At 09:44 PM 2003-01-23 +0100, Loek Jehee wrote:
I sent private mail earlier discussing the perception of problems with
xs4all.nl. As part of this answer, I checked the address against a number
of blacklist sources. The answer is, xs4all.nl (and specifically the
address the mail I am replying to) is listed in several RBL style
blacklists. postfixgate.com, ztl.dorklist.org, maildeflector,
others. These are not widely used, but there are some commercial spam
blockers that build their own lists based on some set of lists. One that I
found puts you on based on spamtrap spam, but won't let you off as long as
you are on any lists. Who knows what AOL does?
http://apps.declude.com/tools/ip4r.ch?ip=194.109.127.137
http://moensted.dk/spam/?addr=194.109.127.137&Submit=Submit
Now, if this is the case, and if AOL has decided to list xs4all, well, it
is going to be tougher to get your e-mail through.
You might consider simply moving your list to a list provider who is
getting mail through to AOL. My point is that I doubt it is your list, I
suspect it is your provider. If they are mixing their mailing list output
with mail sent by general users, well, every ISP gets spammers, every ISP
will get listed in some mailing list from time to time.
>I received confirmation from some subscribers that indeed they
>didn't receive my earlier messages and they now wrote
>Emails of complaint to the postmaster urging AOL to
>"whitelist" my mailing list and threatening them to quit their
>account. This might help. Let's wait and see. I didn't get
>any reply from AOL on my message so far.
It may be a mailing list issue but I doubt it --- if no one on AOL is
getting any of your e-mail, it may simply be that AOL has decided to block
all of your e-mail - (when I say "your" I mean they may be blocking all
e-mail from your server). The real reason to boycott AOL is that they
silently dump this sort of stuff rather than bouncing it so that no one can
tell what is going on. I've heard all sorts of tales about why AOL sucks
down mail instead of bouncing it, but when they decide a server is rogue,
they could border-block it rather than taking the mail, then the bounces
would not be coming from them. And it would lower load on their
servers. But that would take thought on their part, and some compassion
for their users and the rest of the world. Why should AOL bother? They
are the biggest...and the reality seems to be that users want them to block
spam. They are probably willing to take some false positives. I am not
one of the people who believe that all mail should be delivered or filtered
at the end user's specific setup -- for one thing, I do not think that AOL
users want that level of control. What they want to do is to have the
problem go away.
But I do believe that they should bounce the mail. And, yes, I understand
that they might end up doing a denial of service on someone. That would be
alleviated by simply border-bouncing more of the spam. This seems to be a
case where all mail from some server is going to be silently
pitched. Border bouncing it would take care oif that.
>I am very much afraid that the recent Klesh type viruses
>could soon create a situation in which all mailing lists will be
>banned from large mail servers because we - as their
>administrators - (and the Email address of the list itself)
>will definitely exist in thousands of address books so the
>chance that our address will be abused by a virus on an
>affected computer is extremely high.
It is usually quite simple to determine that this is a klez rather than an
attack from an individual because of the server-sender mismatch. Klez
amounts to another denial of service attack, but I do not think it is of
the same magnitude as spam. It is also true that the entire class of
mailer which is currently being attacked will eventually become
obsolete. The next generation of mailers may simply not have these sorts
of holes. One can hope that the designers will learn something from this
massive debacle.
>This might become the end of the phenomenon "mailing list".
I think that there are a number of things that might help along the end of
the mailing list, but I do not think that Klez or other worms using that
attack, and there are more than a handful now, are one of them - lots of
people running mailing list software simply do not allow attachments, or
only allow limited types that can't do the sorts of damage that the virii
can. The most likely outcome for the masses is permission based
whitelist-only e-mail systems. Mailing lists can survive in that
environment, but people will have to open up specific senders or domains
for mailing list origins. e-mail might eventually die, perhaps to be
replaced with something with stronger authentication, but I doubt it.
--
SPAM: Trademark for spiced, chopped ham manufactured by Hormel.
spam: Unsolicited, Bulk E-mail, where e-mail can be interpreted generally
to mean electronic messages designed to be read by an individual, and it
can include Usenet, SMS, AIM, etc. But if it is not all three of Unsolicited,
Bulk, and E-mail, it simply is not spam. Misusing the term plays into the
hands of the spammers, since it causes confusion, and spammers thrive on
confusion. If you were not confused, would you patronize a spammer?
Nick Simicich - njs@scifi.squawk.com - http://scifi.squawk.com/njs.html
Stop by and light up the world!
References:
|
|
