to use secret criteria to throw mail on the floor,
maybe, or maybe their mail system is just badly broken. No one knows for
sure, and frankly, I don't put much credibility in any public announcement
that AOL makes either formally or informally. Because this stuff is all
secret, the list owners are the ones who take the heat.
Yes, I think this is AOL bashing. But I think it is for cause. They have
some serious problems that affect their customer's service, and they show
no interest in fixing them.
We will fight for bovine freedom, And hold our large heads high.
We will run free, with the buffalo or die! Cows with Guns. - Dana Lyons,
Cows With Guns
Nick Simicich mailto:firstname.lastname@example.org or (last choice)
http://scifi.squawk.com/njs.html -- Stop by and Light Up The World!
From: Chuq Von Rospach <email@example.com>
From: Adam Bailey <firstname.lastname@example.org>