Mark, Yahoo and AOL are famous for not addressing Spam or any abuse complaints. I have in the recent past suggested to ICANN that these sites be taken down unless or until they actually address abuse concerns in a direct and meaningful way and not with "Canned Email responses". Of course ICANN has refused to address this situation with Yahoo or AOL as well as Google, simply because of the presence in which these Domain names represent, which is IMHO besides the point. So I would suggest that every time you get one of the "Canned Email responses" you direct it to the ICANN bod or vint Cerf at the Email addresses I CC'ed this response to, until a ligitimate solution is effected. -----Original Message-----
From: Mark Foster
Sent: Oct 19, 2007 6:49 PM To: nznog(a)list.waikato.ac.nz Subject: [nznog] Re Yahoo and Spam... Learned NZNOGrs,
Some advice, please.
Recently an email address that comes to me was sent some Unsolicited Commercial Email from (apparently) a UK based outfit that sells (print) magazine subscriptions.
The headers contain this:
Received: from smtp107.biz.mail.re2.yahoo.com (smtp107.biz.mail.re2.yahoo.com [206.190.52.176]) by mx.blakjak.net (Postfix) with SMTP id 8C508500D4 for
; Tue, 16 Oct 2007 12:02:52 +1300 (NZDT) They contain additional Received: headers which would imply that Yahoo themselves received the message via SMTP from an AOL IP address that Traceroute implies is likely in the UK as well.
So I took a full-headers copy of the message and forwarded the complaint to the relevant abuse contacts for both Yahoo and AOL.
AOL, i've heard nothing (unsuprising). Yahoo, I had a response within 2-3 days which basically absolved them of responsibility, as follows:
--8<--
Thank you for writing to Yahoo! Mail.
I understand your frustration in receiving unsolicited email. While we investigate all reported violations against the Yahoo! Terms of Service (TOS), in this particular case the message you received was not sent through the Yahoo! Mail system.
Yahoo! has no control over activities outside its service, and therefore we cannot take action. You may try contacting the sender's email provider, by identifying the sender's domain and contacting the administrator of that domain. The sender's provider should be in a better position to take appropriate action against the sender's account.
The email message itself does contain some information relating to the sender's identity. Yahoo! includes the originating Internet Protocol (IP) address in the full Internet headers of all messages sent through Yahoo! Mail, so that we will have information regarding the origin of messages sent through our system. The originating IP address should be located in the very last "Received" line of the full Internet headers and corresponds to the sender's Internet Service Provider (ISP).
Please see the following URL for more assistance:
http://help.yahoo.com/help/us/mail/spam/spam-05.html
Once you have identified the IP address, you can conduct an IP lookup to determine which ISP provides this person with Internet access. One such lookup tool you may want to try is:
You can then attempt to contact that ISP to report any abuse activities occurring within their service.
Please let us know if you still need assistance so I may assist you further.
Your patience during this process is greatly appreciated.
Thank you again for contacting Yahoo! Mail.
Regards,
--8<--
I responded back indicating my understanding as being:
- That my MTA received it from Yahoo, thus they relayed it... - That headers below the line where my MTA actually is involved, are often untrustworthy...
I got a very-slightly-reworded version of exactly the same canned response back.
So despite the fact that the sender is very clearly using Yahoo for SMTP (which, one would hope, would establish the sender as a Yahoo! Mail customer), they're pleading ignorance and/or innocence.
Any other players had similar dealings with Yahoo (or other free mail providers) ? At what point can the provider realistically abdicate from responsibility when it comes to spam?
And the obvious question: Is it fair to expect more from them? Or am I resigned to accept either periodic junk relayed by Yahoo because they can't be held responsible for what individual customers do? (And because in this example, the collateral damage of blackholing them is probably unacceptable?
Cheers Mark.
======= 'Regards, Jeffrey A. Williams Spokesman for INEGroup LLA. - (Over 277k members/stakeholders strong!) "Obedience of the law is the greatest freedom" - Abraham Lincoln "Credit should go with the performance of duty and not with what is very often the accident of glory" - Theodore Roosevelt "If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947] =============================================================== Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1(a)ix.netcom.com