Home / Blogs

AOL Fires Across the Bow of Spam-Friendly ISPs

Daniel Golding

The North American Network Operators Group (NANOG) conference, a gathering of Internet Service Provider (ISP) engineers and vendors convenes three times a year for mostly technical conversation along with social networking. The recent NANOG conference in Reston Virginia saw some unusually direct talk about Spam and the ISPs that tolerate it from America Online's Postmaster, Charles Stiles.

Although the usual tone of presenters is either friendly or blankly academic, Stiles' tone was more aggressive. His message was short and sweet: ISP must change their ways or AOL will blacklist their mail servers. Stile credited ISPs for blocking TCP port 25 amongst their broadband and dialup userbases, a maneuver that has previously reduced spam output. However, he presented data showing that the majority of spam now comes from ISP mailservers directly. As port 25 access has been blocked, the common worms that send out most spam have altered their tactics and have diverted their mail through the various ISP's own mail servers.

Stile submitted that ISPs must do more than just block port 25 outbound. Ideas included the use of anti-spam techniques on outgoing (as well as incoming) email, the use of outbound email rate limiting, and, most importantly, the implementation of SMTP Authentication for all ISP users.

Stile also addressed the issue of Sender Authentication technologies such as SPF and Sender-ID. While noting that AOL supports these technologies, he was quick to point out that they won't stop spam coming from other ISPs' mailservers, as most of the worms send their spam with the local ISP's domain as the from or sender domain. He also noted that AOL will use published SPF records as the basis for their spam whitelist in the very near future and urged the attendees to register such records immediately.

Needless to say, Stile's plain talk and hard data were extremely persuasive. ISPs have clearly entered into a new phase of the anti-spam battle where tactics will become more complex and simple measures like Access Control Lists will be insufficient. AOL appears to be quite serious about blacklisting other ISPs who fail to take aggressive enough action against mass emailers. This may result in some partitioning of the Internet mail system in the immediate future if offending mail system operators are slow to act.

Stile's presentation is available on-line [PDF]. 

By Daniel Golding, VP and Research Director at Tier 1 Research – To learn more about Tier1Research, visit http://www.t1r.comVisit Page
Follow CircleID on
Related topics: Email, Internet Protocol, Spam
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

Re: AOL Fires Across the Bow of Spam-Friendly ISPs Yakov Shafranovich  –  Nov 01, 2004 5:01 AM PDT

AOl has been very progressive of all the ISPs for a long time, and a lot of the stuff they are doing is very good. For example, AOL's postmater wrote a document on port 25 blocking and it seems that they are widely promoting the idea along with allowing the SUBMIT port (587) instead. Good luck!

Re: AOL Fires Across the Bow of Spam-Friendly ISPs Daniel R. Tobias  –  Nov 02, 2004 9:17 AM PDT

I'm opposed, myself, to ISPs blocking port 25 outbound, since many users (myself included) have legitimate reasons to use outside mail servers.  In my case, I use an e-mail address in my own domain, hosted on a Web hosting provider, and wish to use both inbound and outbound servers at that provider.

Re: AOL Fires Across the Bow of Spam-Friendly ISPs Daniel Golding  –  Nov 04, 2004 1:50 PM PDT

Need to use an outside mail server?

That's easy to do with SMTP-Authorization running on the SMTP Submission Port, TCP port 587. This can also be accomplished by using SMTP-AUTH with TLS (aka SSL). Other alternatives include SSL and IPSec VPNs. You would be surprise how many folks support at least one of these techniques. If they don't, find a new hoster!

Closing port 25 to dynamically assigned IP addresses is an important part of the move towards accountability and authentication in email origination.

For now, you can also "smarthost" - use your own ISP's mailserver to relay out mails with altered message headers. As SPF and Sender-IF are adopted, however, this will stop working, as the difference between phishing and smarthosting is intent rather than technical.

To post comments, please login or create an account.

Related

Topics

IP Addressing

Sponsored byAvenue4 LLC

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byAfilias

DNS Security

Sponsored byAfilias

Whois

Sponsored byWhoisXML API

Cybercrime

Sponsored byThreat Intelligence Platform

Cybersecurity

Sponsored byVerisign