AOL Mail updates DMARC policy to 'reject'

Today we moved to change our DMARC policy to p=reject. This helps to protect AOL Mail users' addresses from unauthorized use.

It also stops delivery on what previously would have been considered authorized mail sent on behalf of AOL Mail users via non-AOL servers. If you're a bulk sender on behalf of AOL addresses, that probably includes mail sent from you.

This can include but is not limited to:
  • Email service providers (ESP) sending mail on behalf of businesses using AOL addresses
  • Websites with "Share with a friend" functionality, sending mail using AOL addresses
  • Small businesses using other 3rd party services to send mail and communication between their employees and / or customers
  • Services used to forward mail
  • Mailing lists (listservs)
Mail sent on behalf of AOL Mail users to DMARC-compliant domains will be rejected by those domains unless the mail passes SPF and/or DKIM authentication checks AND the domain(s) used in those checks match aol.com.

We recognize that some legitimate senders will be challenged by this change and forced to update how they send mail and we sincerely regret the inconvenience to you.

What should you do?

In almost all cases, we recommend that you switch to sending mail from your own domain. You may also consider using AOL SMTP directly.

For mailing lists, also known as listservs, we recommend configuring reply behavior to fill the From line with the mailing list's address rather than the sender's and put the actual user / sender address into the Reply-To: line. Please also note that current "auto unsubscribe" logic based upon bounces might be too rigid until this change has been in place for a while.

For website operators with 'share from email' functionality, please consider using an email address from your own domain as the From address and populate the Reply-To: line with the address of the person sharing.

If you have specific questions around configuration and authentication options as well as DMARC related inquiries, please contact us at dmarc-help@teamaol.com.

Learn more about DMARC here. Thanks for working with us as we make email a safer and better experience for everyone.

The AOL Mail Team

Delays Sending to AOL

Hello -

Some senders, most of them hosting companies, have been having issues mailing to AOL. This started last week and is still occurring. A botnet which had infected some machines began sending mass amounts of spam to AOL. We are actively working with hosting companies to help them address this issue. We have seen some improvement but the issue is ongoing.

If you have a hosted domain, please contact your hosting company for next steps. They may have instructions for you involving their servers. If you are a hosting company, please get in touch with us via our Postmaster site.

http://postmaster.aol.com

Thank you.

Incoming Mail Delays - Update

Hello -

The system upgrades have been completed and incoming mail should not be affected as of this morning.

Thanks for your patience.

Incoming Mail Delays

Hello -

We are in the process of upgrading some of our systems. Some users may have issues sending mail to AOL. We are working on the problem and will post when it is resolved.

Thanks.

Common DMARC Policy Errors

Our resident DMARC expert shared this information with us today and we thought you might find it useful.

When publishing your DMARC Policy record in the DNS, watch out for these common mistakes.

1. Escape character (\) - DMARC policies do not need to be enclosed in escaped quotes (\"). Nor do the semi-colon (;) field terminator characters need to be escaped (\;). It is possible that these escaped characters are an artifact of the utility used to view other DMARC policy records (for example, the *nix utility dig will escape both quotes and semicolons.)

2. Field terminator – Each of the fields in the DMARC record should be terminated by the semi-colon character. A lot of DMARC policies out there do not terminate the last field. Not normally a problem, but it is an inconsistency that could cause problems if you want to add another field to your DMARC record.

3. Bad email addresses – For both the RUA and RUF tags, an email address URI (mailto:{email_address}) is generally expected. Many DMARC policies have errors in the email addresses. Some invalid URIs we see include a missing URI type ("...rua=postmaster@example.com;..."), or the email address only contains a local part ("...rua=mailto:postmaster;...") or the email address only contains a domain ("...rua=mailto:example.com;...").

Finally, while not an error, there are literally thousands of DMARC policies in the wild that do not include the RUA tag. Oddly, many of these do include an ri (Reporting Interval) tag. Similarly, many policies include a rf (Report Format) tag but no ruf tag. The ri tag is meaningless without a valid rua entry and the rf tag is meaningless without a valid ruf entry.

A heads-up for folks who have not noticed yet, the newest DMARC specification (here) changes the compression for the Aggregate Reports from zip to gzip. However, report receivers may wish to continue to support zip for a while until all of the Aggregate Report senders have a chance to switch over.

A complete description of DMARC can be found at the website.

http://www.dmarc.org/

Receiving Issue Today

Hello all -

A system issue caused us to improperly refuse or tempfail messages from some IPs from about 1pm until 3pm ET today, but the issue has been resolved. Please contact the Postmaster at postmaster.aol.com if you continue to have issues beyond this time.

Thank you.

New Spam Filtering

Hello -

Based on customer feedback we've recently made a change to how we handle some types of mail identified as spam. As a result of this change will be issuing more CON:B1 Refuses to mailers sending this type of spam. It is possible that legitimate senders might be negatively impacted by these changes. If you encounter an issue, please direct your inquiries to the postmaster site (listed below) and open a ticket.

Thanks.
Lili

http://postmaster.aol.com

New Outbound Mail Servers and Relays


Hi everyone -

We have added some new machines to our outbound mail complex. Please reference the postmaster site for the detailed information. The link is provided below.


http://postmaster.aol.com/Postmaster.OMRs.php


Thanks!

Lili
AOL Postmaster Team

...Postmaster Blog...coming back to the living....

Hello Everyone -

We are going to be relaunching the Postmaster blog, so please stay tuned for new messages, posts and information!

Thanks for your patience!

Lili
AOL Postmaster Team