Re: [exim] Looking to Create and Addtional Header Record to …

Top Page
Delete this message
Reply to this message
Author: Dave Lugo
Date:  
To: exim-users
Subject: Re: [exim] Looking to Create and Addtional Header Record to Solve AOL Redaction Problems
On Sun, 5 Oct 2008, W B Hacker wrote:
>
> On the face of it, it seems to be a prudent move on AOL's part toward
> reducing the chance the 'whistleblower' is retaliated against.
>
> Not an unreasonable choice.
>


It's all about being able to tell the user "we don't
give out your email address", but AOL seems to want
those that get scomp reports to treat them at minimum,
as unsubscribe requests.

To this end, the report does include the Message-ID in
the ARF preamble. I don't see any useful internet headers
(other than what I mention below) in the recent reports
I've gotten, so they seem to be stripping most.

For example, other that the message itself being
reported (and stripped of most headers), this is what
they're sending (which I've munged a little):

This is an email abuse report for an email message with the message-id of
1AAF2C878F1B9CA2555DABC4534077D2@15DC02104P received from IP address
1.2.3.4 on Wed, 01 Oct 2008 16:10:05 -0400

>
> Not sure that is relevant.
>
> If a list was genuinely of-interest, and opt-in, and remains well-run,
> it should be less hassle to a user to unsubscribe than to file a spam
> report.
>


You'd think so, but experience has shown this not to be
the case for a lot of users. Some treat the THIS IS SPAM
button as an unsubscribe tool, some accidentally report
non-spam, and some select everything in their mailbox
and report it, accidentally or not.

I've seen plenty of non-spam reported by AOL users,
like stuff from a corporate headquarters to franchise
owners, etc. I usually just ignore those reports. If
they get excessive, then I ask the customer to have
a 'chat' with their employee or franchise owner.

>
> B) Exim's mainlog is not the best place to look
>


If you use the Message-ID in the AOL report, the exim
log *is* the place to look.

Also, single-rcpt items (which, if you're using verp
for bulk mailings) to AOL is a good idea.

>
> Work with your MLM software. It can easily add recipient-unique and
> poster-unique 'fingerprints' - coded or otherwise - that will almost
> certainly survive redaction.
>


Obfuscted in the body, but as far as I can tell, no
rfc-2822 headers are retained, other than:

From:
Date:
Subject:

To: usually just shows 'redacted@???'


> Not limited to placement in headers. Message-body head and foot add-ins
> work too.
>


Yup, as mentioned above, this is where you want to do
it, if you need more than Message-ID.

>
> If you are getting blacklisted (or de-whitelisted) it is the
> maintainer/user/abuser of the particular list in question you need to
> 'educate'.
>


No, you just unsubscribe them, and if they then resub and
complain again, perm-unsub them. Really, some users can't
be educated, and there are better places to direct one's
energy.

-- 
--------------------------------------------------------
Dave Lugo   dlugo@???    LC Unit #260   TINLC
Have you hugged your firewall today?   No spam, thanks.
--------------------------------------------------------
Are you the police?  . . . .  No ma'am, we're sysadmins.