Is Yahoo Blocking People From Sending Any Email That Mentions OccupyWallSt.org?

from the what-if-you-just-wrote-occupywallst-is-a-dumb-idea dept

Zacqary Adam Green points us to the rumor that Yahoo Mail, in its infinite wisdom, has decided that no one should be allowed to send any emails that merely mention the website http://OccupyWallSt.org. That’s the website of the folks currently protesting in NY. Zacqary decided to test this out and produced a video showing Yahoo sending a bunch of lorem ipsum (gibberish) text without a problem — and then refusing to send the same text once he added the URL at the bottom. We did some testing ourselves, and it appears that the message will go through if you just type OccupyWallSt.org. But if you do the full URL, with the http:… well, then you might just be a terrorist or something.

The message provided by Yahoo is that it refuses to send the email because “suspicious activity” was detected on the account and to “protect” the user, the message has not been sent. We also noted that once this happens, Yahoo starts asking you to input a captcha to send future emails. Because, um, linking to that one URL makes Yahoo claim you’re a bot.

Seriously, Yahoo? First off, it’s troubling enough that Yahoo has apparently decided that merely mentioning a URL can have your messages blocked from being sent entirely. But almost as bad is claiming that it’s to “protect” the user. Yahoo has been struggling lately to retain users. Blocking outbound messages for no good reason isn’t likely to win any converts. No wonder ex-CEO Carol Bartz was fired over the phone. Perhaps Yahoo’s Chairman of the Board was prevented from emailing her for his own safety…

Update: Yahoo now claims that this was a mistake that’s been fixed. They say it was a spam filter issue, but I can’t see how that makes any sense.

Filed Under: , , ,
Companies: yahoo

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Is Yahoo Blocking People From Sending Any Email That Mentions OccupyWallSt.org?”

Subscribe: RSS Leave a comment
74 Comments
Grae (profile) says:

Re: Re: Re: Re:

The 4th Amendment only applies to government entities; as Fedex is a private company, it could snoop through your packages all it wants to, but this would fall under “a stupid business decision” so they generally don’t do that as they want to keep their customers and remain operating. If the NSA called up Fedex and asked them to start searching through packages, deny delivery based on specific criteria, and Fedex (stupidly) agreed, then you’d have grounds for 4th Amendment violation, though sadly I have to agree that it seems pretty gutted these days.

I think the voice phone service blurs the lines a bit as I said below, as there’s lots of government money flowing into phone service providers and there’s the whole concept of voice phone service being vital infrastructure that should be available to everyone.

btr1701 says:

Re: Re: Re: 4th Amendment

> The 4th Amendment was supposed to stop that, but
> it’s kind of been litigated away in favor of businesses
> being able to snoop for law enforcemnt.

The 4th Amendment was never intended to be a check on the activities of private businesses or individuals. It’s sole purpose is to regulate the ability of the government to search and seize property and people.

Grae (profile) says:

Re: Re:

Fedex already “censors” their delivery service by keeping a list of restricted items that they do not ship. It’s not really an apt comparison though; Fedex does not open and read documents you send through them. That said, if Fedex came up with a magical computer that could scan all the written words on anything inside a package you asked them to deliver, then declined to deliver it based on those words; yeah, they could probably legally do that, assuming they were upfront about what they were doing. Would it keep them in business for very long? No.

However, if the government called them up, and said “hey, look for words on our list here and use your magic computer to block those packages being sent” then you’d have a First Amendment issue on your hands. This is all fantasy anyway as Fedex does not have a magic word-finding computer to scan its packages with.

I’m wondering if you meant USPS, which as a semi-federal agency has legal obligations above and beyond private businesses like Fedex.

I think phone companies are largely in the same scenario as described above they could censor phone calls even if it’s a dumb idea business-wise; though as phone service is viewed mostly as vital infrastructure that everyone should have access to and the fact that they receive lots of government subsidies probably shifts it away from the realm of being a simple business decision and more toward illegal censorship.

There’s no history that I can find of voice phone service being censored in the US. I imagine that it would take several legal battles to get a final answer on this.

John Fenderson (profile) says:

Re: Re: Re:

Phone service is a case of being a “common carrier”. In exchange for special privileges that come with having common carrier status, phone companies must adhere to a bunch of conditions, such as providing nondiscriminatory service (i.e., they can’t say the specific people or groups of people can’t have phone service or degrade the service for specific people or groups of people) and they can’t snoop on phone calls, with a few exceptions (such as monitoring calls to check on and ensure quality of service).

If they violate these terms, they could lose their common carrier status. It’s this that keeps them “honest” (I put quotes around that because as we all know, AT&T and other big carriers actually do widely snoop on phone and internet traffic), not fear of loss of business.

