Microsoft Will Sell Whitelist Services For Hotmail

Ec|ipse writes "Looks like Microsoft has found another way to make money, this time from spam. Microsoft has adopted a "whitelist" program (Bonded Sender by IronPort) which will allow marketers to pay Microsoft so that they are included on a special whitelist, guaranteeing uninteruptable delivery of their messages to Hotmail and MSN users. You can catch the full article at Excite. I especially like the nice naming for spammers, calling them 'marketers' sounds so much more legitimate." mgibbs adds "Hopefully the $20K fine that results from abuse of this system is enough to deter spammers."

It all makes perfect sense now.

[Trigun]

Spam the hell out of everyone, sue the spammers for profit, and then profit from the whitelists.

Re:It all makes perfect sense now.

[Steve_Jobs_HNIC]

ya, MS has both sides covered. It's a Win-Win for MS. from the article:

Those found to be engaging in abusive behavior forfeit a cash bond of up to $20,000, Gillis said.

...

"When you add these up over time, it will be uneconomical to send out spam," said Microsoft spam specialist George Webb.

I like it. If people are allowed to opt out of REQUESTED mail from "legitimate marketers", great. And if the marketers continue to send spam, then I get $20,000, WOOOHOOO!

.....ohhh wait

Re:It all makes perfect sense now.

[the+chao+goes+mu]

My old employer (a web-hosting company which shall remain nameless) did almost the same a few years ago. They hosted hundreds of "marketers" (yes, we used the same euphemism), who spammed like crazy from our boxes, then they turned around and sold spam filtering services to their other clients. Nice to profit off the problem you helped create.

Re:It all makes perfect sense now.

[TheLinuxSRC]

Actually, you don't get anything. The bond is posted by the marketer and is put in escrow. Everytime an infraction is reported you (as the marketer) are fined a relatively insignificant amount against the bond in escrow. This way, should the marketer send out a million emails and get 10 complaints, the "fine" is insignificant. If a marketer sends out a million emails and gets a hundred thousand complaints, their bond is consumed by the multitude of tiny fines and they are no longer bonded.

Re:It all makes perfect sense now.

[dasmegabyte]

It's not exactly the same, now, is it?

There are companies from whom I REALLY want to get email. Mostly, companies I have a business relationship with. Then, there are companies from whom I want no mail at all -- mostly, companies that pull my email address out of a hat and say, "send spam to him!"

Now, i have a spam filter -- a Bayesian deal built in to Thunderbird. I am quite religious at training it. And yet, a lot -- a LOT -- of good messages get marked false positives. Messages from eBay, messages from friends, messages from my political party...it's gotten so that I have to go through my trash and pick out emails that are good, which is the same situation as before I had my filter.

It all culminated in email from Apple -- from whom I just bought a computer -- going straight to my trash. Email including a request that I contact them to secure my mailing address (apparently, my phone number at work was entered wrong). I didn't find that one for two days...and it meant my order shipped two days late.

A service that let big name vendors through with the proviso that they have to be responsible -- a service that also had an economic mechanism for enforcing this responsibility -- would be a good thing. Too bad it's hotmail!

Re:It all makes perfect sense now.

[the+chao+goes+mu]

Perhaps I should have been more specific concerning this particular company. Not only did we provide filters to stop the mail our customers generated. We also sold boxes to hosting companies, but then shut down THEIR clients if we thought they were spamming. But we did nothing about the "marketing" sites WE hosted. It seems the difference between marketing and spamming is who gets the largest percentage of their fees. (Okay, maybe a bit OT for this topic, but I just thought MS shouldn't get all the "credit" for really bad spam policies.)

Re:It all makes perfect sense now.

[Christopher_G_Lewis]

Actually, (after quite a bit of searching, mind you) according to this Fees the fine, while small, would not be insignificant.

They're talking $20 per complaint, after your "free" complaints per month. Which, for the "low" volumne bulk sender( less than 1,000,000 per month), is 1 complaint per month.

So, for the above example, 10 complains - 1 free complaint * $20 is $180. The sign up costs are $375 Application, $500 license, $500 bond.

So after your first month, you've spent $875, bonded $500, e-mailed 500,000 messages, and lost $180.

And somewhere else, I thought read that if your bond drops below half, you have to replace it. So they've effectively created a charge system for spam.

This would be quite nice if they donated some of the bond money to, say, the SpamAssassin Development Team, or maybe SourceForge.

Re:It all makes perfect sense now.

I think the most shocking part of this article is the revelation that Excite.com is still in business.

Mwahahahah (pinkie on lip)

[draxredd]

1/ make spamming easy 2/ make spamming hard 3/ profit.

No longer spammers

When will we see the new comic book, "Spam Assassin versus the Marketeer"!?

It's also a list to avoid!

Get a hold of the whitelist, and you can immediately add it to your OWN spam filter! Nice of Microsoft to offer to collect all, umm, marketers in one place...

Re:It's also a list to avoid!

[Allen+Zadr]

Great Idea!

Except that IronPort, not Microsoft, is running this list. IronPort are the same people who purchased SpamCop. IronPort's business is SPAM prevention.

There are plenty of legitimate companies that don't SPAM that have IronPort bonds. Especially where these companies are sending out 'Technical Errata' or trying to run product support over E-mail.

Now you can argue that 'Technical Errata' sometimes has embedded ads (usually not), and sometimes is unsolicited (usually not) - but most people who ask for it think it's useful. If I send a company an Email asking them about how to fix thier broken product, I surely wouldn't want the reply to be stuck in a SPAM filter (this happens to me once or twice a month).

If you want to use IronPort's whitelist service, inquire at thier web site.

Re:It's also a list to avoid!

[Willeh]

That's exactly what i was thinking! 1). Make marketers pay to be on a list 2).Turn that whitelist into a blacklist for your mailserver. 3). ??? 4). Spam free Utopia (well, almost). I doubt many spammers would deal with this though. Also the problem of vindictive people accusing the whitelisted marketers of illegitimate spam, and the spoofing of such mailadresses. This leaves the whitelisted "good guys" to battle against the existing spambags who have no scrupules to fuck the legitimate "marketeers" over for a few bucks.

Re:It's also a list to avoid!

[Allen+Zadr]

No - it is configured at the recieving server and uses the connecting IP address - DNS lookup to IronPort's servers. Spoofed Emails are meaningless.

However, this is similar to the "Trusted Sender" initiatives. If I'm sending out Email for work from my home, I may be legitimately setting (spoofing) my Email address so that customers don't bother me at home. Replies will still come to me, just to my work account. I guess I can't do that anymore.

Re:It's also a list to avoid!

[fiber_halo]

I believe the intention of the whitelist is for companies like airlines, Fedex, etc to send legitimate email notifications to their customers without having to worry about SpamAssassin throwing their email in the trash.

Presumably there is some sort of due diligence that is done before bonded status is granted so that any ol' spammer can't just pony up $20k and get on the list. One thing is for sure -- they wouldn't stay on that list if they are found to be spamming.

Re:It's also a list to avoid!

[Electrum]

IronPort's business is SPAM prevention.

Actually, they play both sides of the fence.

Re:It's also a list to avoid!

High volume email is not necessarily spam.

They are interested in helping people to send out legitimate high volume email. It's therefore in their interests to stop people sending unsolicited bulk email, which gets in the way of the legit stuff.

Re:It's also a list to avoid!

[Willeh]

Good, so it's not so open to abuse. But it still sits wrong with me that (from what i understand from the article) microsoft is letting people pay to let their spam through. Bottom line: Even legal spam is bad for me, especially when it is whitelisted as a valid, commercial offering. (hell, it often doesn't even apply to me, if a foreigner without a credit card)

Re:It's also a list to avoid!

[Allen+Zadr]

The main thing is that the BOND and Infraction costs go to IronPort (owner of bondedsenders.com, bondedsenders.org and spamcop). IronPort is not Microsoft. Microsoft is simply using IronPort's service. The article isn't perfectly clear unless you already know who IronPort is and what they do.

Re:It's also a list to avoid!

[amaker4]

MS will create a whitelist.... With the pipeline of complete garbage coming into my hotmail account, I've thought for years that they already had!

Re:It's also a list to avoid!

[cardshark2001]

SPAM ... SPAM ... SPAM

What does the Hormel product have to do with unsolicited commercial email?

The upper case version of the word is trademarked by Hormel, and is acceptable for breakfast (depending on personal taste). The lower case version of the word refers to unsolicited commercial email and is acceptable for hunting someone down and kicking their ass when they send pictures of hot asian teenagers having sex with men who have enhanced their s1ze and are taking \/1c0d1n and v1@gr4 they bought in an online f4rmecy to your 11 year old kid.

Re:It's also a list to avoid!

[scrytch]

> Actually, they play both sides of the fence.

I know, just look at that feature list. Header forgery. Message obfuscation. Relay and proxy discovery and use. Listwashing.

Oh wait. Those aren't there. It's just really fast. String 'em up anyway, no one's got business sending that much email!

Re:It's also a list to avoid!

[Henry+Stern]

Apparently, the poster has never heard of a realtime blacklist. If a spammer were to use an A60 to send out their spam, their IP would be added to the RBL and none of their messages would get through.

Devices like that are useful for sending out legitimate messages, such as 'Technical Errata' or trying to run product support over E-mail.

Nice One

[John+--+H+Town]

The problem is that Business People just don't care about doing what is right for the customer. Bill is a business man, get used to it !

Re:Nice One

[1u3hr]

Bill is a business man, get used to it !

We've been used to it since 1976: An Open Letter to Hobbyists.

Re:Nice One

[Allen+Zadr]

So, that's how it started...
I've never seen the Business Software Alliance charter before.

Re:Nice One

[from a rant about how nobody is paying for Altair BASIC, that he helped develop]

"I would appreciate letters from any one who wants to pay... Nothing would please me more than being able to hire ten programmers and deluge the hobby market with good software."

Well, Bill... we've been paying for thirty years now. When are you getting around to writing that GOOD software you promised us, huh?

And then

[GarbanzoBean]

And then they will charge users extra for "adv free" service. Oh wait, I thought they were talking about phone companies.

Leave it to Microsoft...

.... to keep spammers in business.

To be fair...

[Geek_3.3]

... free ain't always cheap. :-P

What I wonder is if the people that actually PAID for the service get screwed equally by the 'marketers' as the cheapskates...

The UK

I wouldn't mind spam so much if it actually had any relevance to me.

I live in the UK and nearly almost all my spam offers me services in the UK.

My email address does end in .uk so it shouldn't be too hard to work out

Re:The UK

[jobsagoodun]

Mine frigging dosen't. All mine offers is "Scqwirting Teenz Chickz" and "V1AGRA".

Re:The UK

[noelmarkham]

I've never really had a problem from spam.I've never given my email address out on usenet, for example, and I rarely sign up for things like 'daily news updates from wearestilltryingtogetoverdotcombubbleburst.com' or whatever.

It just seems to me that if people looked after their email address, and that no matter what happens, people understand that their penis won't get larger, no matter how many times they click on the link, then they would reap the benefit of a spam-free inbox sooner rather than later.

Re:The UK

YHBT HAND

(I did not post the parent)

Re:The UK

[16K+Ram+Pack]

I was getting spam on my Hotmail account within a few days. I'd sent a message to one friend, who I'm sure hadn't sent it out.

I think spammers try random name combinations and check for bounces.

This is a BOND, not a payment

[Richardsonke1]

Sorry to give you one less reason to hate MS, but they are taking the money as a BOND, not as payment. MS only gets the money if the spammers don't follow their rules. Probably something like "must use real return address and have a unsubscribe link that doesn't add you to more lists."

Re:This is a BOND, not a payment

[rixstep]

What difference does that make? They're still spamming. I don't care if they do have a valid return address: 'unsolicited' is still 'unsolicited'.

Re:This is a BOND, not a payment

[twoslice]

And who decides if the spam is violating the rules? remember the golden rule - the one with the gold makes the rules....

Re:This is a BOND, not a payment

[no+longer+myself]

MS only gets the money if the spammers don't follow their rules.

Of course if the rules are written anything like their license agreements, they'll get their^H^H money.

Re:This is a BOND, not a payment

[nodwick]

Sorry to give you one less reason to hate MS, but they are taking the money as a BOND, not as payment. MS only gets the money if the spammers don't follow their rules. Probably something like "must use real return address and have a unsubscribe link that doesn't add you to more lists."

