[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ezmlm
Subject:    Finding user address in AOL spam complaints?
From:       Matt Simpson <net-ezmlm () jmatt ! net>
Date:       2008-10-09 21:39:08
Message-ID: p06240800c51426d02c05 () [128 ! 163 ! 134 ! 241]
[Download RAW message or body]


A few weeks ago, someone here wrote about AOL's new spam-complaint 
report not providing a clue about which subscriber generated the 
report.  At the time, I hadn't gotten a recent complaint, so I didn't 
know if something had changed since the last one I had gotten.

Today I got an AOL "feedback report".  It looks just like the ones 
I've always gotten.  Maybe I'm just lucky and still getting the 
old-style report.  Despite AOL's piss-poor attempt at hiding the 
user's identity, it's still obvious.

The report begins like this:

>This is an email abuse report for an email message with the 
>message-id of d3d.2b601fe3.36196385@aol.com received from IP address 
>208.116.11.36 on Sat, 04 Oct 2008 20:26:11 -0400
>
>For information, please review the top portion of the following page:
>http://postmaster.aol.com/tools/fbl.html

>Feedback-Type: abuse
>User-Agent: AOL SComp
>Version: 0.1
>Received-Date: Sat, 04 Oct 2008 20:26:11 -0400
>Source-IP: 208.116.11.36
>Reported-Domain: crossbo.jmatt.net
>Redacted-Address: redacted
>Redacted-Address: redacted@


Then it includes the original list message that the user reported as 
spam, with the word "redacted" in several places instead of the 
user's screen name.  But they missed a couple.  In the examples I'm 
posting,  the I have replaced the user's id with asterisks, but as 
received from AOL, the userid was still there:

Return-Path: <redacted-return-34847-********=aol.com@foxhunters.org>

List-Unsubscribe: <mailto:redacted-unsubscribe-********=aol.com@foxhunters.org>
Reply-To: Foxhunters OnLine <redacted@FoxHunters.Org>
To: redacted@FoxHunters.Org


Ironically, what they actually "redacted" in those lines was the list 
name, not the subscriber's id.  It looks like they looked at what was 
in the To: header, decided that must be the recipient, and "redacted" 
it everywhere it occurred, instead of the actual recipient.

The List-Unsubscribe header is one I add via the qmail-verh patch to 
qmail-remote.  But the Return-Path header should exist in any message.

Unless other people are getting reports from AOL that are different 
from mine, the subscriber's id is still there.

[prev in list] [next in list] [prev in thread] [next in thread]