I've had some experience dealing with AOL's issues. Their policies and techniques are shared by earthlink and probably a couple of other mail hosting providers.

This has been going on for some years, and AOL had been fairly consistent about it. AOL's mail UI contains a "Report Spam" button, and accumulates statistics on the sending IPs of email to which their users object, and if an IP address accumulates too many complaints, it gets blocked.

These URLs will be helpful to you:

http://postmaster.aol.com/Postmaster.FeedbackLoop.php

http://postmaster.aol.com/Postmaster.Guidelines.php

If you're subscribed to AOL's FBL abuse reports you'll get a notice whenever an AOL (or other IPP host using this same system) subscriber presses the "Report Spam" button, and AOL considers it your responsibility to see that this address is deleted from your mailing list in the future. Ironically, AOL does its best to redact any information from the problem emails (returned with FBL abuse reports) which would enable you to easily identify the complaining AOL subscriber, although if you manage to pull this information from a VERP address in the message headers, AOL has no problem with this.

What I've been doing here is directing AOL's FBL abuse reports through a custom python script which extracts the list name and the subscriber address, unsubscribes the address from the list and notifies the list owner (withlist is your friend!). To this end, I've also hacked Mailman to insert a Resent-message-id header into outgoing posts containing the subscriber address, AES-encrypted. According to a discussion on this list several months ago, AOL has no problem with this, as long as the subscriber address isn't in plain text in the returned list post in the FBL abuse report.

In the meantime, you'll need to contact the AOL postmaster (postmaster@aol.com) and get the blocks removed, and sign up for FBL abuse reports.

AOL also has a "Certified Email" service to which you can subscribe, once you've cleared the blocks against your server. I'm not sure if this is a commercial service, but if you sign up for it, it does provide you with some insurance against blocks. See the pages I cite above.

On Sun, 2013-02-10 at 16:53 -0500, Max Pyziur wrote:

We've been using mailman for almost ten years (thank you). At our peak we have run about ten email lists: some discussion-oriented w/ small membership, and very low frequency; others that have had higher frequency and membership. In addition, two of them have been used to distribute monthly newsletters/announcements to a large membership (5,000 to 10,000 subscribers).

Recently (in the last six months to a year), some ISPs have begun blocking these high volume/low-frequency distributions, in particular AOL. While AOL emails make up about 10% of the constituency of these lists, for us and our lists it is important that distributions reach these subscribers.

It seems that AOL, among others, has insisted on some sort of pre-authentication procedures, so that large distributions from servers such as ours are effectively whitelisted.

Have other mailman admins encountered these issues?

Is this a foreshadowing of things to come?

Much thanks.

Max Pyziur

I've had some experience dealing with AOL's issues. Their policies and techniques are shared by earthlink and probably a couple of other mail hosting providers.

This has been going on for some years, and AOL had been fairly consistent about it. AOL's mail UI contains a "Report Spam" button, and accumulates statistics on the sending IPs of email to which their users object, and if an IP address accumulates too many complaints, it gets blocked.

These URLs will be helpful to you:

http://postmaster.aol.com/Postmaster.FeedbackLoop.php

http://postmaster.aol.com/Postmaster.Guidelines.php

If you're subscribed to AOL's FBL abuse reports you'll get a notice whenever an AOL (or other IPP host using this same system) subscriber presses the "Report Spam" button, and AOL considers it your responsibility to see that this address is deleted from your mailing list in the future. Ironically, AOL does its best to redact any information from the problem emails (returned with FBL abuse reports) which would enable you to easily identify the complaining AOL subscriber, although if you manage to pull this information from a VERP address in the message headers, AOL has no problem with this.

What I've been doing here is directing AOL's FBL abuse reports through a custom python script which extracts the list name and the subscriber address, unsubscribes the address from the list and notifies the list owner (withlist is your friend!). To this end, I've also hacked Mailman to insert a Resent-message-id header into outgoing posts containing the subscriber address, AES-encrypted. According to a discussion on this list several months ago, AOL has no problem with this, as long as the subscriber address isn't in plain text in the returned list post in the FBL abuse report.

In the meantime, you'll need to contact the AOL postmaster (postmaster@aol.com) and get the blocks removed, and sign up for FBL abuse reports.

AOL also has a "Certified Email" service to which you can subscribe, once you've cleared the blocks against your server. I'm not sure if this is a commercial service, but if you sign up for it, it does provide you with some insurance against blocks. See the pages I cite above.

On Sun, 2013-02-10 at 16:53 -0500, Max Pyziur wrote:

We've been using mailman for almost ten years (thank you). At our peak we have run about ten email lists: some discussion-oriented w/ small membership, and very low frequency; others that have had higher frequency and membership. In addition, two of them have been used to distribute monthly newsletters/announcements to a large membership (5,000 to 10,000 subscribers).

Recently (in the last six months to a year), some ISPs have begun blocking these high volume/low-frequency distributions, in particular AOL. While AOL emails make up about 10% of the constituency of these lists, for us and our lists it is important that distributions reach these subscribers.

It seems that AOL, among others, has insisted on some sort of pre-authentication procedures, so that large distributions from servers such as ours are effectively whitelisted.

Have other mailman admins encountered these issues?

Is this a foreshadowing of things to come?

Much thanks.

Max Pyziur