[91424] in North American Network Operators' Group
Re: AOL Mail Problem
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Thu Jul 27 08:38:32 2006
Date: Thu, 27 Jul 2006 18:08:04 +0530
From: "Suresh Ramasubramanian" <ops.lists@gmail.com>
To: "Tom Quilling" <tier1@ncinet.de>
Cc: nanog@merit.edu
In-Reply-To: <00f201c6b176$ccff79b0$6f00a8c0@tigerteam2>
Errors-To: owner-nanog@merit.edu
What you have run into is called AOL's "second received line" filtering
If your adsl customer is infected, or someone who had that IP recently
[if a dynamic IP] is infected and his PC is originating spam and
malware .. AOL will block any email with that infected IP in the
headers.
Simple reason for this .. a lot of malware is getting quite good at
hijacking Outlook or other MUA on a user's PC [including smtp auth
credentials if any] and sending out spam through the ISP's mail
relays.
Please sign your IP space for a feedback loop from aol -
http://postmaster.info.aol.com/fbl/
--srs
On 7/27/06, Tom Quilling <tier1@ncinet.de> wrote:
> We are an ISP in Germany and experience since this morning, July 27 07:00
> GMT problems with all mail-in Servers at AOL.
> They seem to refuse mailconnections, giving error message 554 for no reason
> at all, since our servers are not listed in any RBL etc..
> We can see, that they extract from the header the original sender IP of a
> mail, instead of the one from the MAIL-RELAY-SERVER, as specified in RFC.
> As these senders are from ADSL IP's, AOL refuses them.
> This is definitely wrong by AOL...
> Does anybody else experience this Problem..
