Comcast vs. The Well Illuminates Email's Shortcomings
Last week, Comcast made headlines by blocking email from The Well, one of the early Internet communities that started long before there was a World Wide Web. The Well was not alone in expressing their anger over Comcast's aggressive email blocking. A number of ISPs and small companies have been publicly complaining for months now. Some have even suggested that this blocking is a ploy to put smaller competitors out of business. Maybe it's something more than that.
The heart of this particular email problem seems to be ISPs with poorly configured mail forwarding, coupled with bad customer service from Comcast. It is relatively simple to set up a mail server to forward messages sent to an individual address (or even messages sent to all addresses within a domain) to another email address. These types of services have been around, well, as long as The Well. For example, members of the Association for Computing Machinery (ACM) get an acm.org email address. Messages sent to the member's ACM email address are forwarded to the email address of their choice. The ACM does not store messages any longer than it takes to forward them somewhere else. Today, that may be your Comcast account. Tomorrow, that may be your Google Mail account. But, to the sender, your email address stays the same.
Unfortunately, many mail forwarding services fall short of their Internet mail serving responsibilities. I wish this wasn't the case, since it shows how the Internet is so different now than just a few years ago. But in my opinion these services should be filtering spam messages before forwarding them on to their final destination. The ACM service does this (and apparently uses Postini). However, based on the reports I have read, most of the services affected by this aggressive Comcast filtering do not filter spam.
The problem starts when a Comcast customer uses a non-spam-filtering mail forwarding service. All mail, including any spam, received by the forwarding service is sent on to Comcast's mail servers. Even though they are not technically considered open mail relays, spammers gladly use these types of servers since they will forward just about any message with little or no checking as long as they are sending to a valid email address.
Comcast notices an increasing level of spam coming from the mail forwarding service which eventually leads to the IP address of the server being blocked. To be fair, the spam did not originate from the forwarding service but it is allowing the spam into the Internet mail system and should have some level of accountability. By not using even the simplest of tools available to them, such as a spam blocking list like spamhaus.org, the mail forwarders are forcing the receiving mail servers to perform more expensive spam detection.
Other victims here are customers who share hosting resources with the mail forwarding service. This can happen with hosting providers whose customers share a mail server. Your business may have never sent even a newsletter to a customer and yet your messages are blocked (and these messages can be critical, perhaps used for password recovery).
Comcast's customer service may also be a culprit here. Many of the recent posts indicated a high level of frustration in getting through to the appropriate technicians to resolve the issue and the lack of transparency in determining how an IP address gets blacklisted or how it gets removed.
I think there are many lessons here. Clearly, Internet email is broken and, even though there appears to be longer-term solutions arriving, the foreseeable future will continue to be frustrating. One way of easing that pain is to work with companies who know how to run a good email service.
I was recently called to a friend's house to help get their family PC working with a new Internet provider. They were previous customers of broadband from AOL and the question of email came up. My friend had already sent a message to their AOL contacts notifying them of their new email address, which was provided by their new Internet provider. My advice to them was to not bother with the ISP's email account and to keep using their AOL email through the web interface. If that works well enough, then stay with AOL. If not, then sign-up for a free Yahoo!, HotMail, or Google account and be done with changing email addresses, perhaps forever. If a friend using Comcast called me for help I'd probably say the same thing.
Why is it that we expect our Internet access provider to give us an email account but continue to use the same instant messaging service? Perhaps this points to a simpler future with fewer email providers, but I doubt we will only have a handful like the IM services. To get there we will have to go through a period where underperforming mail services are weeded out (in this case, unfortunately, by a company that has yet to show a clear level of competence themselves) and those who know what they are doing are left delivering the mail.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.