spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: A Cautionary Tale concerning AOL

2004-11-05 12:20:33
from [Hallam-Baker, Phillip] [Permanent Link] 
Reading about this episode it reads to me like a case for SPF.

It is solvable, but requires state to be maintained on a per user profile
basis. I don't see this as very bad since you need to pull up a profile
anyway to do the job right.

                Phill


-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com 
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of 
Stuart 
D. Gathman
Sent: Friday, November 05, 2004 11:06 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: RE: [spf-discuss] A Cautionary Tale concerning AOL


On Fri, 5 Nov 2004, Brian Barrios wrote:


One thing that AOL screwed up on: they drop the connection rather 
than issuing a 5xx status.  The end user sees "connection dropped,


This is incorrect.  No connections are ever dropped in an effort to 
fight spam.  I obviously cannot claim connections are never 

dropped, 

but if we want to block your mail, we just do so, we never 

attempt to 

hide this fact. For that matter, no email is ever silently deleted 
either.  All email is either blocked, (ie, issued a 421, 

554, 550) or 

delivered.  However, I will


Good to know the connection drop wasn't intentional.  But we 
did observe just that over the course of a week.  I want to 
reiterate that the 
reputation tracking feature of AOL is a good one - the 
problem was the end users unfiltered forward.

SPF could make the system work the way the end user expected. 
 If AOL's reputation tracking went by domain instead of IP 
for domains that pass SPF, and also extracted the original 
domain from SRS forwarded mail, then this end user could use 
the AOL spam filter without interfering with other mail from 
her company.

BTW, shortly after posting my complaint, AOL started 
accepting this customers mail again.  Most likely, the 
demerits decay over time, but it reminded me of working with 
the local phone company: they insist that their testing shows 
that there is no problem with your line (despite no packets 
getting sent either way), but 30 minutes after they hang up, 
T1 carrier drops for a moment and it starts working again. :-)

-- 
            Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 
Fax: 703 591-6154 "Confutatis maledictis, flamis acribus 
addictis" - background song for a Microsoft sponsored "Where 
do you want to go from here?" commercial.

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in 
Atlanta features SPF and Sender ID. To unsubscribe, change 
your address, or temporarily deactivate your subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-> 
discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Re: [OT] HTML rant, Hallam-Baker, Phillip
Next by Date:  Re: Re: [OT] HTML rant, jpinkerton
Previous by Thread:  RE: A Cautionary Tale concerning AOL, Raymond Neeves
Next by Thread:  web page on sender ID, Meng Weng Wong
Indexes:  [Date] [Thread] [Top] [All Lists]