Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Going After Hotmail Spammers

Posted by ryuzaki0 on from the aegean-stables dept.

Mirkon writes "Quoth The Register: "Microsoft has targeted spammers with a lawsuit aimed at bulk mailers who harvest email addresses of Hotmail subscribers in order to bombard them with junk." Details are apparently sketchy at this point, but it's nice to see America's favorite monopoly putting its power to good use." The original news.com.com story is slightly more informative.

13 of 314 comments (clear)

  1. Re:I took Hotmail spammers to mean ... by radish · · Score: 4, Informative

    Do you actually think the spam comes from hotmail? Have you heard of people forging from: addresses? Please, go read the SMTP RFC and come back when you have something to contribute :)

    --

    ---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"

  2. Just do this by eonblueye · · Score: 5, Informative

    Just keep your name out of their Member Directory and you will be spam free. I've had my Hotmail account for years spam free.

    --
    +++ David Watts 5495 0.0 0.5 1888 884
  3. Re:Mail readers. by MindStalker · · Score: 2, Informative

    Mozilla has a "Junk" button, it blacklist the spammer, creates a holistic statistic based on all spam blacklisted to help in guessing future spam and can automatically delete it. Now if someone will just hack in a bounce message.

  4. Re:I took Hotmail spammers to mean ... by hoggoth · · Score: 5, Informative

    > spam that I get is from accounts like hotmail.com or yahoo.com

    Take a look at your full headers, those are forged.
    I filter out mail from @yahoo.com|@msn.com|@hotmail.com|@aol.com where the connecting host does NOT end in yahoo.com, msn.com, hotmail.com, or aol.com
    Just this alone got rid of 20% of my mail (all spam, never a false positive).

    --
    - For the complete works of Shakespeare: cat /dev/random (may take some time)
  5. Re:Mail readers. by Anonymous Coward · · Score: 2, Informative

    For Windows there is Mailwasher

  6. Re:Mail readers. by Erasmus+Darwin · · Score: 4, Informative
    "sends an error message to the spammer... Like the one you get when there is no address with that name."

    The problem is that spammers who're searching for valid addresses generally check whether or not an error occurs at the SMTP level. When the message is in your mailbox, it's already too late.

    First, the spammer connects directly to your server and checks how you handle invalid addresses (by sending an email to an almost guaranteed bogus account). If your mail server rejects mail to the test address, the spammer then begins doing a dictionary-based attack. If any mail gets through, that address goes on the spammer's list of valid targets.

  7. Re:Mail readers. by ceejayoz · · Score: 3, Informative

    1.3b is the first version to have it - phenomenal! :-)

  8. Re:I wish they'd target their spammer USERS! by Skapare · · Score: 2, Informative

    While in some cases dumb spammers will use a live Hotmail account as the return address for a spam run, in the majority of cases, the Hotmail addresses (and those of others like BigFoot, Juno, Yahoo, etc) are fabricated. And yes, some spammers are so dumb they leave no means of contact whatsoever. In other cases it's a web site hosted entirely separately from where the spam came from (often a wide range of open proxies for which no origin tracking headers are inserted). And those web hosters refuse to shut down those spammer sites claiming that since the spam didn't come through their network they won't do anything about it (but at least SPEWS lists them, too, which has resulted in many takedowns).

    Look at the headers and see if the message actually came from one of Hotmail's servers. Microsoft already has made it so that it is incredibly hard to spam through the web interface (just like Slashdot's "slow down cowboy" feature for those who post too fast here). But if someone does manage to spam through Hotmail, by all means notify them, although they probably already know about it.

    I don't know whether it is good to report the likely forged return address spams to Hotmail or not. Certainly if the address is real, it should be, so they can shut it down (they do). But knowing whether it is real or not is not easy.

    I don't actually see all that much spam with Hotmail as a return address. I haven't seen any from Hotmail servers in ages. I do NOT block Hotmail.

