North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: AOL scomp

  • From: Rich Kulawiec
  • Date: Fri Feb 25 00:20:03 2005

On Thu, Feb 24, 2005 at 02:53:14PM -0500, Mark Radabaugh wrote:
> Now here I would disagree.   These are specific requests by
> individuals to forward mail to from one of their own accounts to
> another one of their own accounts.

But a request to forward mail is not a request to facilitate
abuse by forwarding spam.

> I do not think AOL (or anyone) should consider mail forwarded
> at the customers request as indicating that our mail servers are sending spam.

Why not?

Did it come from your servers?  On your network?

If "yes", then it's YOUR spam, and you should expect to held fully
accountable for it.  If that's an unpleasant notion, and I'll stipulate
that it sure is for me, then you need to do whatever you need to do
in order to put a sock in it.

We are long past the time when excuses for relaying/forwarding/bouncing
spam were acceptable. The techniques for mitigating these -- at least
to cut down a torrent to a trickle -- are well-known, well-understood,
well-documented and readily available in a variety of implementations.

More generally, the best place to stop spam is as near its source as
possible.  So if you're the forwarder, you're at least one hop closer to
the source than the place you're forwarding to -- thus you should have
a better chance than they do of stopping it.  And you should at least
make a credible try: nobody expects perfection (though we certainly hope
for it) but doing _nothing_ isn't acceptable, either.

So, for instance: take advantage of the AOL feedback loop.  Anything
that they're catching -- that you're not -- indicates an area where
you can improve what you're doing.  Find it, figure it out, and do it.
Everyone benefits -- including all your users who aren't having their
mail forwarded.