spf-discuss
[Top] [All Lists]

RE: A Cautionary Tale concerning AOL

2004-11-05 09:05:40
On Fri, 5 Nov 2004, Brian Barrios wrote:

One thing that AOL screwed up on: they drop the connection rather than
issuing a 5xx status.  The end user sees "connection dropped, 

This is incorrect.  No connections are ever dropped in an effort to fight
spam.  I obviously cannot claim connections are never dropped, but if we
want to block your mail, we just do so, we never attempt to hide this fact.
For that matter, no email is ever silently deleted either.  All email is
either blocked, (ie, issued a 421, 554, 550) or delivered.  However, I will

Good to know the connection drop wasn't intentional.  But we did observe
just that over the course of a week.  I want to reiterate that the 
reputation tracking feature of AOL is a good one - the problem was the
end users unfiltered forward.

SPF could make the system work the way the end user expected.  If AOL's
reputation tracking went by domain instead of IP for domains that pass SPF,
and also extracted the original domain from SRS forwarded mail, then
this end user could use the AOL spam filter without interfering with
other mail from her company.

BTW, shortly after posting my complaint, AOL started accepting this customers
mail again.  Most likely, the demerits decay over time, but it reminded me of
working with the local phone company: they insist that their testing shows that
there is no problem with your line (despite no packets getting sent either
way), but 30 minutes after they hang up, T1 carrier drops for a moment and it
starts working again. :-)

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.


<Prev in Thread] Current Thread [Next in Thread>