What, you mean that a Slashdot submitter would put in something that wasn't meticulously researched and accurately summarized? :p

My bit of I-hate-early-mornings sarcasm aside, I fail to see how this being a bond makes any difference to the end user. Most people probably won't find much consolation in knowing that the annoying spam in their Inbox that escaped their filters is resulting in more income for Microsoft.

A bond is typically posted so that the injured party receives the money held if an agreement is broken. It seems pretty clear that the "injured party" is the spamee here, not Microsoft. What're the odds that MS will share the money if the terms are violated?

Re:This is a BOND, not a payment

[jtwJGuevara]

I concur. Isn't this fighting what Microsoft has allegedly stated they want to stop: the unsolicited sending of marketing based messages through the inboxes of every consumer and business employee? I didn't RTFA but judging from the gist of the summary I have to call major bullshit on Microsoft's stance on discouraging spam and creating technology to reduce/eliminate spam, and then pulling a tactic such as this to allow "marketers" who are legitimate to still send marketing emails in mass. Perhaps I missed something over the past 5 years regarding the definition of spam. I always under the impression that spam was the sending of any unsolicated message by a for profit agency in mass to a multitude of internet users. If that isn't what it is then I'll be eagerly awaiting Microsoft's marketing department to enlighten me on the subject.

Re:This is a BOND, not a payment

[nodwick]

What difference does that make? They're still spamming. I don't care if they do have a valid return address: 'unsolicited' is still 'unsolicited'.

It actually could make a difference, if it makes spam economically unprofitable for spammers. Spammers make their money from the fact that they can send out a bazillion emails and survive on very tiny response rates. By increasing the cost of sending spam, in the form of seized bond funds, Microsoft can make it infeasible for spammers who post bonds to profitably send unsolicited spam. This is also the idea behind those "internet postage" and other proposed spam-defeating measures.

The beef I have with this scheme is that since it's the user that's inconvenienced by the spam, the bond money should be sent to them in the event of a violation. The fact that Microsoft is the one getting the funds is what makes it seem like a money grab.

Re:This is a BOND, not a payment

[SilentChris]

Well, actually, I think the point of this is to curve spam. No illegitimate (read: v1agr3) spammer will try to get on this whitelist. They'll be fined into oblivion. MS is basically saying "Here's a semi-more-legitimate group of spammers than usual. We can probably trash the rest of the messages we get".

Re:This is a BOND, not a payment

[Syberghost]

So what? It's essentially a $20,000 fee to guarantee getting past the antispam filters of 170 million people.

That's cheap, and thus economically feasible.

It will keep out spammers who have a low-margin product that gets a low (.0001%) response rate, but for spammers that have a high-margin product or a high response rate, it'll be seen as a fee.

If the response rate is even .001%, it'll be profitable for things like penis enlargement pills.

Re:This is a BOND, not a payment

[wayne]

Sorry to give you one less reason to hate MS, but they are taking the money as a BOND, not as payment. MS only gets the money if the spammers don't follow their rules.

MicroSoft doesn't get the bond, bondedsender gets the bond. Bondedsender has an incentive to whack spammers quickly so as to get the bond money. This discourages spammers from using bondedsender, which encourages ISPs like MSN/Hotmail to use them.

If you get a spam from somone on the bondedsender program, just report it via spamcop.net. The report automatically goes to bondedsender. If you are not sure if the spam came from someone using bondedsender, just report it via spamcop.net and let them figure it out.

Re:This is a BOND, not a payment

[ajp]

You're right: In the event of a violation Hotmail users should get a credit toward more free e-mail.

Re:This is a BOND, not a payment

[galego]

As someone else noted ... 'unsolicited' IS 'unsolicited'. In fact ... the only reason to hate them less would be if they *DID* take the money and then pass on feature enhancements or work out legitimate discounts on legitimate products sold by those advertisers.

Think about it .. the way you describe the BOND works better for M$ and there's less work for them. I'm sure there's details I'm omitting/overlooking, but humor this conspiracy theory for a moment ...

1. Spammer (errr ... Marketer?) signs up for whitelist
2. Spams/Markets away on innocent bystanding email users and employs questionable/misleading/illegal tactics
3. Users are the ones who will end up policing it ... most likely by a few of them getting burned, and a few being vigilant and savvy enough to root out the bad guys.
4. M$ sits on the notice/'looks into it' until it becomes widespread common knowledge and can't be ignored (like most of their security holes).
5. M$ takes the BOND money, puts it in pocket and blacklists the Marketer ... or I guess it's really Spammer at this point, right?
6. Rinse & Repeat

Seems like a little bit of patience will get Microsoft some cash with little effort.

Re:This is a BOND, not a payment

[SupaMegaBuffalo]

The beef I have with this scheme is that since it's the user that's inconvenienced by the spam, the bond money should be sent to them in the event of a violation. The fact that Microsoft is the one getting the funds is what makes it seem like a money grab.

Well the users are getting an email account for free with Hotmail. If they were paying for their accounts then i can see some logic in that.

Re:This is a BOND, not a payment

[Analysis+Paralysis]

IronPort own SpamCop - does this not create an ever-so-subtle conflict of interest on their part? (giving them the ability to either ignore reports for favoured customers or create ones for when the money gets tight and a few bonds are wanted...)

Re:This is a BOND, not a payment

[Tim+C]

Well, with a valid return address you can get in touch with them and ask them to stop, and/or hit them under CAN-SPAM, right?

Re:This is a BOND, not a payment

[Jaywalk]

They're still spamming.

No, they're not. It's bulk email, but it's not unsolicited. Looking into my junk mail folder -- the one that picks up the bulk email -- I see updates from ParentCenter.com, HomeDepot.com and PublicKnowledge.org. These are all organizations that I signed up for to send me regular updates, so it's not unsolicited email. But the company spam filter doesn't know that, so it sweeps them into my junk mail folder along with the Viagra and penis enlargement crap. If these companies were on a white list of companies that post a bond $20k against a promise to only send "opt-in" bulk email, the mail filter could be programmed to assume they're legitimate and I wouldn't have to keep checking to see how much legitimate mail I'm losing.

Re:This is a BOND, not a payment

[innocent_white_lamb]

It seems pretty clear that the "injured party" is the spamee here, not Microsoft.

You're paying for the bandwidth?

Re:This is a BOND, not a payment

[nolife]

but for spammers that have a high-margin product or a high response rate,

Does that actually exist?

Re:This is a BOND, not a payment

Except of course that Microsoft doesn't have anything to do with the bond, nor do they get the money from the bond. All Microsoft does is pay money to Ironport, who are running the scheme.

Re:This is a BOND, not a payment

[Allen+Zadr]

No, it doesn't ... IronPort's primary business is network security and SPAM prevention. IronPort bought SpamCop because of the good-will and name recognition that SpamCop would provide them.

IronPort also owns BondedSender (.com and .org).

IronPort is hoping to corner the 'WhiteList' market by getting legitimate organizations to bond for this service. This is not immediate money for IronPort (but could be a revenue stream if the lax up a bit on who they allow to bond). Bottom line - it's in their interest to take the bond. So, it's also in their interest to watch carefully for violations.

My bet... there will be very few of them.

Re:This is a BOND, not a payment

[dasmegabyte]

I think a lot of anti-SPAM pundits on /. are actually anti-marketing pundits. Meaning they consider ALL email selling ANYTHING to be SPAM.

I grew up with publications that were, essentially, advertisements. Remember Computer Shopper? You never read the articles, did you? I sure didn't...but I read the ads. Same with RC Hobbiest. Nowadays, I get all sorts of cool publications and catalogues in the mail...VW Trends, Road Runner Sports, JC Whitney for Volkswagens, Crutchfield, Campmor, Victoria's Secret...and you know what, I look through them all. I don't always buy stuff, but I always find interesting things I didn't know existed (especially in that last one). Believe it or not, I enjoy that.

Now, email has opened up the door even further. I get catalogs from teeny tiny agencies that would never be able to offer them offline for the expense. I like that...I like looking through the clearance items at some obscure Bug shop in Tampa Bay that I'd never find out about otherwise. I just wish these mails would make it through my spam filter!

Re:This is a BOND, not a payment

[Syberghost]

Well, by "high response rate" I mean "order of magnitude higher than the .0001% presumptive default I see in articles", and by "high-margin" I mean "significantly higher than the $11 or so it would cost per response if they only got .0001% and paid $20,000 for it".

So, within those definitions, I think yes, there probably are some.

Re:This is a BOND, not a payment

[johnnyb]

The bond is held by IronPort, not Microsoft. Neither one actually gets the money, though.

IronPort is trying to provide the way to real spam-prevention services. If they don't have any credibility, noone will buy their services, and they will go out of business.

This really is a smart move. It's too bad Slashdot is too much in the "hate Microsoft" / "hate all forms of email marketing" line to see it.

Re:This is a BOND, not a payment

[Darren+Winsper]

Perhaps Computer Shopper is different in the US to the UK, but I most certainly bought it for the articles.

Re:This is a BOND, not a payment

[be-fan]

I think a lot of anti-SPAM pundits on /. are actually anti-marketing pundits. Meaning they consider ALL email selling ANYTHING to be SPAM.
There is a difference? I consider trying to sell me anything to be offensive. If I want to buy something, I'll go out and buy it. Until then, leave me alone.

I grew up with publications that were, essentially, advertisements. Remember Computer Shopper? You never read the articles, did you?
I never bought the 'magazine'. It was a waste of $4.95. Well, any ZD rags are a waste of their purchase cost, but that's beside the point.

Nowadays, I get all sorts of cool publications and catalogues in the mail...VW Trends, Road Runner Sports, JC Whitney for Volkswagens, Crutchfield, Campmor, Victoria's Secret...and you know what
You read catalogs, voluntarily? For god's sake! It's people like you who let marketers exist to bother people like me!

Re:This is a BOND, not a payment

[be-fan]

Trim that to: "hate all forms of marketing." I honestly believe the world would be a better place if all marketing was eliminated from the face of the earth. Anybody who doesn't agree with that sentiment is probably in advertising.

Re:This is a BOND, not a payment

[dasmegabyte]

Thanks for proving me right about the anti-marketing thing. I knew I could count on /.

Marketing isn't inherently bad. It is in many ways the only way to know about new products. Word of mouth is great, but at some point somebody has to be told of a product's existance or there'll be nobody to spread the word in the first place.

You say if you want to buy something, you'll go out and get it. Fair enough. But I'm not fucking psychic. I don't immediately know when a company releases a new product that I might want. Most of the catalogs I read feature items that aren't reviewed in trade magazines. If I want to buy a cal-look running board for a 1973 Super Beetle, what recourse do I have BESIDES catalogs? Before I started getting VW Trends, I thought I'd have to go to junkyards with my fingers crossed if I wanted to find anything for my restoration! Through catalogs, I've found sources and options that have made the restoration much easier, much cheaper, and much nicer looking.

And I'd much rather read a catalog than visit a store, mostly because the nearest air cooled VW retailer is in Niagara Falls, but partially because I appreciate the luxury of being able to weigh features and price without a salesman breathing down my neck.

Re:This is a BOND, not a payment

[Dalcius]

> By increasing the cost of sending spam, in the form of seized bond funds, Microsoft can make it infeasible for spammers who post bonds to profitably send unsolicited spam.

But once spammers are turned off from the scheme we are right back where we started.

To make something more expensive, you have to raise the price without changing the 'something' or change the 'something' and force people to buy it. People won't pay more unless you make them.

But this is not raising the price of what they're doing now (sending a bazillion spams a day) and it is not forcing them to move to the new plan.

So, in the end, you're not increasing the cost of spam, you're just giving spammers who can follow a few small rules a guaranteed way of getting their email through.

Cheers

Re:This is a BOND, not a payment

[johnnyb]

Are you against industry, too? Industry (including computers) simply cannot exist without marketing.

The only way to start a business is with marketing.

The only way people know about your business is with marketing.

Without marketing, the only type of work that would be available would be farming for yourself. Without marketing, how would you let others know you have something to sell?

Re:This is a BOND, not a payment

[Major_Small]

the difference is that they have 20k on the line, spammers don't... if you click their unsubscribe button and they don't stop, they lose the money. This is a good thing, IMO... at first I thought it was a terrible idea, but then I read the article and it seems like an okay solution... the only thing is that I hope they allow you to keep some of the whitelist email addys on your blacklist... and they don't start giving out email addresses to those on the whitelist...

