Spammers Exploiting Hotmail Vulnerability

chip rosenthal writes "Notice more Hotmail spam in your inbox recently? There is a good reason for that. In March, spammers discovered a new vulnerability in the Hotmail service that allows them to script their spam sending. So far I've seen a 2200% increase in Hotmail spam as a result. We're now at three months and counting, and the problem only seems to be getting worse."

DAV as an integration method for outlook?

[miu]

So they report that spam sent by means of this has the following in the header:

Received: from 202.144.44.81 by bay3-dav91.bay3.hotmail.com with DAV; Sat, 07 Jun 2003 23:33:24 +0000

and that the vulnerability was created to allow greater integration for Outlook users. Anyone know if all mail sent with Outlook through Hormail contains this in the header?

Re:DAV as an integration method for outlook?

[bloxnet]

You know what I have been waiting for? Ximian Evolution for Windows. I don't know what I could personally do to contribute to this endeavor short of purchasing such a product or donating to the port....but that would be a completey sweet alternative...I love running Evolution on Linux machines, and I wish there was a convenient installer for Windows.

* btw - if there is a port and I am just not aware of it, someone please let me know.

Spammers cutting and pasting???

[SeanTobin]

Microsoft has created a grave spam threat with this vulnerability. Hotmail has always been a problematic spam source. The saving grace has been that the spam had to be transmitted manually, through a web form, so the sending rate was limited by how fast the spammer could cut-n-paste. Now that Microsoft has provided this new programmatic interface for spammers, that limit has been removed. Spammers may now script their spam runs--and they do--which has created a huge increase in spam transmitted by Hotmail.

So you are telling me that all the spammers out there who so gracefully manage to figure out how to avoid the plethora of filters designed to stop them, negotiate with bandwidth providers to keep thier accounts, and carefully hide thier irl addresses from everyone on earth with a spare brick and a good arm actually cut and paste thier e-mailed spam?

I don't buy it. An hour with a Perl for dummies book and the LWP doc's and any spammer can automate thier submissions.

Does the author really believe that these spammers are copy and pasting thier spams? I sure as heck don't.

Spam control in Hotmail? Bought a bridge lately?

[_RidG_]

Not to totally deride Hotmail, but after having used it for several years, I can honestly say that it's probably the worst out of all free e-mail providers in terms of controlling incoming spam. Yahoo Mail blocks out a good 80-90% of incoming unsolicited mail, and hushmail.com is even better at it - I haven't gotten a single spam during my 6 months with them (so far at least). Add to that the ease with which Hotmail passwords can be hacked (trivial even for script kiddies), and after some consideration you might want to look at another provider.

And hey, it's owned by Microsoft! Grab your pitchforks! :)

hotmail spam

[markov_chain]

Hotmail seems to receive more spam than other free email providers. I believe this may be due to how they handle recipient verification in SMTP. When a mail client attempts to send a message to an unknown username, the hotmail mail server will reply with an error message, indicating that the user doesn't exist. As a result, it is possible for a single spammer to spend some time just once to brute-force user names, and then distribute the list of known-good user names.

Yahoo generates the same reply regardless of whether the recipient exists or not. Thus, to guess user names, spammers would have to brute-force every mailing, as opposed to just the initial one like in the hotmail case.

Why hotmail would do something like this is completely beyond me.

Re:No Biggie

[hbackert]

I always wondered how people get so many mail via hotmail while I do not

The only thing which I took care of, was to not click on "yes, send me spam from all advertisers", but that was a no-brainer. If you apply for spam, you will of course get it.

So far, I have my account for more than a year. I regularily send a mail once in 2 weeks to another account, with reply to keep it from expiring, but beside this I don't use nor advertise it at all. No spam. Zero. Nada.

It might be because I am non-american (so I am not a good target for american-only advertising).

Am I the only one with this "problem"?

hotmail leaks on purpose?

[geoff+lane]

I created a hotmail account with an unusual name unlikely to be guessed by any kind of directory attack, and selected every privacy option I could find but within four hours I got spam.

How could that be without Hotmail leaking names?

The 65.54.*.* range

[Otis_INF]

About a month ago my mailserver started to receive a lot of hotmail connections from the range 65.54.*.*., guess what the bay range servers inside hotmail.com. I contacted abuse@hotmail.com, tried a few times to convince the drone at the other end that my mailserver was receiving a connection from a hotmail server every 20 seconds, but they didn't understand it. I mailed mailserver logs, explanations, links to threads about this on usenet, no clue. After a while I simply blocked all hotmail servers from my server. It's really weird that they have people on the abuse staff that do not understand what 'abuse' means or how to prevent it.

A week ago I removed the block to check if things had changed. To my suprise, no connection since. Apparantly MS has solved this problem finally (that is: installed the WebDAV patch that is what, 2 months old?).