Email security expert MessageLabs is very embarrassed but defiant after one of its customers' servers was blacklisted for spam by AOL.
The company that sells systems for tackling spam says that the block was "just a matter of being extremely unlucky". The block has since been lifted and the hole that had allowed a spammer to send out thousands of bits of unsolicited email closed.
"Nothing went wrong, it's just one of those things," explained Matt Sergeant, MessageLabs' anti-spam specialist. MessageLabs scans its 6,000 customers' servers every 12 hours to check they are properly configured. However in between two of those scans, a spammer found an open relay on one of the servers, enabling them to use it to pump out spam to thousands of prepared lists of addresses.
Presumably the list in this case contained AOL addresses as a large number of AOL members forwarded the unwanted email to AOL's anti-spam addresses and its automated system put a block on the server that was sending them out.
As soon as it came to light, MessageLabs helped fix the hole on its customers' server ("it was just a single-lane change in configuration and restarting the mail server"), contacted AOL and the block was lifted. It has now come to an agreement with AOL that they will put in a confirmation system so that if it happens again MessageLabs is warned.
Matt Sergeant also said that they are looking at increasing the number and frequency of scans on customers' servers but pointed out that there is nothing the company can do if a customer wrongly configures their server. He insisted: "This really is a non-issue, it happens all the time, it really is very, very common."
Nevertheless it is very embarrassing for a firm at the cutting edge of defeating spam to be defeated itself. It also demonstrates how much of a problem spam is and how the systems in place to deal with it are far from ideal. Maybe MessageLabs will be inspired to come up with a better, faster spam solution.