To make it clear: I do believe that AOL attempts to stop spam originating from their domain, but lately enterprising spammers have abused this fact and the accompanying credibility that AOL has, and have forged mail which appears to come from AOL. I have repeatedly reported this fact to AOL and received nothing but an automated reply. Here is a typical sequence:
Date: Sun, 27 Dec 1998 12:56:53 +1030 To: abuse@aol.com X-Mailer: Mutt 0.91.1i WWW-Home-Page: http://www.lemis.com/~grog Organization: LEMIS, PO Box 460, Echunga SA 5153, Australia Phone: +61-8-8388-8286 Fax: +61-8-8388-8725 Mobile: +61-41-739-7062 This forged spam is abusing AOL's domain name. I've seen a lot of this recently, and it makes it very difficult to filter. Please indicate what you are doing to protect your domain name, otherwise I will have no recourse but to block AOL. Greg Lehey ----- Forwarded message from ei2succeed@aol.com ----- > From ei2succeed@aol.com Sun Dec 27 08:50:45 1998 > Received: from server1.incom.net (mail.incom.net [206.13.99.129]) > by allegro.lemis.com (8.9.1/8.9.0) with ESMTP id IAA21681 > forThis header shows that the message in fact comes from incom.net.; Sun, 27 Dec 1998 08:50:42 +1030 (CST) > From: ei2succeed@aol.com > Received: from rustyo (pm4a36.incom.net [206.171.123.52]) > by server1.incom.net (8.8.8/8.8.8) with SMTP id OAA21832; > Sat, 26 Dec 1998 14:15:50 -0800
> To: Recent@server1.incom.net, Visitors@server1.incom.net > Subject: Thanks for stopping by > Date: Sat, 26 Dec 1998 14:12:52 -0800 > Message-Id: <36155.592278587961600.257804@localhost> > MIME-Version: 1.0 > Content-Type: text/plain; charset=us-ascii > Content-Transfer-Encoding: 8bit > Content-Length: 461 > Lines: 18 > To: Recent@server1.incom.net, Visitors@server1.incom.net > Date: Sat, 26 Dec 1998 14:12:52 -0800 > Thanks for your recent visit to our web site. If you did not have time to check out > our > > Newest software offerings or our latest Herbal Energy Products, Please stop by again: > > our address is: (in case you forgot to book-mark our site) > http://www.endeavorsnet.com > > We are sending this e-mail to everyone that has visited us. > > Our customer list WILL NOT EVER BE SOLD, RENTED OR OTHERWISE DISTRIBUTED. > > It is our private list! > > Thanks, > > Endeavors International > ----- End forwarded message ----- -- See complete headers for address, home page and phone numbers finger grog@lemis.com for PGP public keyThis is the only receipt I got. AOL did not indicate that they are doing anything about this problem; after receiving further forged mail, I have therefore decided to block AOL. If you are an AOL customer trying to contact lemis.com, I'm sorry. I'd suggest that you find a service provider who cares about abuse of his domain name.
Date: Sat, 26 Dec 1998 21:27:12 -0500 (EST) To: grog@freebie.lemis.com Old-Subject: Re: Abuse of AOL domain name (was: Thanks for stopping by) Precendence: junk X-Loop: abuse@aol.net Reply-To: abuse@aol.net (AOL Net Abuse Handler) *** THIS IS AN AUTOMATED RECEIPT NOTIFICATION *** Thank you for writing with your comments and concerns. You are receiving this automatically generated message to acknowledge that your mail has been received. All reports of abuse will be fully investigated by our staff. Please note that due to the volume of mail we receive, you may not receive a personal acknowledgment or indication of action. In the event that you are reporting USENET abuse, please check the daily summary of USENET actions posted to news.admin.net-abuse.bulletins. All accounts reported for more than 5 inappropriate or otherwise abusive USENET articles are listed in this report. Also, please carefully check the headers of USENET articles to ensure they are not, in fact, forgeries--it is becoming fashionable for Internet users to do this. Headers which will quickly point out forgeries include NNTP-Posting-Host and Message-ID. If you come across a forged article, please report it to the postmaster or abuse account on the site from which it originated. Incidents of mass-mail spams originating from AOL addresses are regularly posted to SPAM-L on LISTSERV@PEACH.EASE.LSOFT.COM and list-managers@greatcircle.com. If you are a list owner, subscribing to those lists may be of great value in combatting Internet abuse from all sites.Being informed after the event sounds to me like a good way to get even more mail. I can't see much use in it.
Internet e-mail violations are presently handled by our internal Terms of Service staff. If you continue to see abuses of Internet mail more than 72 hours after your original report, please note this and we will take special action on the account. If you do not wish to receive copies of this notice in the future, please send mail to abuse@aol.net with the subject "No autoreply". Thank you for writing, Internet Abuse Team America Online, Inc. v.19980910