All I can say, is it is obvious you have been there, Dave...
Here is a sample report from AOL - with just the IP's and domain name changed:
--boundary-1138-29572-2659438-2524
Content-Disposition: inline
Content-Type: message/feedback-report
Feedback-Type: abuse
User-Agent: AOL SComp
Version: 0.1
Received-Date: Thu, 02 Oct 2008 17:47:59 -0400
Source-IP: 1.2.3.4
Reported-Domain: mydomain.com
Redacted-Address: redacted
Redacted-Address: redacted@
--boundary-1138-29572-2659438-2524
Content-Type: message/rfc822
Content-Disposition: inline
Return-Path: <[EMAIL PROTECTED]>
Received: from rly-db06.mx.aol.com (rly-db06.mail.aol.com [172.19.130.81]) by
air-db10.mail.aol.com (v121_r2.12) with ESMTP id
MAILINDB102-acc48e5417d38b; Thu, 02 Oct 2008 17:47:59 -0400
Received: from my.domain.com (mydomain.com [1.2.3.4]) by rly-db06.mx.aol.com
(v121_r2.11) with ESMTP id MAILRELAYINDB062-acc48e5417d38b; Thu, 02 Oct
2008 17:47:41 -0400
DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=default; d=domain;
h=Received:Message-ID:From:Subject:Date:MIME-Version:Content-Type:X-MSMail-Priority:X-Mailer:X-MimeOLE:Reply-To:To:X-Message-To:X-Header:Errors-To:X-Errors-To:X-AntiAbuse:X-AntiAbuse:X-AntiAbuse:X-AntiAbuse:X-AntiAbuse;
b=kS9w5X2yh4a4Vx6jLPP6Ie96/E7fO5eea6mcd2xMKvFe5Bv+NGu1YmlAkG4UNTU6TGBucB5iMMLi7XesJ0f88ec2zAxFXZn9Cb0w2Mi4Aqx+DnvbLgaGHDaO5xFNVEEg;
Received: from my.domain.com ([1.2.3.5])
by my.domain.com with esmtp (Exim 4.69)
(envelope-from <[EMAIL PROTECTED]>)
id 9KlTwW-00084t-4t
for redacted; Thu, 02 Oct 2008 12:34:32 -0700
Message-ID: <[EMAIL PROTECTED]>
The Message-ID: would be the same for all, with the exim id being different
for each.
----- Original Message -----
From: Dave Lugo <[EMAIL PROTECTED]>
To: [email protected]
Date: Sun, 5 Oct 2008 00:51:17 -0400 (EDT)
Subject: Re: [exim] Looking to Create and Addtional Header Record to Solve
AOL Redaction Problems
> On Sun, 5 Oct 2008, W B Hacker wrote:
> >
> > On the face of it, it seems to be a prudent move on AOL's part toward
> > reducing the chance the 'whistleblower' is retaliated against.
> >
> > Not an unreasonable choice.
> >
>
> It's all about being able to tell the user "we don't
> give out your email address", but AOL seems to want
> those that get scomp reports to treat them at minimum,
> as unsubscribe requests.
>
> To this end, the report does include the Message-ID in
> the ARF preamble. I don't see any useful internet headers
> (other than what I mention below) in the recent reports
> I've gotten, so they seem to be stripping most.
>
> For example, other that the message itself being
> reported (and stripped of most headers), this is what
> they're sending (which I've munged a little):
>
> This is an email abuse report for an email message with the message-id of
> [EMAIL PROTECTED] received from IP address
> 1.2.3.4 on Wed, 01 Oct 2008 16:10:05 -0400
>
> >
> > Not sure that is relevant.
> >
> > If a list was genuinely of-interest, and opt-in, and remains well-run,
> > it should be less hassle to a user to unsubscribe than to file a spam
> > report.
> >
>
> You'd think so, but experience has shown this not to be
> the case for a lot of users. Some treat the THIS IS SPAM
> button as an unsubscribe tool, some accidentally report
> non-spam, and some select everything in their mailbox
> and report it, accidentally or not.
>
> I've seen plenty of non-spam reported by AOL users,
> like stuff from a corporate headquarters to franchise
> owners, etc. I usually just ignore those reports. If
> they get excessive, then I ask the customer to have
> a 'chat' with their employee or franchise owner.
>
> >
> > B) Exim's mainlog is not the best place to look
> >
>
> If you use the Message-ID in the AOL report, the exim
> log *is* the place to look.
>
> Also, single-rcpt items (which, if you're using verp
> for bulk mailings) to AOL is a good idea.
>
> >
> > Work with your MLM software. It can easily add recipient-unique and
> > poster-unique 'fingerprints' - coded or otherwise - that will almost
> > certainly survive redaction.
> >
>
> Obfuscted in the body, but as far as I can tell, no
> rfc-2822 headers are retained, other than:
>
> From:
> Date:
> Subject:
>
> To: usually just shows '[EMAIL PROTECTED]'
>
>
> > Not limited to placement in headers. Message-body head and foot add-ins
> > work too.
> >
>
> Yup, as mentioned above, this is where you want to do
> it, if you need more than Message-ID.
>
> >
> > If you are getting blacklisted (or de-whitelisted) it is the
> > maintainer/user/abuser of the particular list in question you need to
> > 'educate'.
> >
>
> No, you just unsubscribe them, and if they then resub and
> complain again, perm-unsub them. Really, some users can't
> be educated, and there are better places to direct one's
> energy.
>
> --
> --------------------------------------------------------
> Dave Lugo [EMAIL PROTECTED] LC Unit #260 TINLC
> Have you hugged your firewall today? No spam, thanks.
> --------------------------------------------------------
> Are you the police? . . . . No ma'am, we're sysadmins.
>
> --
> ## List details at http://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