They have no fear of that because where would you take your business to? They all engage in the same behavior, so it’s not like you have any realistic alternatives.

Rich Kulawiec (profile) says:

Yahoo's incompetence is well-documented

So it’s entirely possible that this is merely another entry in the very, very long list of obvious mistakes that the crack monkeys running their mail service have made. (Most recent entry? Yahoo reduced the number of spam complaints received…by refusing to accept them.)

Anyone who knows how to use Teh Google to search the web, Usenet archives, and mailing lists could spend the rest of this year merely skimming the messages and postings about Yahoo’s inability to run a mail service that meets even amateur standards, let alone professional ones. So my inclination — until further evidence arrives — is to eschew the conspiracy/blackout theory in favor of presuming it’s just their latest bonehead move.

Anonymous Coward says:

Re: Yahoo's incompetence is well-documented

So my inclination — until further evidence arrives — is to eschew the conspiracy/blackout theory in favor of presuming it’s just their latest bonehead move.

Oh, I get it. This is just some kind of “mistake” by the dumb-as-rocks geeks in the back room without any purpose whatsoever behind it. Yahoo’s enlightened management would never, ever dream of ordering such a thing, so please don’t lay it at their feet, huh?

Bull.

Rich Kulawiec (profile) says:

Re: Re: Yahoo's incompetence is well-documented

Nothing I wrote, of course, excuses Yahoo management or states that they didn’t order such a move. Perhaps they did. But having seen idiotic behavior out of Yahoo on a near-daily basis for a decade, I’m inclined to go with the simplest hypothesis until additional evidence arrives.

crade (profile) says:

Not that I agree with scanning people’s communications without due process in general, but if you are going to do that, what possible good would notifying the person and blocking their email do? If they uncover activity suspicious enough to matter to anything, shouldn’t they notify the proper authorities and *not* the person who sent the email?

iamtheky (profile) says:

Re: byebye

An explosive investigation by Der Spiegel found that Yahoo provided Chinese authorities with access to emails from journalists, and the snooping resulted in the same journalists being sent to prison camps.

….you are a tad bit late as it is not their first nor their most vulgar display of this nature. I would be more concerned with who gets blind carbon copies of the emails they decide are “suspicious”.

Ren? (profile) says:

yup

>could in theory be some form of spam/phishing filter with rabies

Some Theory here, just tested it in my german Yahoo-Account(s) sending various Mails to other Yahoo-Accounts and various other Mail-Accounts? everything including the URL got through. Everything.

My Guess is that it’s the unaltered Chunk of Text that makes Yahoo think he’s a Robot, which actually he is in that moment. ;D

freak (profile) says:

“Yahoo now claims that this was a mistake that’s been fixed. They say it was a spam filter issue, but I can’t see how that makes any sense.”

Simple: Bayesian filtering. (“Given that an email contains this word, it is x% likely to be spam”)

There are probably a lot of spambots/viruses that email a lot of things about ‘wall st.’, and I know there are a lot of spam emails that have the word ‘occupy’ in them. (an example from my spambox: “Occupy her warm hole today”)
URLs are automatically suspect to moreorless every mailclient, and the more it looks like a URL, the easier it is to click through, the more suspicious the email will look.
If Yahoo uses predictive markov chains in their Bayesian filtering, I can easily see how this combination, of occupy, wall st., and as a URL, would trigger.

That it had to be manually corrected after a LOT of people noticed either reflects that their system encountered this problem manually, or that their system is very poor.

Or, if I think that Yahoo has more competent programmers & no ill intentions, this could also reflect that occupywallst.org was used as a spammer site before, or, given that this bug is guaranteed to happen for some terms at (given competent programmers), a very low percentage rate, this might also have been the only bug of this type for yahoo in a decade.

(But without such a system, then spambots could get through merely by minor typos or making different combinations of words; ie: XXXX YYYY ZZZZ might fail, and XXXXYYYY ZZZZ might get through, while still being human readable)

TL;DR: That this is a technical error is possible, but I wouldn’t stop being suspicious and watching for similar events in the future. Or doing some research and looking into the past.

Rich Kulawiec (profile) says:

Re: Re:

Did you notice that the host on which the domain in question in hosted doesn’t have a DNS A record? Depending on what anti-spam measures are in place, that omission (which is a major mistake by the hosting company) could be part of the problem. Of course, it’s also a major mistake by Yahoo to trigger on that, but it’s well-known among all senior mail experts that Yahoo’s mail “filtering” is utter crap, so this would be no surprise at all.

