February 18, 2010, 3:55 PM — No one disagrees that fraudulent emails are a big problem. But most ISPs aren't helping. In fact, just a handful of the ISPs that I've complained to respond that something was done regarding a complaint, and often the response comes days after the initial complaint. In the interim, the damage has been done-- someone's likely been duped into sending money into a black hole, or has given up their logon credentials to a fraud web page. Abuse complaints are maddening and the entire process could be vastly improved.
Part of the problem surrounds the parsers used by ISPs to address abuse complaints. If I send a complaint to Microsoft's preferred 'email@example.com' when a message contains a live.com link, MSN will send back a link telling me that no Hotmail address was found. On the other hand, Microsoft, along with an occasional message from Yahoo and a handful of other ISP mail hosting organizations do respond when they close accounts for abuse. If it's a webpage that's shutdown, there's never a response. Other ISPs simply ignore complaints altogether. Test messages that I've sent to them seem to indicate this. Responses, you see, are gratifying. I like to know when my complaint has shutdown an account. It feeds my motivation.
In the early days of the Internet, the accounts to send complaints to were: majordomo, postmaster, abuse, then later admin, webmaster, or perhaps other common names. Often times, when messages to these accounts bounce, I'll try to track down the ISP or name server whois listings for the best IP address. Usually, these are no responses to such messages. Some ISPs completely misconfigure their MTA so that abuse complaints are identified as actual spam, instead of the complaint. It's frustrating.
ISPs that totally ignore reports include AOL and AIM. I receive no response. In fact, I've been trying to get one spammer, firstname.lastname@example.org, stopped for years. This particular spammer sells email lists for markets to other spammers. No amount of complaints over the past half-decade have stopped this person from using the address. AOL simply doesn't care.
What's the solution? Have designated volunteers send information to ISPs about messages they've found. If the ISPs get complaints from five of these volunteers, then kill the account immediately pending investigation. No doubt such a system could be abused simply by forging addresses embedded in these messages. Or, in the case of sites that are clearly phishing sites, have a DNS stop on the site, Or in the case of an IP address, have the last responsible route remove the offender.
But you have to strike quickly. Botnets can send out millions of messages per hour and do their evil work. I send at least a dozen complaints every day. Time is of the essence in killing email fraud. If the ISPs could get together and form a coalition to kill fraudulent sites and fraudulent spammers, the Internet would be just a little bit safer. For a while.