Re:This is a BOND, not a payment

[scrytch]

> So what? It's essentially a $20,000 fee to guarantee getting past the antispam filters of 170 million people.

Once. Once you spam, you lose it by degrees -- each complaint takes a chunk out of your bond -- and then you have to pay it again. This makes it more than a little expensive to use for spam.

Mainsleazers who keep bending the definition of spam might like to use an Ironport bond, but another effect of bondedsender is that you bond a well-known range of IP addresses, so there's a very well known target to block yourself if they do abuse it.

Re:This is a BOND, not a payment

[damien_kane]

What about those actually paying for MSN services, or the extended Hotmail services (which include enhanced spam detection, larger userspace, et.al)?

They are paying for the accounts, so they should get the money.

Re:This is a BOND, not a payment

[Eraser_]

I do believe the difference here is the fact that he (and I) sign up for catalogs of things I might be interested in. My mom get things from LL Bean and some home gardening stuff, I get crutchfield, and one or two others. These don't spam, "SC Magazine" spam, and then send me a card saying if I don't pay up my subscription will expire! Oh no!

I mean, do you hate it when your radio is interupted by commercials? Buy XM. Do you hate it when your favorite free website has a few ads? Pay a subscription.

Now, spam, and companies which freely sign me up for their mailings (You opted in by buying BS) do annoy the hell out of me. I've called an said "If I cared for your cataloug I would request it specifically, obviously I found out about you somehow, and it will save you the $1 to mail it to me". Month later buying from the same person who promised to get me off the list and tell someone about it had a checkbox "include catalog?". I will do business with them again.

Re:This is a BOND, not a payment

[Robocoastie]

All you'd have to do is add them to your safelist though and then they'd never go to your junk folder again. What this thing from M$ is doing is taking control AWAY from you the user/customer. It's a money grab and its just one more reason to cease using M$ products.

Re:This is a BOND, not a payment

[cmowire]

I'd disagree. You are mixing the groupthink anti-corporate and anti-spam bias together and calling it an anti-marketing bias. I think most folks are not against marketing, they are against marketing that is more annoying than useful.

The problem is that Victoria's Secret needs to chose carefully each person they send out the catalog to. If they don't get leads from their customers, they don't send catalogs. So it's a self-regulating process that tries to get catalogs in front of people who might be interested.

The problem is that email advertising, to date, hasn't been selective. If the merchants had to spend a few dollars making sure somebody is interested in something, we'd not be complaining. But it's cheaper to annoy most of the 'net than it is to actually target the advertisements.

The biggest problem with this pay-to-advertise system is that it really screws with the little guy (a.k.a. your obscure Bug shop in Tampa Bay) because they are probably not prepared to put up a $20,000 cash bond in order to do business. Which really destroys one of the central advantages of the Internet -- the ability of the little guy to attract audiences they wouldn't otherwise.

The other big thing is that if you really do care about your Bug or thong lingerie, you'd probably end up going to an impartial review site (the bug equivelent of ArsTechnica or AnandTech or whatnot) or typing it into Google, not simply by reading your email.

Re:This is a BOND, not a payment

[elemental23]

It's a money grab and its just one more reason to cease using M$ products.

Please explain how Microsoft is making any money from using a third-party whitelist.

Oh, you didn't notice that MS is not the one maintaining this list, that it's actually an established service run by someone completely unrelated?

It's amazing how many people are having these kinds of knee-jerk reactions instead of bothering to RTFA.

Re:This is a BOND, not a payment

[dasmegabyte]

Dude, is there an impartial thong lingerie review site?

If so, sign me up, and if not, give me ideas for a domain name!

Re:This is a BOND, not a payment

[Robocoastie]

from the article: "... Microsoft's Hotmail and MSN e-mail services, which together claim 170 million regular users, will require marketers to put money up front if they wish to ensure their messages aren't mistaken for unwanted spam..." Like everything involving microsoft this is an advertising method in which they will pay microsoft for the ability to bypass their spam filter. This is also why the original slashdot article said: "Ec|ipse writes "Looks like Microsoft has found another way to make money, this time from spam." If you think M$ is going to let them do this for free then you really are brainwashed by Gates and Co.

Re:This is a BOND, not a payment

[Robocoastie]

>>Sorry to give you one less reason to hate MS, but they are taking the money as a BOND, not as payment. MS only gets the money if the spammers don't follow their rules. Probably something like "must use real return address and have a unsubscribe link that doesn't add you to more lists." Who gives a crap how they make the money. Its still a scheme to sell out their user list, which is potentially every windows user in the world. Once again M$ cares about business and not the wishes of their customers.

Re:This is a BOND, not a payment

[silicon+not+in+the+v]

You didn't read the article too? Microsoft isn't getting any of this bond money. No one is paying the bond to Microsoft. It goes to IronPort.

Re:This is a BOND, not a payment

[Syberghost]

Once. Once you spam, you lose it by degrees -- each complaint takes a chunk out of your bond -- and then you have to pay it again. This makes it more than a little expensive to use for spam.

Actually, in my calculations that show it's economically worthwhile for some spammers, I was using the assumption that you lose the entire $20,000 if you spam once.

If you lose only a part of it, it's economical for just about any spammer.

In fact, if you were to lose 25% of your bond every time, it'd be worthwhile for some pretty low-margin stuff. If you make three bucks off of .0001% of the recipients, it'd be worth it.

Re:This is a BOND, not a payment

[be-fan]

We have these things called malls. If you want to buy something, you go to the mall, and *gasp* they have these things called stores where you can *gasp* buy exactly what you want. Online directories are a natural extension of malls. Like in a mall, you can compare numerous different products and pick the one you want. Except with online directories, you can do this much faster. With both, if you've got something to sell, you get a store in the mall and people (if they want your stuff) will buy from you.

Re:This is a BOND, not a payment

The beef I have with this scheme is that since it's the user that's inconvenienced by the spam, the bond money should be sent to them in the event of a violation. The fact that Microsoft is the one getting the funds is what makes it seem like a money grab.

Why is everyone making the assumption that Microsoft receives bond debits? Microsoft does not. Even IronPort/BondedSender does not. Read the FAQ. Bond debits only go to non-profit organizations.

Re:This is a BOND, not a payment

[johnnyb]

Being in a mall is a *gasp* marketing decision. The reason you know to go to a mall is *gasp* marketing. Having attractive signs and wall displays is *gasp* marketing. Online directories are *gasp* marketing.

None of this would be available without marketing.

Re:This is a BOND, not a payment

[be-fan]

How is being in a mall marketing decision? And why do you have to go to a mall because of marketing? Can't you go because you need something? And online directories can contain marketing, but not necessarily. They are simply informational, just like a phonebook.

Re:This is a BOND, not a payment

[johnnyb]

"How is being in a mall marketing decision?"

Have you ever tried to run or at least taken the time to look at the way businesses are managed? You go and you say, "well street corner X will give me direct access to Y # of people at a cost of Z. I estimate A% of them will walk in just off the street. I will be able to reach B% more people because of my location". That's marketing.

"And why do you have to go to a mall because of marketing?"

That's how you know the mall exists.

"Can't you go because you need something?"

Not if you don't know it's there.

"And online directories can contain marketing, but not necessarily. They are simply informational, just like a phonebook."

A phonebook is marketing. Especially the yellow pages, even without the half-page ads. Even getting listed AT ALL in the yellow pages costs a bit of money, because it is marketing. Being listed in the white pages is not marketing, because someone would already have to know who you are to find you. But to be listed by category in the yellow pages is marketing, and is sold as such.

All online directories are marketing. The first part of any successful web marketing plan is getting listed on dmoz.org, google.com, and any dedicated directories.

Try to run a business some day and you'll see what I mean. People can't find you through ESP. You have to tell them you exist and what you do, and make people know how much better you are than others.

Re:This is a BOND, not a payment

[be-fan]

Have you ever tried to run or at least taken the time to look at the way businesses are managed? You go and you say, "well street corner X will give me direct access to Y # of people at a cost of Z. I estimate A% of them will walk in just off the street. I will be able to reach B% more people because of my location". That's marketing.
I'm looking at things not from the perspective of the businessman, but from the perspective of the consumer (me). I don't go to a mall because I saw an ad. I go to the mall because I need a new pair of jeans. I'm not denying that people aren't susceptible to marketing, but rather stating that things would be better if they weren't, and we could do away with marketing entirely.

That's how you know the mall exists.
I don't know about you, but I hadn't seen an ad for our local mall (Tysons Corner in Northern Virginia) until years after I started going there. Tysons almost never advertises, simply because its presence is immediately obvious (giant complex of buildings in a central location) to anybody who lives here. The same is true for my local supermarkets. The ads never say where they are --- I know where they are because I drove around the area when we were looking for a house. Also, all of the speciality food shops I go to I learned about from word of mouth --- they never advertise.

A phonebook is marketing. Especially the yellow pages, even without the half-page ads. Even getting listed AT ALL in the yellow pages costs a bit of money, because it is marketing. Being listed in the white pages is not marketing, because someone would already have to know who you are to find you. But to be listed by category in the yellow pages is marketing, and is sold as such.
I think you've got a looser definition of marketing than I do. I see a phonebook as informational rather than promotional. You can choose to see marketing as encompassing both, in which case I'd say that I've got no problem with purely informational marketing. However, most of the marketing these days is not informational, rather promotional. Back to the supermarket example --- most supermarkets these days are chains, so their ads never tell you their location. They just try to get you to go to your local store. Or take ads for stuff like razor blades or shampoo. I can't believe that anybody needs an advertisement to be made aware of the fact that razor blades and shampoo exist. If they are at their local drug-store (which again, is a chain, so its advertisements don't tell you where it is), they'll see shampoo and razor blades in the aisles. So overall, promotional marketing has no value to the consumer, only to the seller.

Re:This is a BOND, not a payment

[johnnyb]

"I can't believe that anybody needs an advertisement to be made aware of the fact that razor blades and shampoo exist."

They may need an advertisement to know (a) that this brand is carried by this store, so if you want that brand you have to go to that store, (b) which store has it at what prices, and (c) the benefits of their brand over others.

I don't believe that the clear demarcation between "promotional" and "informational" actually exists. All "promotional" information is also "informational". Even if you already know it, it reminds you. I wouldn't know how fun Branson, MO is except that I heard about it on the radio. I think you might be taking exception to the selective display of information, but truthfully all displays of information are selective. I would agree that deceptive displays of information are bad, but I don't think that there actually exists a real gap between "promotional" and "informational".

This should encourage everyone to move to Gmail!

[mike_diack]

Looks like they've just pointed a double barrelled gun at their feet. If they were trying to avoid wholesale migration away to either:
- Google's Gmail OR
- Novell's MyRealEmail....

Then this is a f***ing dozey way to do it!

Hotmail Filters? -- what filters?

[dspacemonkey]

So you pay Microsoft and you by-pass Hotmail's spam filters?

From what I hear from friends with Hotmail accounts, paying for that priviledge is definitely not necessary.

Re:Hotmail Filters? -- what filters?

[The12thRonin]

You'll have to get pretty creative then. You only get 10 filters.

Re:Hotmail Filters? -- what filters?

[Chaswell]

Actually my hotmail account gets very little spam that is not directly from MSN or an MSN partner. The rest ends up in the junk box. I have been pretty impressed with their filter. I have only had 1 false positive email get tossed in the junk.

That is my biggest pet peeve with junk filters, having to still read all the junk headers to double check for false positives, I still read 100s of subject and sender lines a day...bleck. Well, not on my personal email address, but on my two public addresses it is a real pain.

Try the new NinnleMail!

The good people at ninnle.org will never sell their subscriber lists to anybody!

You know,

[mcc]

I was *just* recently sitting here and wondering if there was anything Microsoft could have done to squander the product, userbase and public goodwill MS inherited when they bought Hotmail that they haven't done already.

I couldn't think of anything

I guess I'm just not as imaginative as MS.

I'll bet the GMail team is doing a little dance of joy at reading this /. article right now..

Re:You know,

[noelmarkham]

Gotta love the parent sig.

Will X.400 ever die?

[thogard]

Ok, so now someone else wants to be the trust authority which was a major issue with the X.400 nonense. This one wants to charge everyone that has a domain $375 for an application fee and then $500/yr for less than 1/2 million messages a year.