    --
    now we need to go OSS in diesel cars
  9. Re:So what.... by babbage · · Score: 5, Informative
    I've been wondering about that since the Spam Conference last month, where both an engineer from Microsoft Research and a representative from Brightmail spoke about how they're trying to filter spam from large networks such as Hotmail and MSN. The scenario you describe is a common perception -- the most obvious explanation for the way even unused, "funny looking" (not dictionary words, numbers, etc) Hotmail addresses get so much spam is that the company must be selling their subscription list to spammers. But if that were actually true, then why are they putting so much effort into filtering out spam at both the network & mail client levels?

    A different idea that came up at the conference was what I'll describe as "bigger targets attract more arrows". That is, an ISP with millions of subscribers (Hotmail, Yahoo, AOL, Earthlink) is a more appealing target for things like dictionary attacks than, say, my personal DynDNS account with two legitimate users behind it.

    If you're going to carry out a dictionary attack against a domain, diminishing returns will take over for the little one (one billion tries, two hits -- 2e9%), but for the big one you can expect a reasonable hit rate (one billion tries, 3 million hits -- 0.003% -- and in fact a reasonably big fraction of all users on the network).

    In practice, this means today that the bigger the netwowrk, the greater the current spam volume, to the point that of the largest ISPs and corporate networks around today, something like 40% to 50% of their mail traffic is now spam.

    I think this is a better explanation for what's going at Hotmail et al., and it also does a better job of why they want so badly to control the spam issue. The explanation they'll give to the public is that this is good customer service, and to an extent that's true. But at the same time, trying to handle all this network traffic is probably a technical nightmare (and comments about the migration from FreeBSD to Win2000 are not helpful here :). For a free service, having to handle that much unwanted traffic is probably killing them, and bringing it under control for that reason is probably at least as important as maintaining customer good will.

    --
    DO NOT LEAVE IT IS NOT REAL
  10. Re:A good start by Nurlman · · Score: 3, Informative

    > You can't block this address (staff@hotmail.com), and there is no 'opt out' other then to stop using the hotmail service.

    You can't block it (sneaky, Microsoft!), but you can sure as shootin' filter it. In Options|Custom Filters, put in a rule that redirects all mail from staff@hotmail.com right inot the trash. Or, if you're afraid of missing out on a valuable deal to get a bigger mailbox, you can always sort Hotmail Services e-mails to some junk mailbox that you only check intermittently.

  11. Re:A good start by Alan · · Score: 2, Informative

    Yes, I love how the junk filter setting of "only allow mail that I have explicitly allowed" blocks everyone but them.

    *sigh*

    Gotta love being a monopoly. Of course, depending on how you think of it, it's their service, so they can do what they want with it, no one is forcing you to use it.

    Well, no one except MS themselves, who force you to get a hotmail account for your .NET stuff, but no one is forcing you to use that.

    Well, except for MS who is building .NET into their OS, apps, and pretty much everything else they have, and they only have 90% of the desktop.

  12. Re:brute force spamming by vena · · Score: 3, Informative

    various references for your amusement:

    http://www.wired.com/news/infostructure/0,1377,571 32,00.html

    http://www.spamhaus.org/newsdog.lasso?article=114

    http://www.unicom.com/chrome/a/000032.html

    the last one is of particular interest because it claims that Hotmail doesn't seem to do anything about these dictionary attacks:

    They have discovered that MSN/Hotmail seems to allow spammers to run long-lived dictionary attacks, in one case extending over five months in duration.

    as for software capable of launching this type of attack - there are already programs which exist for launching these attacks against authentication systems. those written in scripting languages (many of them are written in perl) are easily altered to attack a mail server.

  13. You don't have to view Hotmail via the web.... by Ride-My-Rocket · · Score: 2, Informative

    Just set up Outlook Express to connect to it in typical client/server fashion. Granted, it's in beta (and has been for quite some time... dare I say, indefinitely?), so it has some issues. But it's definitely helpful in avoiding banner ads altogether...............