[unisog] AOL rejects forwarding?

Paul Russell prussell at nd.edu
Wed Nov 3 01:42:39 GMT 2004


On 11/2/2004 5:16 PM, Bob Johnson wrote:
> This is standard practice for AOL.  If their users complain of spam, 
> they block the system they got the spam from, regardless of whether it 
> originated with you or you forwarded it for a legitimate user.  Part of 
> the problem is that their users hit the spam button for anything they 
> don't want to see, whether it is legitimate or not. 

And the 'report as spam' button is immediately adjacent to the 'delete'
button in the AOL mailbox window, so an errant hand-twitch can turn JHD
into an accidental spam report.

> If a department 
> sends a monthly newsletter to its students, and some of them forward 
> their mail to AOL, then they are likely to hit the spam button if they 
> aren't interested in reading it.
> 
> Try the feedback loop and see what it tells you, but if you need to talk 
> to a real human you will need to be persistent and polite.  It took our 
> mail system manager several days of waiting on hold to talk to the right 
> person to get it straightened out when it happened here.

The manager of AOL's anti-spam group is a subscriber and regular participant
on the SPAM-L list <http://peach.ease.lsoft.com/archives/spam-l.html>, and
is responsive to both public and private communications.

We used to get a large number of spam complaints via the AOL feedback loop,
however, that number has been reduced significantly since we began blocking
outbound connection requests for port 25 at our network border, unless
they originate from a known mail server. We are also implementing mandatory
SMTP authentication. ResNet is complete and we are rolling it out to the rest
of campus, one building at a time.

Blocking outbound port 25 eliminates direct-to-MX spam and virus traffic,
and mandatory SMTP authentication eliminates relay spam from compromised
internal systems. Sooner or later, we will have to deal with trojans which
either use MAPI calls to retrieve stored usernames and passwords for SMTP
authentication, or pop a dialogue box and ask for a userid and password.

--
Paul Russell
Senior Systems Administrator
OIT Messaging Services Team
University of Notre Dame




More information about the unisog mailing list