FREE VA.LIUM X-A-N-A-X no P R E S C R I P T I O N

[RucasRiot]

I cert.ainl.y H-O-P-E th4t it d0es a G o o d job

Free-market economics holds the big stick

[arashiakari]

In a way, since Microsoft runs these mailservers, the spammers will be paying for the server bandwidth consumption their spam blasts are incurring. This is no more pleasant a thing, but not different than people filling up your mailbox with junk flyers and coupons. Where you're going to see people making trouble is at the borders of Microsoft's network in terms of SMTP relays. Those people are going to be processing this for-profit spam traffic and getting nothing out of it.

Re:Free-market economics holds the big stick

[makomk]

What about the bandwidth consumption between the eyes and brain of the spammed? That's much more of a problem, surely?

Right in time for gmail's launch

[dafoomie]

Giving their users another reason to switch to Gmail.

Though, trying to drive away as many users as possible has worked for them in the past.

It's hard to blame them, isn't it?

[mercan01]

If it weren't Microsoft, but a "respected" ISP that did this, would we blame them for it?

I suppose we all realize that spam isn't going to go away, and that it's costing ISP's quite a bit of money in bandwidth.

I'm not condoning Microsoft's move, but it does seem like good business sense to me.

Re:It's hard to blame them, isn't it?

[Nasarius]

If it weren't Microsoft, but a "respected" ISP that did this, would we blame them for it?

Yes. Supporting spam = bad. I don't care who you are.

Re:It's hard to blame them, isn't it?

[Kazymyr]

Of course we would - at least I would. Spam is intolerable no matter where it comes from.

So now instead of 1 email each from 20 different spammers, hotmail users will get 20 emails from 1 spammer, and not be able to do anything about it. And it's no longer a 'maybe' but a guarantee.

[Monty Burns] Eeeeexcellent! [/Monty Burns]

Hotmail is a spamtrap....

[escallywag]

I only use hotmail accounts as spambait anyway... so who cares...

why using hotmail?

[Frederic54]

I had an hotmail address years ago, back in the day before MS buy the domain... I never really used it... and I still don't know why people need an hotmail address? passport thing? you can live without it and without MSNM you know...
/. should make a poll to know who has and who hasn't an hotmail address, and in comments we would know why people who has one, well... has one.

Re:why using hotmail?

[dspacemonkey]

You don't even need a hotmail account to use MSNM, you can use any email account you want. Admittedly, any account you do use will immediately receive offers of V I A G R A from Microsoft's "business partners".

Re:why using hotmail?

[AndroidCat]

It's handy to use for Usenet posting, a web site contact address or one-shot subscription signups. People can get in touch, and if I want to, I can shift communication over to a real mailbox. And every four years when the account gets joe-jobbed by a spammer or nut cult, I just open the next account in sequence. (I'd better update my /. journal.)

Re:why using hotmail?

[liquidsin]

I have a hotmail account that I've had for about three years now. The *only* reason I have it is because a great majority of my friends use MSN (since their friends use it...since their friends use it...). I use Trillian to connect, and I don't think I've ever actually checked the account for email. I wanted good email, so I purchased a domain and a hosting account and I take care of it all myself (as I'm sure many /.ers do).

Re:why using hotmail?

You don't need a hotmail account to use MSN messenger. You can use your own e-mail address:
LINK

Re:why using hotmail?

[xmorg]

dont you only get like 2 megs here? I have NEVER had a hotmail address and dont plan on getting one. The internet has worked perfectly fine without one.

Re:why using hotmail?

[SkankhodBeeblebrox]

I specifically have a hotmail account to GET spam...

Anything on the web that requires an email address, I use hotmail... I only check it when I have a site I signed up for and need the activation link, or whatever...

Re:why using hotmail?

[pisco_sour]

I actually have two. But I have a perfectly valid excuse for that.

Here in Lima, Peru, you're pretty much stuck with it. Pretty much every beginner getting an e-mail address gets the tip from another newbie, "hey, get hotmail", and it's not because of the e-mail address itself or anything, but because of MSN Messenger. IM network usage is definitely a geographic phenomenon: Lima just happens to be an MSN Messenger city.

Which sucks, since a few years ago we were an ICQ city, and for a while we were becoming a Yahoo city. But MSN caught on and beat everyone out of it - most probably because, well, it's bundled with th OS, so it's like a no-brainer for most people. So, in any case, it's used for all kinds of communication, social, business, work, academic, people use it for everything, and if you wanna get "in the loop" and in contact with someone, you're pretty much socially forced to use it.

And of course, it has a very crappy 150 contact limit for your contact list. So when I maxed out, I had to sign myself up for another address so I could keep adding new contacts.

So, yeah, I use Hotmail, and why? Pretty much because society bends my arm to do it. Passport sucks, I use it for nothing. All my searches are Google, not MSN. In fact, I hate that horrible blue-purple MSN homepage. But if I don't wanna be a total social outcast and live under a rock around here, I've got to use that weird green-pawn thingy with the fucking butterfly, whatever it may really be.

Re:why using hotmail?

[16K+Ram+Pack]

I used to use mine as a way of receiving mails anywhere. The sort of time is when someone sends me something and I'm not at home.

Very rare nowadays.

Re:why using hotmail?

[igny]

For this purpose you DO need a hotmail account. It wont matter whether or not it get lots of spam, if you don't use the hotmail account for purposes other than signing into MSNM.

Re:why using hotmail?

[s4m7]

and I still don't know why people need an hotmail address?

Ehh, where else am I going to go for a mailbox just to collect spam from all the "email required for free reg." sites I've visited? Seriously, collecting spam is the only thing I've ever used my hotmail address for, and frankly, the service is perfect for it. I use my hotmail address for almost all my dealings on the web with sites I don't fully trust. and I get almost no spam in my work account, or my home host account.

Re:why using hotmail?

[tulimulta]

For one-shot subscription signups you're way better off using mailinator anyway.

Re:why using hotmail?

No, you don't need a hotmail account. You need a passport account, which can be tied to any email address.

Re:why using hotmail?

[dspacemonkey]

Correct, my anonymous friend.

Register your current address, reply to the email you're sent and voila - you have a .net passport you can use for messenger.

One sign-in, works everywhere - Well, they tried.

Re:why using hotmail?

[Steve_Hines]

Not only to I keep a hotmail account just for the purpose of getting SPAM when I have to sign up for accounts, I also keep one for Relatives who just got the Internet and think its cool to send out all of those Lame forwards that arent funny or interesting in anyway. I can check it once a month and look for real Mail amoungst the "FWF FWD RE FWD YOU GOTTA SEE THIS DOG" emails that would be filling my box.

Re:why using hotmail?

I had an hotmail address years ago, back in the day before MS buy the domain... I never really used it... and I still don't know why people..

Free addresses such as Hotmail, Yahoo, etc. are great for when you need to sign up to get some software or information, but don't want to give out your real email address (or real name, etc). It is also great for things such as Usenet.

you can live without it and without MSNM you know...

You can also live without using the Internet. What the hell is your point?

Little Guy

[millahtime]

So, Once again they get the little guy. What about that small nonprofit running their own mail server. Or that small business running their own mail server. They have to pay the same as the big business.

Large companies can afford to drop a payment on this but the small business/non-profit sure can't.

Re:Little Guy

[The+Fanta+Menace]

Small businesses shouldn't be spamming people anyway, so it's a moot point.

Re:Little Guy

[Arker]

Actually they offer a pricing scale where nonprofits pay only an application fee and a bond, and for profits have three schedules depending on how much they send.

Yet another brilliant oxymoron from MS

WASHINGTON, May 5 (Reuters) - Microsoft Corp. (MSFT) said on Wednesday it has adopted an e-mail "whitelist" program by IronPort Systems Inc. that will allow legitimate marketers to thread the gauntlet of spam filters protecting its inboxes.

From the company that brought you "Microsoft Works" now comes the new oxymoron, "legitimate marketers".

FogHorn LongHorn Plug

[webzombie]

One can only imagine what is being built into LongHorn to ensure this kind of business model continues.

So, everyone just blocks MSN and HotMail period! So long "marketeers" and their funny little noses and tails.

So does yahoo...

Yahoo Mail has been doing this for years with companies like Buy.com.

The message they're sending is spam is fine as long as there's something in it for us. What do they care if they're servers are hosed and you frequently can't retrieve even legitimate mail?

following Yahoo's footsteps

[Lumpy]

Yahoo has been doing this for a LONG time.

they have their "spam" filtering yet there are types of spam that will not go away as they have "special" spam from their "partners" that will NEVER EVER hit their filtering rules for spam.

I am betting that ALL free email sites will do this within this year.

Re:following Yahoo's footsteps

[ecklesweb]

I use a Yahoo! account as my daily email account, and I haven't gotten a Yahoo! partner email is three years. Come to think of it, it's been maybe as long since I got an email from Yahoo! itself.

RTFM. Go into preferences and change your contact prefs. I want to say about a year ago Yahoo! went and reset everyone's marketing preferences, so you have to go in and manually set it back.

They also had a program at one time (don't know if they still do) where if you agreed to receive some of those emails, you got a bigger inbox and some extra features for free. Might want to check if you signed up for that.

Re:following Yahoo's footsteps

I RTFM'd and I still get spam that will not go to the "spam" filters. it stays in the inbox, so I have to tell it to delete it.

and YES I check my settings every few months to make sure they are not doing the hankey panky they are good at by resetting prefs.

I dont know why you dont see them, or you are not noticing them/or not using the spamfiltering.

but I have the same prob's as lumpy here... some emails WILL NOT GO AWAY when you click on them saying they are spam.

this is why pop3 mail is better I can filter with MY controls.

Re:following Yahoo's footsteps

[ElliotLee]

I am betting that ALL free email sites will do this within this year.

Including Google Gmail?

In Denmark it is illegal to send spam!

[Saggi]

In Denmark the marketing rules forbid people to send uninvited marketing material. Unless you specifically accept to receive it - it will be illegal (and punishable by court) to send it. This law is not only to electronic e-mails but goes to all kinds of marketing. You are not allowed to call by phone to someone in order to sell them something (unless the user has registered his phone number somewhere and accepted to receive a phone call).

So unless you check the checkbox somewhere in your hotmail registration, you will be able to sue MS - in Denmark at least...

Re:In Denmark it is illegal to send spam!

[PhilippeT]

Hot Damn thats it im moving to Denmark... chances are it's warmer then here in Canada.

Re:In Denmark it is illegal to send spam!

[condensate]

I think this is illegal in most european countries. The european council adheres to the opt-in principle, which basically means that you have to agree to marketing mails before it is legally sent to you.

AFAIK in the U.S. the opposite, namely the opt-out principle is in use, where, after having received unsolicited marketing stuff, you have to inform the sender that you don't want it. Rather inviting...

Re:In Denmark it is illegal to send spam!

[NonSequor]

They may weasel out by saying that you agreed to accept spam from their partners by accepting the terms of service.

Re:In Denmark it is illegal to send spam!

[srmalloy]

In Denmark the marketing rules forbid people to send uninvited marketing material. Unless you specifically accept to receive it - it will be illegal (and punishable by court) to send it. ... So unless you check the checkbox somewhere in your hotmail registration, you will be able to sue MS - in Denmark at least...

Except for that paragraph waaaay down at the bottom of the "user agreement" that you just clicked past when you signed up for your Hotmail account, where it says something like "Microsoft reserves the right to send you advertisements from various business partners and other organizations. By accepting this User Agreement, you are consenting in advance to receiving these advertisements." You use someone else's free service, you play by their rules.

Re:In Denmark it is illegal to send spam!

This kind of rules are illegal in Denmark and most other European countries.

When you are buying a product for company, or using a service, you MUST be able to choose "I don't want any SPAM from you" checkbox.

Re:In Denmark it is illegal to send spam!

[gcaseye6677]

It would be nice if they were this honest about it. Then one of their rivals can offer 'no spam' email accounts. People would choose their email provider based on spam policies, among other things. Sometimes the free market really is a very useful thing.

Re:In Denmark it is illegal to send spam!

[WormholeFiend]

but is that law enforced?

Re:In Denmark it is illegal to send spam!

[PsiPsiStar]

In a place where drugs and prostitution can be gotten legally, most of the best reasons to spam are eliminated.

Re:In Denmark it is illegal to send spam!

[Saggi]

Yes, there have been a few cases.

Flowers vs Weeds

[phelix_da_kat]

In my garden, a definition of a weed is anything that is not meant to be there (ie even a rose is weed it was not planned).

Hence, to my inbox, even a legitimate marketer is a spammer if I do not want any unsolicited mail.

