parsing an abuse report from AOL
Question asked by Eric Bourland - 12/23/2014 at 9:18 AM
SmarterMail 13.1
I have set up an AOL feedback loop. Now and then I get a message from scomp@aol.net:

This is an email abuse report for an email message with the message-id of 464419578_73905026@cep-dc.org received from IP address on Thu, 18 Dec 2014 13:00:38 -0500 (EST)"
So, I am guessing that means that someone on a mailing list @cep-dc.org has reported an abusive email message, or did not like one of the messages she or he received. I would like to remove the email address from the cep-dc.org mailing list.
But I do not see how to discern the email address from the message-id of 464419578_73905026@cep-dc.org.
Has anyone else been able to parse an abuse report from AOL and divine an email address from a message-id? Does anyone else here participate in a feedback loop from AOL? How do you handle abuse reports from a feedback loop?

Thank you as always for your help. =)

3 Replies

Reply to Thread
Scarab Replied
AOL is the only Feedback Loop that I am aware of that frustratingly redacts recipient addresses. As such, unless it is a Bulk Email or Newsletter that has a SmarterMail UNSUBSCRIBE link included in the sent email (we require all Bulk Email or Newsletters contain their Physical Mailing Address and UNSUBSCRIBE information in the Footer Messages along with the SmarterMail #UnsubscribeLink# tag which contains their email unredeacted by AOL's Feedback Loop) then the only way to find the recipient is to get the sender + time from the Header info of the attached email and find the recipient in your SmarterMail DELIVERY logs (you could also use the SMTP logs although they might be off by a few seconds which is fine for individual emails but probably like finding a needle in a haystack for large bulk mailings such as newsletters).
It's important to note that it is common to get Abuse Reports from falsely-tagged emails. Our Mail Servers primarily send out Order Receipts and Shipping Status Updates from eCommerce sites and we get about 2 or 3 of these a day that are flagged as Spam. It is perfectly okay to ignore these (whereas if it is a Newsletter or other Bulk Email it's important to UNSUBSCRIBE them right away upon receipt of the Abuse report) as every provider expects a certain percentage of falsely-tagged emails. I always check the email though just in case an account has been compromised and may be sending out Spam or a customer is genuinely abusing the ToS.
Eric Bourland Replied
Scarab, this is very helpful. I am thinking about my options. I really appreciate your input, as always. Hope you are great. Eric
Vinnie Replied
Our service hosts sites that only sends messages to registered, opt-in (we do NOT opt anyone in automatically) members. We are part of the AOL and Hotmail FBLs and we routinely receive AOL spam complaints on a daily basis. We have verified on many occasions whether or not the recipients have marked any messages from their website as spam and they have all replied with surprise because they had not, and were shocked that AOL was reporting the messages the wanted to receive as spam. The same occurred when we asked recipients about Hotmail spam reports. Further, upon inquiring with AOL and Hotmail about whether or not their system automatically generated spam complaints from *detected* spam rather than messages manually marked as spam by the recipient, both emphatically denied that FBL complaints were auto-generated. Both stated that such reports were only sent to the sender if the recipient manually marked the message as spam. On one occasion, we sent a message to a registered, opt-in recipient, and an AOL spam complaint was received 3 seconds later. Comparing the time on the message they reported as spam to the time in the header when their spam complaint was sent to us, we noticed a difference of 3 seconds. That recipient would have had to have been sitting waiting at their computer continuously punching the Get Mail button while simultaneously clicking the "Spam" button! To your point about identifying redacted email addresses in AOL FBL reports, we encode/encrypt the recipient's email address as part of the unsubscribe link included at the bottom of every message. This way, we can pull that encrypted email address from the original message text that AOL includes with their FBL report to us and determine who it was originally sent to. I'm sure it would work even without the encryption by simply including a line that says "this message intended for member@aol.com" (unique to each recipient of course). But it is clear to us that AOL and Hotmail decide which messages are spam and send spam complaints based on their heuristics rather than solely on member-recipient reports.

Reply to Thread