Jamie (profile) says:

Re: Re: Re:

I’d say that this is the most likely reason. The anti-spam filter is probably checking the IP address of linked sites, and spam-binning emails that point to known spam sites.

OccupyWallSt.org doesn’t have an A record (IP address), AAAA record (IPv6 adress) or CNAME record (pointer to a different site name). The correct web site address is http://www.OccupyWallSt.org, which has a valid A record.

Given that there was no valid way to resolve OccupyWallSt.org (without the “www.”), the spam filter probably decided that this was a spam site that’s since been taken down, and treated it as such.

Note that this doesn’t need any human intervention, just an incorrect assumption on the part of the programmers of the spam filter.

G Thompson (profile) says:

Spam filters only are for Incoming mail

Yahoo now claims that this was a mistake that’s been fixed. They say it was a spam filter issue, but I can’t see how that makes any sense.

This is logic fail in the extreme, a spam filter looks at INCOMING mail for certain signatures and hashes to stop spam from entering your inbox, though it still has to allow the mail to be received somewhere unless you actually state that any SPAM, including false positives, get deleted.

A SPAM filter does NOT search outgoing emails, to do that it means the provider of the email is searching through communication that was entered on their system before it is sent which equates to search and tampering, and probably falls under unauthorised access to private communications.

Yahoo is probably able to fall foul of the “Computer Fraud and Abuse Act” as well. In fact unauthorised access to private correspondence is one of the main reasons why “anti-hacking” laws are actually written in the first place.

The question now needing to be asked are:
* what else are they searching for?
* are the searches authorised under law?
* are the positive hits stored in a database for future analysis by either marketers, law enforcement, or other private orgs?
* Is this searching nefarious, intentional, politically and/or ideologically motivated?
* Is there tortuous behaviour, and has harm occurred?
* IS the striesand effect going to bite yahoo on the arse?

Other than the last question, which is a resounding yes, I have no idea, though I suspect Yahoo will be doing their utmost to stop them being answered now.

Anonymous Tester says:

Filtering

I was one of the people who did some testing of Yahoo Mail on the 18th (Sunday) and 19th (Monday).

I had previously been sending some folks I knew articles and information, with the SUBJECT: line of “OccupyWallStreet” and “OccupyWallStreet.org” on Saturday and there was no trouble.

Late late Saturday night and into Sunday, people seemed to have trouble with that as a Subject: line so I started to experiment. I sent several emails with Subject that I had sent previously and got the Yahoo “suspicious activity” warning (changing text around in the body)

I started changing the Subject line and writing text in the body with the URL and the #hasgtag from Twitter and that went through fine for awhile. A couple hours later and none of the variants – Subject line or body – would carry the URL for OccupyWallStreet or the #hashtag. Further testing showed that even “OccupyWallStreet” in the body of the message wouldn’t go through. If you spaced it “Occupy Wall Street” it would.

This was being passed around on the Twitter channel for at least 12 hours; people started blogging it and some managed to get videos of it up on You Tube. Something similar was happening over at Facebook.

That is when Yahoo sent out an apology through the Yahoo Twitter channel and later in a news release and the problem cleared up somewhat…

So it’s somewhat questionable that their “spam filter” explanation is the whole of it.

As of Tuesday night people were still reporting some email getting this message and some only being “delayed” for periods of time…

One of the Yahoo videos is here and the Facebook video is here.

I tested using several different email providers to send to and from Yahoo Mail. I had no problem with any of the other services, and Yahoo would let incoming mail through fine.

Miso Susanowa

freak (profile) says:

Re: Filtering

No, what you describe sounds more like a spam filter.

First pass: Seems legit

Second pass: Yahoo mail has gotten a chance now to check out the link; what Rich and Jamie say above stops the email and marks it as spam because of the link.

Third pass: Terms associated with ‘spam’ have started to get blocked as well; The link is now marked as spam, erroneously, so things that people are tweeting with it, such as the phrase and hashtag begin to get blocked alongside it.

ps says:

yahoo appears to be smart but can this work?

when I wanted to share interesting web page by sending web page URL to friends, Yahoo says “unable to send message:If you are sending a link, try adding some text to it. This helps us fight spam.” I add text here is an interesting thing… and yet Yahoo refuses to send. The only solution left seems to move to other email such as Gmail.

robert morland (user link) says:

censored email on Yahoo

The censorship on Yahoo is still happening with a vengeance. After sending an email today, I got an error message that the message could not be sent for technical reasons. Then… I could not enter my account anymore. When I attempt to enter… the site immediately displays a message indicating that “Engineers are working on the problem”. And I was only writing to “The Five” on Fox News. WOW!!! Censorship at its best!

I say… get rid of Yahoo email by using Gmail… or Hotmail.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...