I use my "not junk"/safe list to allow mailing lists through.

Microsoft's next step ...

[arhar]

... hundreds of thousands of Hotmail users complain about getting too much spam. Then Microsoft introduces cool new feature - switch to pay-version of Hotmail and stop getting spam! Of course, once you switch, you'll still be getting spam, but Bill Gates will swear, foaming at the mouth, that the only spam pay users get is the one that somehow gets through the filter, and is illegal.. What can I say, Bill Gates is a genius.

Is it me...

[Schmurgs]

or is everyone completely against MS making any money whatsoever? The Bonded Sender program looks like it will actually be really useful for 90% of Hotmail users, the ones who use it for their normal e-mail address, rather than the ones who just use it for MSN access. I've used Hotmail for the past 5 years, and have only ever had problems with spam from companies that really have nothing to offer, or cba with writing decent adverts. I think MS, if it has any sense (there goes my argument), will start refusing access to those kind of companies, and the spam that is actually put through will be of a higher quality and maybe even relevant (in a GMail kinda way?) Then again, I might be completely wrong.

Re:Is it me...

[BenjyD]

So you're happy to not only have adverts around your emails on the Hotmail web page and pasted at the end of every one of your emails, you are also *happy* to have adverts mixed in with your email? Man, marketing companies must dream about people like that.

Re:Is it me...

[Schmurgs]

Yes, I'm very happy to have all the adverts. If it keeps my e-mail free and easy to use, and I'm not forced to do anything at all (like click any adverts), why not let them do what they like?

Then again, I'll be getting my own website with my own mail server soon, so then everything I've just said will become entirely obsolete. Like everything in life. Ah well.

Blocklists

[bobthemuse]

How long until some tech leaks a copy of this whitelist... hello blocklist!

If only they would share the proceeds

[G4from128k]

I'd accept all the spam in the world if they paid me 15 cents per message. That would make spam much cheaper than bulk mail and would weed out marketers who aren't serious.

If a company is going to sell my resources (time spent downloading/reading/procesing email) they had better share the revenues with me.

Re:If only they would share the proceeds

[retards]

So what if it would weed out only non-serious marketers? You're implying there is 'legit' spam out there, that there actually should be a market for this shit.

People here should know that putting a pricetag on something doesn't make everything kosher.

Bulk mail without opt-in should be criminalized regardless if the envelope is paper, SMTP or whatever. Bulk mail is just another form of 'I have money, I can send propaganda to anybody, you cannot stop me, muahahaha!".

Rant over.

Re:If only they would share the proceeds

[mikeboone]

I handle bulk emailings to people who signed up at my client's website. They are a legitimate business and unsubscribe those who reply or use the web form. But you invariably get spam bounces and other errors (here are some numbers).

I was amused to find in the bounce mailbox one day an auto-reply from a person who offered to read our message if we'd deposit $5 into his account via Paypal. I don't remember the website, but I wonder if anyone has ever paid $5 to have their email delivered.

Some real companies might be willing to pay $0.05 to $0.15 if it really meant their message was being read. Our small business probably couldn't afford it though. And I'd hate to see the whole email system become pay-per-view.

Re:If only they would share the proceeds

[fname]

Are you serious? Id like to know just when the U.S. Constitution amended the constitution to make speech illegal. No more writing letters or sending email without someone's permission I guess. Oh, but we won't enforce this law uniformly of course; we'll only go after the bad guys. Y'know, people sending porn and blood-sucking lawyers, and maybe guys who are former pedophiles, and that guy who shouted at the president last week, and Joe from down the street, because maybe then I'll be able to sleep in Saturday morning without hearing someone mowing their lawn.

I'd rather live with SPAM and bulk email than live with state-sponsored censorship. What's that quote about freedom and security? Change it to freedom and "avoiding inconvenience" and that's where your idea fits in.

Re:If only they would share the proceeds

[Boricle]

This actually happens. There is a service called "pureprofile" in Australia - you join, fill in a marketers wet dream of profiling information and you occaisionally are emailed from pure profile to go and view ads - if you view the ad, you accumulate money - you can then use that money redeemed as a cheque, to get a discount voucher for fuel purchases, donate it to a charity (and get a receipt for a tax deduction) etc.

The idea is that a trusted organisation - in this case pureprofile acts as ago between between the advertisers and the public. I think I have about $30 in my account at the moment. I don't get ads all that often though, so thats after a year or two.

Re:If only they would share the proceeds

[Mekkis]

*sigh*
Don't you just LOOOOOOVE how spammers try to make their business sound legit?
"I handle bulk emailings to people who signed up at my client's website." Too bad most of the people who "signed up" didn't know they were signing up by just visiting the site. This sounds suspiciously like N-Case Software's claims that by visiting particular sites - even via pop-up - you're automatically accepting terms for installation of their "interstitial ad delivery" adware. Spammers and adware whores love to hand you the "user gave me consent" line to dodge responsibility.
Just what I need. More @&$#ing spam gumming up the works and eating into the time I spend working. Let me get this through your thick skull, Spam-Boy: spam & 'interstitial' adverts are not legitimate nor acceptable means of advertisement.
In fact, in my humble opinion, SPAMMERS AND ADWARE WHORES DESERVE CASTRATION à la MELON BALLER!

Re:If only they would share the proceeds

[retards]

Are you serious? Id like to know just when the U.S. Constitution amended the constitution to make speech illegal.

I don't think I have the right to come into your house and speak my mind guaranteed by the constitution of the United States. This is about sending people stuff they didn't ask for because it's cheap for the sender, but (maybe) not for the receiver. If I was a billionare, maybe I would get kicks out of sending you 10 000 lbs of rocks and dumping them on your lawn, each day. Would you consider that freedom of expression?

I'd rather live with SPAM and bulk email than live with state-sponsored censorship.

I don't see how changing the default answer to the question of "do you want bulk mail" from "yes" to "no" for everybody infringes either freedom or security. I said "no bulk mail with out opt-in", not "you should never get bulk mail no matter what".

No it doesn't.

[Anne_Nonymous]

>> calling them 'marketers' sounds so much more legitimate

All marketers are evil, whether they use spam or not.

Re:No it doesn't.

Maybe so, but some of them are still bloody geniuses. Like, say, Roy H. Williams. Check out what he has to say.

How will they dress this one up?

Whitelists simply ALLOW more email through. They can dress this up with as many terms like "legitimate marketers" but it does not change the fact that they are basically allowing companies to spam their users (for a fee). In the end you are guaranteed to have more spam.

I can't wait to here the marketing spin they put on this one.

Just business as usual

[DMNT]

It's all about business. MS thinks it can make easy money from companies that are willing to pay to ensure their mail flow there. Spammers who don't think they can earn $20k by spamming hotmail accounts won't bother. IMO MS has right to do whatever it wants with it's mail system.

I could sell spoiled herrings if I like. If someone is willing to pay me for those, it's not of anybody else's business, as far as we are not breaking the law.

I guess this is part of MS's "pay for sending mail" program of which Bill Gates spoke months ago. Permanent fix for spam problem? No, but it's an MS solution, so we don't expect it to work.

Re:Just business as usual

[plastic.person]

Pay for each email will actually work, to some degree. Spammers (sorry, "marketers") would use highly targetted lists, spamming only 1 million rather than shotgun approaches spamming 30 million. Hopefully the signal to noise ratio would then be about as high as it is for postal mail is now, which is more managable. I get so much spam that I don't even read email on several accounts anymore.

Re:Just business as usual

[goatan]

I could sell spoiled herrings if I like. If someone is willing to pay me for those, it's not of anybody else's business, as far as we are not breaking the law. Actually all fod shouled be labelled up with a use by or similer date and can't be sold after this time or even given away free (you could give them away as a private individual but not sell them)

Selling Data

[BlackHawk-666]

So does that make them "trusted partners" now, and does that therefore allow them access to your personal data in at least an aggregated form? I'm not and never will be a hotmail user, so I don't know the contents of their license agreement with the users, but I'm not beyond suspecting that MS will soon be selling your data to these spammers so they can target you even better.

MSN does not sell, rent or lease its customer lists to third parties. MSN may, from time to time, contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases, your personal information (e-mail, name, address, telephone number) is not transferred to the third party. We occasionally hire other companies to provide limited services on our behalf, such as handling the processing and delivery of mailings, providing customer support, processing transactions, or performing statistical analysis of our services. We will only provide those companies the personal information they need to deliver the service. They are required to maintain the confidentiality of your information and are prohibited from using that information for any other purpose.

Yup, I guess it does give them the right to do that.

So THAT's why Longhorn will require WiFi!

[VernonNemitz]

When I first read that tidbit yesterday, I assumed it was so Microsoft could snoop on all future Windows machines. Now in ADDITION to that potential, they can beam you uninterruptible spam!

So, is there any chance that if those features are advertised widely, fewer people will buy Longhorn?

Re:So THAT's why Longhorn will require WiFi!

[WormholeFiend]

funny, yes, but I wonder...

suppose Microsoft really had a wide-open backdoor in EACH & EVERY Windows-based computer in the world, and stored everyone's activity logs someplace, and analysed and crunched the data for whatever purpose.

how much storage space would that require? how many computer cycles would be needed per minute?

even the NSA doesnt store everything that goes through their servers, just the data that is somehow flagged as important...

Re:So THAT's why Longhorn will require WiFi!

[VernonNemitz]

Not a problem. First, Microsoft has $40Billion to play with, and fortunes that large tend to grow from sheer accumulation of interest, if nothing else. Second, costs of storage and computer cycles is constantly dropping. Third, Longhorn isn't due for a while yet, so those first two factors will only be enhanced. Fourth, it is not UNTIL Longhorn (assuming it will indeed require WiFi hardware) that Microsoft would have a true wide-open back door into every computer running it. Currently, you have to choose to connect to the Net (and you can always unplug the connection when you want). With Longhorn, you are practically guaranteed to be connected, whenever your computer is on. So, if Microsoft sees you firing up some non-MS software (OpenOffice, for example), they could remotely crash your machine. And no matter how many hardware inspections or OpenOffice software patches you add in hopes of preventing it, if you are connected, you are still vulnerable -- and Microsoft can continue to claim that their OS is working "properly"! (so the problem must be inside OpenOffice; why not use "reliable" MS Office instead?). Note very carefully Law #2 on this list created by Microsoft. Then remember that MS is a CONVICTED monopolist, and therefore meets the definition of "bad guy". Oh, and Fifth of these points, it has been claimed that MS and the NSA have done covert work together before, so if Microsoft provides as public a back door into Longhorn as a requirement-of-WiFi indicates, then you can bet the NSA will be right there, using it too.

Go GMail!

[shachart]

This is yet another thing Google will never attempt to do to us.

If you can't beat em...

[seanvaandering]

Join em. 'nuff said.

Sigh.

[The+Fanta+Menace]

I fail to understand why anyone even bothers with hotmail anymore. There's nothing less professional looking than putting a free-email address on your business card or website.

Re:Sigh.

[Loki77]

People actually use hotmail addresses professionally? I always assumed it was more of a personal email type thing.

Re:Sigh.

[mopslik]

There's nothing less professional looking than putting a free-email address on your business card or website.

Sure, but since when did teenagers, grandma, casual pals, etc. care that much about looking "professional" when they can have a free personal email account?

Business users are a minority. The bulk of Hotmail addresses are used for personal accounts, or for spamming.

Re:Sigh.

[The+Fanta+Menace]

Even so ... they should just get an ISP. Geez, it's not like dialup is expensive.

Re:Sigh.

[ratboy666]

As I have mentioned before, I use a hotmail account. Any spam uses MSN bandwidth, and not my bandwidth. I set the automatic spam filter to DELETE.

If you and I establish a relationship, you get my real email. And, yes, I do have my own domain(s). Indeed, you could probably guess my real email.

I do this to keep my spam bandwidth low. I have tried blacklisting, whitelisting, RBLs, but they don't work. Hotmail takes care of most of the spam problem, and not on my dime. My ISP doesn't like servers, but turns a blind eye to low volume users (which I try to be).

And now, an UNPUBLISHED email address on my domain is being spammed. I believe that the address was in someones address book, and got scraped. After a single week, spam to email ratio has hit 9:1 (and getting worse).

I could disable the email, but will get hits for a long time anyway... maybe I'll just disable the damn domain for a few months...

