Feedback Loop Information
When an AOL member clicks "This Is Spam" for a piece of email sent from one of your IPs, this is considered a "complaint". If you are having difficulty delivering email to AOL, a feedback loop (FBL) would benefit you. Once you have created a feedback loop, we will send you a copy of each complaint generated when an AOL member reports your email as spam. Monitoring FBLs benefits both bulkmailers and ISPs, in that they help to manage mailing lists as well as providing early warnings of network security issues such as bot infestations, compromised web forms, and other such sources of spam and abuse.
All FBLs are in a standard Abuse Reporting Format (ARF) which is designed to prevent FBL recipients from having to maintain separate parsers for FBLs from different providers. Due to the widespread adoption of ARF, AOL converted all FBLs to ARF on September 2, 2008. For additional information on ARF and ARF processing, please see our blog post.
- Explanation of the FBL Application Process
- FBL Ownership Requirements
- Apply for a New FBL
- Explanation of ARF (Abuse Reporting Format)
- Check Your Existing FBL Configuration
- Expired FBL Renewal
- Subtract IPs or Delete FBL
Feedback loop emails are sent from SCOMP@aol.net from our Outbound Mail Relay servers (OMRs). Please make sure you do not filter mail from these IPs, or you will not receive all of your complaints, which could have a negative impact on IP reputation and thus, delivery.
ARF stands for "Abuse Reporting Format".
ARF is intended to standardize Feedback Loop emails. This effort will help prevent feedback loop recipients from requiring multiple parsers for various mailers' FBL reports. AOL uses ARF as its only FBL format.
The traditional format is a MIME multipart message with one empty text part and one message/rfc822 part with the original message being complained about. Parts of the header of the message being complained about are redacted out, where normally the AOL ScreenName recipient would be present.
ARF is defined in draft form at the IETF. ARF messages have three mime parts, one part for general information, one machine parsable and meta data part, and the last part as the original message being complained about. The original message is redacted to protect clear text occurrences of AOL screen names and email addresses.
ARF is designed to be machine readable and assumes that parsing and decoding complaints will be done via scripting. However, ARF can be read in most major email clients with a little human intervention. See our blog entry for more details.
Please do not contact AOL for assistance in reading ARF complaints. We've invited solution providers to advertise in our blog comments and welcome you to look there for help. Please note that AOL has not tested these solutions and does not endorse any particular vendor or product.
AOL will not fill the Reported-URI field in the second mime part. ARF messages from AOL will have the Subject as defined in the original draft, with the connecting IP shown, and not the original subject of the email being complained about.
Sample report :
From: <email@example.com> Date: Thu, 8 Mar 2005 17:40:36 EDT Subject: Email Feedback Report for IP 10.67.41.167 To: <firstname.lastname@example.org> MIME-Version: 1.0 Content-Type: multipart/report; report-type=feedback-report; boundary="part1_13d.2e68ed54_boundary" --part1_13d.2e68ed54_boundary Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit This is an email abuse report for an email message received from IP 10.67.41.167 on Thu, 8 Mar 2005 14:00:00 EDT. For more information about this format please see http://www.mipassoc.org/arf/. --part1_13d.2e68ed54_boundary Content-Type: message/feedback-report Feedback-Type: abuse User-Agent: SomeGenerator/1.0 Version: 0.1 --part1_13d.2e68ed54_boundary Content-Type: message/rfc822 Content-Disposition: inline From: <email@example.com> Received: from mailserver.example.net (mailserver.example.net [10.67.41.167]) by example.com with ESMTP id M63d4137594e46; Thu, 08 Mar 2005 14:00:00 -0400 To: <Undisclosed Recipients> Subject: Earn money MIME-Version: 1.0 Content-type: text/plain Message-ID: 8787KJKJ3K4J3K4J3K4J3.firstname.lastname@example.org Date: Thu, 02 Sep 2004 12:31:03 -0500 Original Content --part1_13d.2e68ed54_boundary--
It is imperative for privacy, security and legal reasons that we only send abuse complaints to authorized addresses for networks that send mail to us. We do this using a two-step process:
Step 1. The Confirmation:
When you provide your FBL email address, we verify that the provided email address has a right to receive abuse complaints for the supplied FBL domain. We offer a drop-down list of available confirmation addresses. Included in the drop-down is abuse@, postmaster@, and any other email address listed in the FBL email's domain WHOIS record. You may select which address the confirmation is sent to, but please ensure it is an account you have access to! Clicking on the link in the confirmation email you will receive signifies to us that that email address is that of an authorized administrator of the applicant domain.
- You enter email@example.com as your FBL address. Please note that "fbldomain.com" is being used only as an example.
- The drop-down will include: firstname.lastname@example.org, email@example.com, and any other email address listed in the WHOIS record for fbldomain.com. Please ensure that at least one of these is configured before applying for an FBL.
- You select firstname.lastname@example.org.
- We send the confirmation to email@example.com.
- Clicking the link in the confirmation says "AOL, fbldomain.com gives you permission to send abuse complaints to firstname.lastname@example.org."
This requirement helps us prevent a regular user from being able to sign up for an FBL for a domain, such as email@example.com signing up for a feedback loop to receive all of yahoo.com's complaints.
Confirming the request may still result in a denial if one of the subsequent IP ownership tests is not passed.
Step 2. The IP Ownership Test:
Next we verify that fbldomain.com has a right to receive abuse complaints for the IP(s) in the submitted request. There are five possible tests to prove IP ownership. They are listed below.
Because of the way our system processes the requests, The Confirmation comes before The IP Ownership Test.
So, let's begin.
- If you would like to change the format or configuration for your existing FBL(s) please the appropriate form for your requirements.
Requesting a Feedback Loop:
When requesting a feedback loop, your domain must comply with AOL's reverse DNS guidelines. Additionally, your request must comply with one of our measures of IP ownership.
The FBL process must be able to establish that the FBL applicant has a right to receive abuse complaints for the IP(s) in the submitted request. To establish IP ownership, one of the following five criteria must be met. Please note that if you use a subdomain in your FBL email address, that subdomain must be shared to satisfy the selected requirement below.
- The reverse DNS for each IP shares the FBL domain (including the subdomain, if used).
FBL email address is: firstname.lastname@example.org resolves to mailserver1.accounting.aol.com192.168.1.2 resolves to mailserver2.accounting.aol.com
- A valid example would be:
- The domain WHOIS for each IP's RDNS contains the FBL email domain (including the subdomain, if used). The domain may appear in any of the listed email addresses.
- At least one authoritative nameserver for each IP shares the FBL email domain (including the subdomain, if used).
FBL email address is: email@example.com authoritative nameserver is ns1.accounting.aol.com192.168.1.2 authoritative nameserver is ns1.accounting.aol.com
- A valid example would be:
- The IP WHOIS information for each IP contains the FBL email domain (including the subdomain, if used). The domain may appear in any of the listed email addresses.
FBL email address is: firstname.lastname@example.org and 192.168.1.2 IP WHOIS contains the line: OrgAbuseEmail: email@example.com
- A valid example would be:
- The ASN WHOIS information for each IP contains the FBL email domain (including the subdomain, if used). The domain may appear in any of the listed email addresses.
FBL email address is: firstname.lastname@example.org and 192.168.1.2 ASN WHOIS contains the line: OrgAbuseEmail: email@example.com
- A valid example would be: