[Mailman-Users] ISP policies, specifically AOL

[Lindsay Haisley]

I've had some experience dealing with AOL's issues.  Their policies and
techniques are shared by earthlink and probably a couple of other mail
hosting providers.

This has been going on for some years, and AOL had been fairly
consistent about it.  AOL's mail UI contains a "Report Spam" button, and
accumulates statistics on the sending IPs of email to which their users
object, and if an IP address accumulates too many complaints, it gets
blocked.

These URLs will be helpful to you:

http://postmaster.aol.com/Postmaster.FeedbackLoop.php

http://postmaster.aol.com/Postmaster.Guidelines.php

If you're subscribed to AOL's FBL abuse reports you'll get a notice
whenever an AOL (or other IPP host using this same system) subscriber
presses the "Report Spam" button, and AOL considers it your
responsibility to see that this address is deleted from your mailing
list in the future.  Ironically, AOL does its best to redact any
information from the problem emails (returned with FBL abuse reports)
which would enable you to easily identify the complaining AOL
subscriber, although if you manage to pull this information from a VERP
address in the message headers, AOL has no problem with this.

What I've been doing here is directing AOL's FBL abuse reports through a
custom python script which extracts the list name and the subscriber
address, unsubscribes the address from the list and notifies the list
owner (withlist is your friend!).  To this end, I've also hacked Mailman
to insert a Resent-message-id header into outgoing posts containing the
subscriber address, AES-encrypted.  According to a discussion on this
list several months ago, AOL has no problem with this, as long as the
subscriber address isn't in plain text in the returned list post in the
FBL abuse report.

In the meantime, you'll need to contact the AOL postmaster
(postmaster at aol.com) and get the blocks removed, and sign up for FBL
abuse reports.

AOL also has a "Certified Email" service to which you can subscribe,
once you've cleared the blocks against your server.  I'm not sure if
this is a commercial service, but if you sign up for it, it does provide
you with some insurance against blocks.  See the pages I cite above.

On Sun, 2013-02-10 at 16:53 -0500, Max Pyziur wrote:
> We've been using mailman for almost ten years (thank you). At our peak we 
> have run about ten email lists: some discussion-oriented w/ small 
> membership, and very low frequency; others that have had higher frequency 
> and membership. In addition, two of them have been used to distribute 
> monthly newsletters/announcements to a large membership (5,000 to 10,000 
> subscribers).
> 
> Recently (in the last six months to a year), some ISPs have begun blocking 
> these high volume/low-frequency distributions, in particular AOL. While 
> AOL emails make up about 10% of the constituency of these lists, for us 
> and our lists it is important that distributions reach these subscribers.
> 
> It seems that AOL, among others, has insisted on some sort of 
> pre-authentication procedures, so that large distributions from
> servers 
> such as ours are effectively whitelisted.
> 
> Have other mailman admins encountered these issues?
> 
> Is this a foreshadowing of things to come?
> 
> Much thanks.
> 
> Max Pyziur
>