People are welcome to information from my site. On average, 300MB of month of programming manuals and documentation served. But the fucking spammers. Spoil it for everyone.

So, I consider it very professional (and you can always send email to my domain using the common addresses for administration -- interesting that those DON'T get spammed!)

Ratboy

Re:Sigh.

[mopslik]

What's cheap for you isn't always cheap for others. Around here, dial-up may be only $15/mo (easy enough for me), but for the average teenager, $180/yr can be kind of steep. Easier to simply access a free Hotmail account at a school lab or something, I imagine. It's these people that would end up with the brunt of "marketer messages" with MS's new whitelist scheme.

Re:Sigh.

[cyberformer]

Many people change ISPs often. For example, they move from dial-up to broadband. A hotmail (or Yahoo, and soon GMail) account is more portable, and it's also easier if people want to access their personal mail at work or from a Web kiosk.

Hotmail is in many ways inferior to other free Web-based email services, but it does have one important plus: Integration with Outlook and Outlook Express, which (if you're an Outlook user with a fast connection) makes it just as convenient as IMAP.

Second side to this coin...

[Allen+Zadr]

O.K. - I'm not an MS zealot (quite the opposite), however - IronPort is not a Microsoft company. So, actually, Microsoft is paying for something that they feel has value.

Since a vast majority of SPAM that I get are from throw-away domains, I see some value in this as well. It would, for instance, be nice if I didn't have to comb through my JUNK box looking for missing Emails from one of the many product specific Mail lists that I'm a member of.

However, Mail lists are usually on independant and under-funded sites, so it's unlikely that they'd be able to afford to become IronPort certified anyway.

SourceForge would be a good start though.

Re:Second side to this coin...

[TCaptain]

That's all well and good, only it all depends on how they do it.

The article didn't go into details unfortunately.

If, like other spam, anything not on my list goes into my junk-mail folder, then its business as usual for me...a necessary evil to maintain an address I've had since the pre-microsoft hotmail.

However...

IF this spam is treated like their "announcements" and goes straight to my inbox no matter what my filter settings are...then that really sucks and I would finally give up that old address.

Re:Second side to this coin...

[Allen+Zadr]

If you are interested in how it really works (and how you can take advantage of the same whitelist), go here:
IronPort's receiver service page.

If you are interested in the rules that bonded senders have to ablige to:
IronPort's sender standards page.

Re:Second side to this coin...

[goatan]

If you are interested in how it really works (and how you can take advantage of the same whitelist), go here: IronPort's receiver service page.

can i use this "whitelist" as a "blacklist" it seems a handy thing to have a list of self confessed spammers

Re:Second side to this coin...

[andalay]

It would, for instance, be nice if I didn't have to comb through my JUNK box looking for missing Emails from one of the many product specific Mail lists that I'm a member of.

What kind of retarded mail filter are you using? If youre using Evolution, put the SPAM filter as the last one in the chain and put all your mailing list filters before.

Damn!

Re:Second side to this coin...

[petecarlson]

can i use this "whitelist" as a "blacklist" it seems a handy thing to have a list of self confessed spammers

header RCVD_IN_BONDEDSENDER eval:check_rbl('relay', 'sa.bondedsender.org.')
describe RCVD_IN_BONDEDSENDER Received via a whitelisted Bonded Sender address
score RCVD_IN_BONDEDSENDER +100.000

should work for SpamAssassin 2.2x/2.3x

The +100.000 should ensure they get marked as spam.

Re:Second side to this coin...

[Allen+Zadr]

Only because you asked, Mozilla. It's not retarded, in fact it's quite quick about it. It's just not always entirely smart about sorting these things, the longer I use it, the better it gets though.

Re:Second side to this coin...

[Allen+Zadr]

Congratulations, you've just blocked a whole slew of reputable businesses, including Microsoft, Harvard University and ZD Net. Nobody in your office was expecting an online version of PC Magazine, right?

I hope that's really what you wanted.

Re:Second side to this coin...

[petecarlson]

No, someone asked if they could block a whole slew of reputable businesses and I told them how one would go about doing it. I have no intention of implementing that on my mail server.

Re:Second side to this coin...

[Bishop923]

If any one of those were reputable businesses you may have a point...

Re:Second side to this coin...

"Nobody in your office was expecting an online version of PC Magazine, right"

god, I HOPE they wouldn't!

does the spam get killed?

[IchBinEinPenguin]

otherwise, $20K for a once-off spamming of the hotmail userbase might make this worthwhile.

personal experience

[astanley218]

My company was informed of this bonded sender program by MSN/Hotmail support 2 months ago. At the time they claimed the Bonded Sender program was a third-party service with no affiliation to MSN/Hotmail or Microsoft. At the same time, they also claimed that even if you DO subscribe to the bonded sender program MSN/Hotmail will give no guarantee that your emails will be delivered!

Re:personal experience

[netfall]

well that's interesting. It really makes the service sound like it's run by the mafia. Or that the service is completely useless!

Do any journalists know how to use english?

[hiroko]

mixed metaphors...
allow legitimate marketers to thread the gauntlet of spam filters

• run the gauntlet
• thread the needle

choose one.
D.

Re:Do any journalists know how to use english?

That's

run the gantlet.
Gauntlets are pieces of armor for the hands. See here and here.

Re:Do any journalists know how to use english?

[NarrMaster]

Dude, you taught me something today. Gantlet can mean glove or punishment, but gauntlet is just the glove. That's completely +1 interesting. Alas:
1. I don't have mod points
2. You are an AC

Re:Do any journalists know how to use english?

[LtOcelot]

Out of date.

Re:Do any journalists know how to use english?

[Some+Bitch]

Gantlet is an accepted altervative spelling of gauntlet (the glove) and gauntlet is an accepted alternative spelling of gantlet (the ordeal).

The original post was too pedantic and ended up being plain wrong.

Re: Do any journalists know how to use english?

Here's the etymology of gauntlet.

Word History: The spelling gauntlet is acceptable for both gauntlet meaning "glove" or "challenge" and gauntlet meaning "a form of punishment in which lines of men beat a person forced to run between them" but this has not always been the case. The story of the gauntlet used in to throw down the gauntlet is linguistically unexciting: it comes from the Old French word gantelet, a diminutive of gant, "glove." From the time of its appearance in Middle English (in a work composed in 1449), the word has been spelled with an au as well as an a, still a possible spelling. But the gauntlet used in to run the gauntlet is an alteration of the earlier English form gantlope, which came from the Swedish word gatlopp, a compound of gata, "lane," and lopp, "course." The earliest recorded form of the English word, found in 1646, is gantelope, showing that alteration of the Swedish word had already occurred. The English word was then influenced by the spelling of the word gauntlet, "glove," and in 1676 we find the first recorded instance of the spelling gauntlet for this word, although gantelope is found as late as 1836. From then on spellings with au and a are both found, but the au seems to have won out.

Re:Do any journalists know how to use english?

While we're at it, there is something that has been annoying me which I would like to get off my chest. For some unexplained reason, I am seeing a lot of postings using the word "persue". This word does not exist.

It's "PURSUE"!!!!!

Re:Do any journalists know how to use english?

He could have meant tread the gauntlet as well.

Re:Do any journalists know how to use english?

Thank you for your posting persueant to this matter.

Re:Do any journalists know how to use english?

Probably derived from "It is easier for a blind proofreader to to thread the gauntlet through the eye of a camel than for a sloppy journalist to get his/her/its linguistic device correct"

Re:Do any journalists know how to use english?

<sarcasm> As much as I admire and respect BrainyDictionary.com </sarcasm>, the Oxford English Dictionary on my desk says that "gantlet" and "gauntlet" are spelling variations of the same word.

My whitelist is for free :-)

[Advocadus+Diaboli]

Snippet from my .procmailrc:

# Implement a simple whitelist
# Everything in the whitelist is send in the default mail spool

:0
* ? formail -x"From:" | egrep -is -f $PMDIR/whitelist
{
:0c
* ? test -f $HOME/.vacation.msg
| vacation myuserid

:0
$DEFAULT

}

So whatever the spammers pay to Microsoft, they won't make it up to my whitelist. And because of that they won't even get an answer by my vacation reply when I'm out of the office. :-)

Somehow this puts me in mind of a proverb

[JosKarith]

I'm thinking about the one involving putting the fox to guard the chickens.
Seriously, I hope this convinces people to not use Hotmail etc - now with guaranteed spam...

Block that kick....err email.

[FaasNat]

I guess I'll have to put that "Block" button to more use now.

Monopoly on Spam?

[Phidoux]

So now MS will have the monopoly on Spam too?

Make them pay $20!

According to the fees page at bondedsender.com, $20 is taken out of the bond for each complaint received over some very small minimum. Sending a complaint for each bondedsender mail will cost the spammer $20! Haha! Now if only I could see some of that money.

thanks microsoft

when you have semi-legitimate unsolicited email "marketers" tossing that much money around hopefully some information about the company will leak out and we can use that information for blacklists and baseball bats.

not a terrible idea - not a great one either

[netfall]

As has already been pointed out, this is a bonding service - not a straight for profit medium for Microsoft.
My biggest questions is When a company breaks the rules, where does the bonded money go??
My other problem is that this in an opt-out service. I would prefer to see an opt-in only service, but that would pretty much invalidate the idea of a global whitelist, wouldn't it.
I just hope that microsoft doesn't think this is the end all answer to spam filtering. Bill Gates stated in the Washington Post back in November that MS would eliminate spam within I think the next 2 or 5 years (something like that). This certainly is NOT the answer.

This is low, even for M$...

[KC7GR]

And just when I thought they couldn't sink much lower.

I will say this much. The advertisers should be paying the END USERS if they want to get people to read their drenn. They're the ones who are getting their mailbox stuffed anyway.

Good luck getting bonded... I tried!

I am an engineer in charge of a large email system. We send millions of emails per week to our members. I have contacts in the top 10 ISP's and we're on no RBL's of consequence (the big 10 RBL's are clean, we are not concerned about the RBL run by sn0rky in his dorm room). Rarely do we have a delivery problem, however we did decide to get Bonded since it looks like a good program for responsible mailers.

The BondedSender process looked us over and saw that we had, *gasp*, 50 complaints with a volume of 20 million messages sent. One complaint per million is their threshold for acceptance into the program! This is unreasonable. People complain about messages from their own damn family in my experience. The geeks here wont understand because they are literate of the issues surrounding the politics of email... but your average citizen is going to flip out and start whacking the "report as spam" button for anything they don't want to receive: their buddy sending them a dirty joke they don't want, an alert from their bank about their account being low, mailings from their girlfriend breaking up with them, etc.

This is absolutely true. I've heard the horror stories from my contacts at the aforementioned top 10 ISP's. The number of complaints they get about private emailings to and from their own contact lists rivals the number of messages that are actually spam.

I have an associate that works at large-bank-corp and they get about 1 per 10,000 complaints for their goddamn credit card statements!

BondedSender will be short lived unless they relax their restrictions. Any spammer sending pr0n and v|agra mailings is going to not be interested in this deal simply because of the costs and hassle of getting bonded. It's cheaper for Ma Bulker to just switch ISP's every two weeks or scam open relays.

Anyway... that's my say... Good luck if you try getting Bonded.

Re:Good luck getting bonded... I tried!

[JaredOfEuropa]

We send millions of emails per week to our members.

To each member?! *cackles*

The BondedSender process looked us over and saw that we had, *gasp*, 50 complaints with a volume of 20 million messages sent.

It does sound unreasonable. How about you inform your customers on Hotmail? Just tell them 'you may not get our mailings because your provider sucks'. As a customer (not a paying one, but still...) I'd hate the fact that legitimate mail to me is being withheld, because the sender isn'tt bonded.

There's no way in hell I'd pay (or deposit a bond) for some assurance that my messages get delivered to Hotmail. Next thing you know, Gmail, Yahoo, and local ISPs will demand a bond for bulk mail delivery as well, and you'll end up having to deposit thousands of bonds running into the millions of dollars.

Re:Good luck getting bonded... I tried!

[dustmite]

Interesting, a genuine high-volume spammer posting on slashdot ..

But that makes Usenet less useful

[mccalli]

I've never really had a problem from spam.I've never given my email address out on usenet...It just seems to me that if people looked after their email address...they would reap the benefit of a spam-free inbox sooner rather than later

However, that makes my email address less useful, and Usenet a less useful resource.

