May 5, 2005
Florida Hurricane Alerts Treated as Spam by AOL
As with most sensational stories, I have to wonder what the real cause was. It's easier to just cry "false positive" and more fun to make a big deal out of the fact that the Floridians are using email for emergency notifications, especially insofar as hurricanes are often accompanied by complete power and phone service outages. One imagines the station, running on emergency power, sending email to the effect that 99% of the county had lost power and phone service, and it's not hard to come up with more humorous examples, making fun of the poor hurricane-battered Floridians.
And the bottom line for any mail administrator worth the name is that email is not, and has never been, a 100% reliable protocol (though perhaps in the more technical sense of "reliable", not the common sense of dependable). It's not the telephone, where circuits are established and kept open for the duration of the composition and transmission and reply to the message, but more like the post office, in that delays can occur, often lasting hours or days, and so forth. Hence electronic mail, not phone.
But I wonder, knowing something about the tactics AOL usually relies on to detect spam, whether the messages were simply sent from poorly configured servers, used language or formatting that is commonly found in spam, and so forth. As the article doesn't make that clear, unsurprisingly, any resultant furor or mockery is baseless. We're not talking about prejudice or judgement in human terms, we're talking about software algorithms. Now, granted, those algorithms are ultimately the result, the expression, of human prejudices and judgements, but they're more likely the application of statistics and the analysis of millions of messages identified as spam by AOL's own users and by trained admins and programmers.
We all have to set our own policies when it comes to what to accept, how often, and from whom. AOL, first and foremost, has a responsibility to protect its members from abuse and fraud, and its responsibility doesn't include making sure that anyone sending to them is competent (or has a competent administrator), cognizant of how not to construct their messages so they aren't easily mistaken for spam, and so on. And people, too, make mistakes when deciding whether to open a message at all, so even if AOL delivered the message, there's no guarantee the recipient would understand that it was something they asked for, or that it was more important than the headlines from CNN or the note from their sister in Dubuque. There are mechanisms for "grading" email that way, but they're rarely used except by those whose mail clients support them in an obvious manner. In the end, it's up to the users to learn how to use email effectively.
The largest mailing list I run, webdesign-L, had some trouble sending to AOL at one point, due to one of the list members using a URL in his .signature separated from another URL by an asterisk - simply a matter of styling, for him, but for AOL it resembled something they'd seen far more recently in phishing scams abusing poorly written HTTP redirectors. I reported the bug, they tuned their detectors, and the world was a better place. I could have screamed and complained and badgered, or simply told the list member to change his .signature (this latter I did also, just in case) but it made more sense to find out why the error occurred and fix the problem.
It's much easier to cry "false positive", though, than to learn something about defensive email composition or mail server administration, so I suspect that's probably what happened here. I'd love to hear more, from anyone with details.
Posted by schampeo at May 5, 2005 12:48 PM