Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Going After Hotmail Spammers

Posted by ryuzaki0 on from the aegean-stables dept.

Mirkon writes "Quoth The Register: "Microsoft has targeted spammers with a lawsuit aimed at bulk mailers who harvest email addresses of Hotmail subscribers in order to bombard them with junk." Details are apparently sketchy at this point, but it's nice to see America's favorite monopoly putting its power to good use." The original news.com.com story is slightly more informative.

8 of 314 comments (clear)

  1. Re:I took Hotmail spammers to mean ... by radish · · Score: 4, Informative

    Do you actually think the spam comes from hotmail? Have you heard of people forging from: addresses? Please, go read the SMTP RFC and come back when you have something to contribute :)

    --

    ---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"

  2. Just do this by eonblueye · · Score: 5, Informative

    Just keep your name out of their Member Directory and you will be spam free. I've had my Hotmail account for years spam free.

    --
    +++ David Watts 5495 0.0 0.5 1888 884
  3. Re:I took Hotmail spammers to mean ... by hoggoth · · Score: 5, Informative

    > spam that I get is from accounts like hotmail.com or yahoo.com

    Take a look at your full headers, those are forged.
    I filter out mail from @yahoo.com|@msn.com|@hotmail.com|@aol.com where the connecting host does NOT end in yahoo.com, msn.com, hotmail.com, or aol.com
    Just this alone got rid of 20% of my mail (all spam, never a false positive).

    --
    - For the complete works of Shakespeare: cat /dev/random (may take some time)
  4. Re:Mail readers. by Erasmus+Darwin · · Score: 4, Informative
    "sends an error message to the spammer... Like the one you get when there is no address with that name."

    The problem is that spammers who're searching for valid addresses generally check whether or not an error occurs at the SMTP level. When the message is in your mailbox, it's already too late.

    First, the spammer connects directly to your server and checks how you handle invalid addresses (by sending an email to an almost guaranteed bogus account). If your mail server rejects mail to the test address, the spammer then begins doing a dictionary-based attack. If any mail gets through, that address goes on the spammer's list of valid targets.

  5. Re:Mail readers. by ceejayoz · · Score: 3, Informative

    1.3b is the first version to have it - phenomenal! :-)

  6. Re:So what.... by babbage · · Score: 5, Informative
    I've been wondering about that since the Spam Conference last month, where both an engineer from Microsoft Research and a representative from Brightmail spoke about how they're trying to filter spam from large networks such as Hotmail and MSN. The scenario you describe is a common perception -- the most obvious explanation for the way even unused, "funny looking" (not dictionary words, numbers, etc) Hotmail addresses get so much spam is that the company must be selling their subscription list to spammers. But if that were actually true, then why are they putting so much effort into filtering out spam at both the network & mail client levels?

    A different idea that came up at the conference was what I'll describe as "bigger targets attract more arrows". That is, an ISP with millions of subscribers (Hotmail, Yahoo, AOL, Earthlink) is a more appealing target for things like dictionary attacks than, say, my personal DynDNS account with two legitimate users behind it.

    If you're going to carry out a dictionary attack against a domain, diminishing returns will take over for the little one (one billion tries, two hits -- 2e9%), but for the big one you can expect a reasonable hit rate (one billion tries, 3 million hits -- 0.003% -- and in fact a reasonably big fraction of all users on the network).

    In practice, this means today that the bigger the netwowrk, the greater the current spam volume, to the point that of the largest ISPs and corporate networks around today, something like 40% to 50% of their mail traffic is now spam.

    I think this is a better explanation for what's going at Hotmail et al., and it also does a better job of why they want so badly to control the spam issue. The explanation they'll give to the public is that this is good customer service, and to an extent that's true. But at the same time, trying to handle all this network traffic is probably a technical nightmare (and comments about the migration from FreeBSD to Win2000 are not helpful here :). For a free service, having to handle that much unwanted traffic is probably killing them, and bringing it under control for that reason is probably at least as important as maintaining customer good will.

    --
    DO NOT LEAVE IT IS NOT REAL
  7. Re:A good start by Nurlman · · Score: 3, Informative

    > You can't block this address (staff@hotmail.com), and there is no 'opt out' other then to stop using the hotmail service.

    You can't block it (sneaky, Microsoft!), but you can sure as shootin' filter it. In Options|Custom Filters, put in a rule that redirects all mail from staff@hotmail.com right inot the trash. Or, if you're afraid of missing out on a valuable deal to get a bigger mailbox, you can always sort Hotmail Services e-mails to some junk mailbox that you only check intermittently.

  8. Re:brute force spamming by vena · · Score: 3, Informative

    various references for your amusement:

    http://www.wired.com/news/infostructure/0,1377,571 32,00.html

    http://www.spamhaus.org/newsdog.lasso?article=114

    http://www.unicom.com/chrome/a/000032.html

    the last one is of particular interest because it claims that Hotmail doesn't seem to do anything about these dictionary attacks:

    They have discovered that MSN/Hotmail seems to allow spammers to run long-lived dictionary attacks, in one case extending over five months in duration.

    as for software capable of launching this type of attack - there are already programs which exist for launching these attacks against authentication systems. those written in scripting languages (many of them are written in perl) are easily altered to attack a mail server.