I've never disguised my email address on Usenet or anywhere else (with the exception of some of the more pointless web site registrations). There have been plenty of times I've gone back to ancient archives digging for answers, come across someone who solved almost what I'm trying to do, and sent them an email asking if they'd mind helping me. And the converse has happened too - many people I don't know have emailed me over the years after coming across old posts, and I've helped out where possible.

I'm pretty defiant over this one. I refuse let low-life scum dictate how I can use my address. I am not going to jump through hoops at their behest - my email address is a contact point, and people should be able to use it to contact me.

Cheers,
Ian

Re:But that makes Usenet less useful

[noelmarkham]

...I refuse let low-life scum dictate how I can use my address...

That's a bit harsh isn't it? I was just explaining how I look after my email address so that I don't have to sift through that tons of crap just to find the interesting messages.

...many people I don't know have emailed me over the years after coming across old posts,...

Surely Usenet is a better place if replies are posted back to the newsgroup, rather than just the individual. My newsreader lets me search by posts I've appended to.

Re:But that makes Usenet less useful

[the+chao+goes+mu]

It doesn't matter how you guard your email address. Unless it is a senseless string of characters, someone will eventually send to it. I saw spammers trying huge (10K+ entry) lists of randomly generated lists of names (aaab@aol.com, aaac@aol.com,aaad@aol.com, and so on). Then they would try adding different domains to names known from a first domain (jims@aol.com, jims@hotmail.com, and so on...) You can't just guard your address. Someone will still find you to deliver spam.

Re:But that makes Usenet less useful

[mccalli]

That's a bit harsh isn't it?

Sorry if that was misintepreted - I wasn't calling you low-life scum, I was referring to the spammers who have made the email obfuscation practice the norm.

Surely Usenet is a better place if replies are posted back to the newsgroup, rather than just the individual.

Absolutely. However I'm talking about old messages,say five or more years. A resurrected thread started five years ago might not have the same people reading it, so direct contact is often better. Cheers,
Ian

Re:But that makes Usenet less useful

Its not that hard really to maintain.

1 email from your isp for private mail that only allows email addresses in your friends list.

1 email from hotmail/yahoo/gmail for signing up to webpages and other crap that adds you to spam lists.

Re:But that makes Usenet less useful

mccalli (323026) mccalli (email not shown publicly)

Muhahahahaha!

Re:But that makes Usenet less useful

[djmurdoch]

Surely Usenet is a better place if replies are posted back to the newsgroup, rather than just the individual. My newsreader lets me search by posts I've appended to.

That depends. Often people mention things in their post that aren't really relevant to the newsgroup, so an offline discussion is better.

For instance, just the other day someone spotted my name and emailed me to let me know that a distant relative had died, and left tons of money, which is probably mine to claim. Soon I'll be rich.

Re:But that makes Usenet less useful

[Natchswing]

> I refuse let low-life scum dictate how I can use my address.

I'm the same way. There's always people out there willing to do anything with any information they can get ahold of. I'm not going to let low-life scum dictate how I can use my credit card number and social security number. It's just not worth the hassle. I've had times where someone has come across my credit card number in my signature on an old message and they've charged me over the years after coming across the number, and I've helped out by paying their bills where possible.

Re:But that makes Usenet less useful

[nolife]

I use a real address but include a sig that "RE:" must be in the subject line of any replies.
I filter anything to that address that does not include "RE:" in the subject to the bucket. If RE: is included (which happens on spam also), it then moves on through my other filters. I only use this address for Usenet so my follow on filters can be pretty strict. It seems to work pretty good.

Re:But that makes Usenet less useful

[mccalli]

mccalli (323026) mccalli (email not shown publicly)

Muhahahahaha!

Yep, I thought someone would pick up on that one :-). I do have a defense though - I'm still easily traceable from Slashdot. Just click the homepage details and there I am - not obfuscated in any way. Well, apart from the fact that the photo's now nearly eight years out of date.

Cheers,
Ian

Re:But that makes Usenet less useful

[tiger99]

Well said Ian!

Re:But that makes Usenet less useful

[mr.+methane]

Some of us have no choice. My business is required to make several addresses accessible to the public, (ironically, one of them is an "abuse@" address..) and they get trolled by spammers.

With less than 10 employees, we get well over 700 spams per day on average. Last week I missed an email from a customer because my "delete" key was just a little faster than my eye. The two hours a week I spend deleting spams could be spent with my kids, helping a customer, or trying to find new business.

Spammers cost me a lot of money - not wild-guess-could-be money, but *real* money. Worse, they waste my time, resources, and good will. The internet has many wonderful uses, but like any other public area, you get thieves, vandals, predators, and plain old lunatics.

I think....

[acidrain69]

It almost makes you want to cheer on the spammers

Who uses hotmail anyway?

[condensate]

I mean, if I am to enter my mail somewhere on the internet, it's my (long deactivated) hotmail account that I am using exactly for this purposes. And on my everyday mail account, I don not get much spam on that one. I mean, come on. If you were thinking that free online services will stay free, then you did never think about the money one can make of advertising. So this is rather natural, I suppose. Why not move to another provider? There are lots...

Read Spam, Get Paid

[Jonathan+Quince]

I'd accept all the spam in the world if they paid me 15 cents per message.

Coming soon: AllAdvantage for e-mail!

(Ha ha, only serious. With current trends in Internet advertising, who knows?)

Personally, I don't find the proposition too attractive. There are more dignified ways of selling yourself for money -- say, hawking your organs for cash. (What did you think I was going to say?)

MS isn't sellling anything, they are buying

[wayne]

A classic screwed up slashdot submission.

MicroSoft isn't selling anything, they are using the services of another company, namely bondedsender.com.

Who are bondedsender? They are part of ironport systems, who also own spamcop.net. Spam reported to spamcop.net automatically gets reported to bondedsender.com and the spammer gets whacked.

This is really good news because spamcop.net/ironport were recently sued by the spammer snotty scott richter. This means that ironport will have more income to not only fight the spam lawsuit but fight spam in general.

May be a good, realistic approach

[RhettLivingston]

Anyone thinking there is a greed motive for this is wrong. There is no way that Microsoft would trade this much bad press for the paltry amounts of money that this could generate. So, here's what I think is happening.

Microsoft has been pursuing various antispam paths, but the ultimate one, enforceable legislation to stop it, has encountered some resistance unless the legislation's effects are limited in some way. I think they are trying to counter some of this resistance.

There are occassions that I get "spam" from software companies (whose products I've used in the past) advertising new products. I don't mind that kind of spam, yet I almost always find them in my spam box because I use a pure white list approach and forgot to put the company on my white list.

The kind of spam that really drives me nuts and causes me to switch addresses is the spam that's looking for that one sucker in a million, the viagra spam, the refinancing spam, and the pornographic spam.

If the guidelines a) ban the improper spam while allowing contacts from other companies and b) strongly enforce requests to remove my email from a list, I could live with this system. Especially if they implement a one stop shop to manage whose lists I'm removed from.

But why would I want to live with this? Because it cuts the only leg of the spammers arguments that has been getting any mileage at all out from under them. If you create an enforceable system and say, "you can spam if you follow the rules of this system", then they can't argue that their "legitimate" spam is being blocked anymore and all antispam legislation suddenly gets a green light.

When Microsoft starts...

trying to make money wholly by making a quality product and selling it at a profit, people will stop complaining about Microsoft trying to make money.

But I do not think you will see it happening until then.

7 years of feast, now 7 years of famine

[auburnate]

I have had an account with hotmail long before Microsoft bought them out as reported in Cnet Jan. 3 1998. It has survived moving to new locations and outsurvived other email accounts I had at various universities. It even survived moving to Colombia for two years while I was a missionary. Hotmail has been good to me in those 7 years. I can even say that I have be blessed not to get all the junk mail clogging up my inbox. I may get one or two a day that don't get blocked. Yet I see 7 years of famine on the horizon. If Microsoft thinks it can start whitelisting its own (without any compensation going into my wallet [ I wouldn't mind getting a "whitelist" email now and then if my paypal account was augmented accordingly] ) then they are kissing my account goodbye. All it takes is one mass email (spam?) to all my friends and family and I have a new email account.

My $0.02 worth! The more you tighten your grip, Gates, the more star systems will slip through your fingers. -Princess Leia (modified)

Another first for Ninnle!

NinnleMail? These people are amazing! They're just as innovative, of not more so, than Google! Have they gone public yet?

I know this is slightly off-topic

[foidulus]

But I wonder how profitable spam is to the spammers anymore. I can see how it may have been profitable when it was "new" ie most users were too trustoworthy of what was sent to them in the mail, however I would hope most people have wisened up, just as the volume of spam is increasing. I mean, how many times can you get a response that you were approved for a mortgage application that you never applied for or how many obscure dead relatives who work for Nigerian companies do people think they can have?
I know that you only need a small percentage of responses from spam to make it profitable, but do you think that spam will eventually collapse upon itself, both through improved filtering(though this is obviously a step in the wrong direction) and people just getting smart to the point where nobody responds to the emails anymore?
I'm curious as to what /. ers think about this.

Re:I know this is slightly off-topic

[JustNiz]

Yeah I can't beleive people actually respond to spam. Still it appears it must still be working....and it probably works out cheaper to the sender per mail than an equivalent snailmail junk mail. I have exactly the same degree of surprise that junk mail actually works. Our mailman claims delivering junk mail is whats paying his salary.

Re:I know this is slightly off-topic

Another good question is: Why don't the spammers remove "non-responding email addresses" from their list?

I've recevied spam for several years now (same email address) and 100% of all my spam goes directly into Spamcop's crushing jaws. I've never responded/clicked ONE SINGLE spam in my entire life.

If they removed idle/inactive/uninterested email adresses, they would save a lot of bandwidth, save themselves from DDoS/hacking attempts/etc, and could focus the marketing towards users who are stupid enough to buy drugs from unlicensed pharmacists.

Re:I know this is slightly off-topic

I don't actually mind snailmail junk *that* much, because I recognise junk mail quickly and can throw it directly into the paper recycling bin.

But if I got a lot of letters disguised as personal letters, I surely would be just as upset as I am about electronic spam.

Now, to the reason why I'm posting as AC: Flamebait or no, the only solution as I see it, is to make a DDoS@Home progam. It must be controlled by a serious organization, and protected with tremendeous encryption to avoid unwanted abuse. For each spam reported, they will approve it, and then have all the clients perform an efficient DDoS attack. This will cause a lot of problems for the spammers, render their webservers unusable, cost them a lot of money (bandwidth, server administration), and after a while, they will hopefully give up.

I sure would sign up

Re:I know this is slightly off-topic

[foidulus]

Actually, I use mainly my school account for email(it's just simpler) but because of a mix-up with registration(I was overseas at the time) my mail account was disabled and everything sent to it would get you a bounce from the mail daemon. It was like this for 3 months, but after I got it back online, I was still receiving all the spam I was getting before. Amazing.

Re:I know this is slightly off-topic

[LocoMan]

Sadly it'll never happen. For every computer newbie that smarts up to the point where they don't believe that a nigerian wants to give them money, that (insert company here) will give a penny to a dying girl for every forwarded mail, or that they really get a "once in a lifetime" offer, there will be someone (or several ones) that get a new computer, someone that gives granma a computer to keep in contact, or someone who gets a job where he/she uses a computer for the first time. Sad fact is that people are smarting up against spam, but the amount of people that answer to it remains the same as new internet-related ignorant people enter into play.

Re:I know this is slightly off-topic

[prshaw]

But they don't care about bandwidth. Their problem is being able to send to real people. Those are the ones that might complain and force them to get another provider.

But the bad addresses that no one gets, those are free to send to.

There is no reason to care if an address is good or bad, the cost to send is the same flat rate. No incremental costs.

In fact it will take them time or effort to remove bad addresses, and there is no gain in it. So leave them there and someday someone else might get that email address.

Very low complaint threshold

[Teppy]

I read thru BondedSender's terms of service. Their allowed complaint rate is 1 per 1,000,000 messages sent. Each complaint over that limit deducts $20 from the sender's bond.

As someone that does legitimate commercial mailings (opt-in, for our MMORPG, about 15,000 messages per month to current and past players), this strikes me as slightly expensive, and somewhat dangerous. Some math...

Typically I get about 10 angry letters per newsletter, so that's $200 to send each newsletter. A cost of 1.3 cents per email isn't bad, since I know that most people read what I send.

Two problems. First, most newsletters go through now. Maybe 10% get spam filtered (I should probably set up a way to track this). So reaching those additional people costs 13 cents each. That is expensive.

