Yahoo and their mail filters..
Jo Rhett
jrhett at netconsonance.com
Tue Mar 24 19:51:30 UTC 2009
On Feb 27, 2009, at 7:10 AM, Ken A wrote:
> I agree that aol could do a better job of filtering the outbound,
> but I don't think it's a useless system. We get a few dozen from aol
> a day unless we have a real problem.
> I see the mother-daughter conversations (worst), the subscribed lazy
> user emails - we encourage our mailing list senders to include unsub
> links - partly to make it easy for _us_ to click and unsub these
> dummies.
>
> And we see the 'real deal' now and then; usually an exploited php
> script being abused by spammers, or someone who has had their
> password sniffed, or stolen.
> Most of these are users who travel and don't use secure protocols,
> or have a teenager in the house (the most insecure protocol is
> adolescence). We appreciate aol's efforts, imperfect as they are.
The math here is easy.
1. The time cost of reading AOL's feedback loop was greater than 2
working hours every day.
2. The number of exploited systems that we received notification about
was total of 3 in 2 years of reading that loop.
3. Every one of those exploited systems also got SpamCop reports.
365 x 2 years x 2 hours = 1460 hours minimum (because it rarely took
only 2 hours)
1460 hours of effort / 3 compromises = 487 hours, or 3 months of work
per compromise.
In short, AOL provided zero value to us. Because if a SpamCop user is
reporting valid receipts, I report it back to the SpamCop admins and
they go have a talk with the user.
NOTE: for a small mail sending provider who controls every mail server
and customer in their netblock, it probably is useful. It's just
useless for colocation providers and generic ISPs.
And let's be honest. AOL's effort shouldn't be applauded. It's an
autobot which sends false spam reports, nothing more and nothing
less. Any autobot which sends false spam reports needs to be shut down.
--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source
and other randomness
More information about the NANOG
mailing list