Second, I worry that if the system becomes well known, it would be griefed: A single player with a bone to pick would sign up under a bunch of email addresses and "complain" from each. I'm not sure how to resolve this.

Re:Very low complaint threshold

[jfengel]

One could move the bonding one step further: require each user to post a "bond" to you of $20 when they sign up.

That doesn't work, since I don't want to have to give Amazon $20 to send me confirmation emails. But a centralized user-validation service might be cost effective.

Mutually Assured Destruction, anybody?

Don't expect much when you use free email!!!

If you actually want high-quality service, guarantees, etc., etc., maybe you should PAY FOR IT??!!

It's free, and you get what you pay for. Don't like it? Go somewhere else.

Many ISPs will sell webmail/pop service for $20/year or less.

HotSpam......Mail

[ripcrd]

All the mail I get at Hotmail is spam anyway. It's my spam-catcher account. Anything I have to sign up for on the net gets the hotmail account. Anything on the net you sign up for where I actually want to receive it, goes to yahoo. Both are actually spam-catchers.

Free guaranteed uninterrupted spam?

[blcamp]

Now my free hotmail account truly becomes worth every penny I have paid for it.

Sheesh.

Microsoft at odds with... Microsoft

[Fringe]

Sometimes I think Microsoft is too large to have internally-consistent policies. I've met lots of Microsofties at all levels; most of them really seem to believe in reducing spam, viruses and security holes. And then there's the bean-counter divisions that see potential revenue and just can't pass it up.

So just imagine, in a year or so... Microsoft whitelists some spammers. Then Microsoft developes Outlook enhancements to block MSN-enabled spammers, for a minor upgrade cost. Then Microsoft MSN finds a way around this, for their premium spammers for an extra fee. Then there's always Microsoft, who promptly developes new Windows and Outlook work-arounds necessarily to close the viral windows enabling the premium ones... for a minor fee to the users.

But, ironically, I don't believe they do this on purpose. It's more like virus writers vs Norton Anti-Virus or a game of chess, with two entirely different sides that just coincidentally are under the same corporate umbrella.

Charge for everything

I would expect that M$ - excelling in ripping its clients, will go even further:

There will be several tiers of clients:

class 0
class 1
class 2
etc...

The higher class you have - the more you will have to pay for the account, the less spam you get the more spammers will have to pay to spam you ...

Re:This is a BOND, to IRONPORT

[Allen+Zadr]

The bond is to IronPort and is relinquished to IronPort.

IronPort is NOT Microsoft! IronPort is selling a service which Microsoft has purchased for the purpose of using on Microsoft's Hotmail (and MSN) mail service.

FYI - Ironports

[jchawk]

You know what I love about Ironports? They sell the disease and the cure. They do business with just about everyone. They offer to sell you anti-spam solutions but at the same time sell equipment to people like Scott Ricktor so he can blast spam all over the place...

Sell a better spam engine, offer a better spam protection device!

I love it.

Re:FYI - Ironports

[dba69]

Does Spam Engine = MTA? No Has IronPort ever developled any products or technology to bypass spam filters or take advantage of open relays? No Are you aware the IronPort is being sued by that scumbag Richter? Check your facts.

Arming both sides

[Glamdrlng]

Keep in mind though, Ironport has been playing both sides.

Consider also that Ironport was founded by Microsoft / Hotmail execs, and it all looks a little fishy.

The article is unclear

[Croaker]

The original poster assumed that Microsoft is opening the door to spammers. What is unsaid in the article is if these e-mails were actually solicited.

I could see that legit ads (i.e. you definitely signed up to recieve them) might be tossed out with the huge amount of spam. What Microsoft *might* be doing here is saying "OK, you say you are opt-in, we'll let your stuff through, but we're gonna take a bite out of you if you are lying to us."

Unfortunately, the author of the article didn't bother to state exactly what the rules are that Microsoft is imposing. Roast the journalist, not Microsoft (at least, not yet).

Re:Do any OUTSOURCE SCABS know how to use english?

[spoonyfork]

Do any journalists know how to use english? ... thread the gauntlet ...

I know I know, totally off topic. Reminds me of the last time I spoke to a faux-American call center phonejockey. They started joking with me about the weather in Michigan which was where I called from. I was almost fooled (no, not in the least) until at the end of the call they wished me a good evening. It was 10AM.

Don't try so hard and maybe we might buy it. Also, why are the Benedict Arnold CEOs whining about being called to the task? Own it dude and be proud of it. I own the stock. Make me some money dammit.

MS does NOT get the money

[lseltzer]

The bond is held by BondedSender, i.e. IronPort, not Microsoft. According to their site "Proceeds from bond debits are not retained by IronPort Systems and are instead shared with third-party non-profit organizations."

Terrible for small hosts/providers

[joshuao3]

This system could potentially hurt many small hosting companies and small businesses. Businesses that have their own mail servers, or small hosts that provide mail services for their clients are now going to have to pay more just to provide basic mail service. Telling people "sorry, you can't send to MSN accounts" is simply not acceptable. It doesn't matter if it's a bond or not, the fact is that a small host now has to pay a lot of money to provide an essential service to it's clients. IronPort could essentially charge whatever they want if they own exclusive rights with MS for this service.

This approach form Microsoft is scary as hell for small hosts/providers and I hope that it doesn't happen if there is only one whitelist that MS goes with. If there were multiple whitelists, then I'd feel much more comfortable.

what's spam?

[moviepig.com]

Isn't spam the profligate intrusion by marketers into my god-given residence within a publicly funded (i.e., by me) neighborhood?

Unless I'm missing something, neither MSN nor Hotmail comprises such a neighborhood.

Reminds me of Ameritech (now SBC)

[BrentRJones]

They stole my privacy with calls during dinner and had the audacity to try to sell it back with a special privacy "service."

--
Kidnapping and ransom.

--

Opt - Out?

[nurb432]

Can i opt out of this so-called 'whitelist'?

The only people that should be in a whitelist is the ones you personally approve..

Looks like even the editors didn't RTFA.

[Jaywalk]

Looks like Microsoft has found another way to make money, this time from spam.

Microsoft isn't getting paid for this. They joined IronPort's program, they didn't make one of their own.

I especially like the nice naming for spammers, calling them 'marketers' sounds so much more legitimate.

The purpose of the whitelist is to separate marketers from spammers. If a marketer sends unsolicited email (a.k.a. "spam") they forfeit the $20k bond they posted. It's a way to keep legitimate bulk email from being picked up by spam filters.

Spam?

[MisterLawyer]

Spam? Oh, that is soooo 2003. Spam isn't supposed to be around anymore. There's a big Federal Law that was supposed to take care of that.

Not how it works

[mikeage]

This is a very misleading summary. Basically, the bonded program (which even spamassassin recongnizes and assignes according a minus "point") requires mailers to put up a bond before their emails are allowed. They still cannot send spam, however, they may only send mail to registered users. If users complain, the company has to either prove they joined or pay up.

Re:Not how it works

[kindbud]

That isn't how it works at all. You pay IronPort to get listed on their BondedSender DNS whitelist. Anyone, anywhere can configure their mail server to consult the IronPort DNS whitelist, in the same manner as one would use SPEWS or Spamcop BL, and use that lookup to decide whether or not to subject the message to spam filtering, or to let it pass without any filtering. It is conceivable that a ISP or mailhost could use the BondedSender DNS whitelist as a blacklist, and exclude all BondedSenders from their mail domain.

IronPort cannot guarantee anything about mail delivery to the people who post bonds in order to be listed in the DNS whitelist. They can only assure the people using the DNS whitelist, that all the entries on that whitelist represent email marketers that adhere to BondedSender requirements. They cannot make end users of the whitelist agree that those requirements merit allowing emails through the spam filter. They cannot make end users of the whitelist agree to anything, since it's free and open in the DNS for everyone to use as they see fit. There are no "registered users" to which BondedSenders mail send mail.

If users complain, the amount of bond posted by the email marketer is deducted by $20 for each complaint (past the threshhold, which is currently 1 complaint per million emails).

Re:Not how it works

[kindbud]

There are no "registered users" to which BondedSenders mail send mail.

wait a minute, I misunderstood you. I see now you meant "registered users" to mean "users who signed up for material from the email marketer". That makes a lot more sense, of course, but it still doesn't describe BondedSender accurately. It describes BondedSenderPlus, which is a higher standards whitelist that costs more money to get on. The regular BondedSender program merely requires the email marketer to show a previous business relaitonship with the user. There is no requirement for explicit opt-in to qualify as a BondedSender.

read your own sig

Just because you can't, doesn't mean you shouldn't. :p

noooooo not more spam on hotmail!

[meatspray]

Because My hotmail account wasn't already COMPLETELY DECIATED by the last wave of spam from the last time someone got their hands on their email list....

The only reason I still have an account there is so that anytime a webform wants my email and I think they might actually send me a confirmation/activation email I might have a chance to pluck it our of the "send all emails not in my contacts list to the hopper" processor.

Feh a little more spam can't hurt hotmail, it's like taking a leak in the ocean.

Heh

[mcc]

n/t

Better site...

[Allen+Zadr]

IronPort's Whitelist access is available, here.

Wash your Hotmail

[doublem]

Oh well, I'll just continue to use Mailwasher to cleanse my Hotmail account. It works nicely. Well worth the registration fee.

It's Family Business... Butt out...

[buddhapop]

Isn't this what the mafia does? Pay us what we's wants or you's can't do business here!
M$ is just doing it through filters rather then Bruno and the brute squad. Well, I guess shady business gets to deal with shady business...

I love this company

First they start patenting ancient stuff like FAT, now they're trying to make money out of spam. I'm glad I have [cough] copies of all their software - I'd hate to think I was funding this lot in any way.

Is this new?

[starphish]

I have assumed that they have always had a whitelist. I have reported the same spams coming from the same address hundreds of times and they still don't get delivered to my junk folder. I just assumed they had a deal with Microsoft.

Spam?

[AlexPSU]

I prefer the term "high volume email deployers" as coined on The Daily Show.

Clarity - actual sources...

[Allen+Zadr]

How about the real info?

Ironport's "sender" site.
IronPort's "receiver" site.

Re:Clarity - actual sources...

[nacturation]

With all your defensive replies, I'm wondering what your bias is here. Do you work for IronPort? Fess up!

Re:Clarity - actual sources...

[Allen+Zadr]

Actually, I just don't want this to be a "Microsoft is doing something Evil" thing. That qualifies as FUD.

I'm trying to dispell some FUD by, at very least, putting in verifiable information.

See my introductory Journal Entry for who I'm not. I am only willing to tell you that I work in IT Management for a company that is too small to have ever been covered by Slashdot.

Re:Clarity - actual sources...

[nacturation]

I did read your journal before commenting. Unfortunately, the "who you're not" part leaves about 6 billion other possibilities. :)

The reason I asked is that the quantity of postings and your seeming familiarity with most of what IronPort does led me to believe you're doing more than just trying to dispell FUD. Actually, if you're going to do that, you're in for an awfully big job on Slashdot!

I also noticed that you haven't (yet) said that you don't work for/with IronPort. Or is that just my tinfoil hat going off again?

Re:Clarity - actual sources...

[Allen+Zadr]

No -- Really not IronPort. One of the six billion other possibilities. Well, cut that in half...because I'll be happy to say that I work for a company with less than 300 employees.

I have, however, looked at products that IronPort offers. You may note that many of the subjects I post in, I have a tendancy of actually answering contradictory replies (as opposed to running away from someone telling me I'm an idiot).

I fully admit, sometimes I am an idiot.

Microsoft - luckily I NEVER used Hotmail

[School_HK]

I got a Hotmail account, but the only e-mails there is the promotional letters from MSN network of ads talking about its exclusive 30MB mailbox costing $X per month.

Finally today, I know why MSN needs to sale that kind of services, because MS does have a white list to fill your mailbox up.

SpamAssassin also has commercial whitelists

[tramm]

The SpamAssassin test USER_IN_DEF_WHITELIST checks to see if the sender is in the list of companies that are on its built-in white list. Network Solutions, internic, register.com, nytimes.com, amazon.com, mypoints, paypal, the FT, Palm, Handspring and others are all on it. They don't sell access to it, so it is not the same as what Microsoft is doing. It is similar, however, in that some companies get a free pass (well, up to -15) for any mail that they send out.

Hotmail is FREE

[qwerty75]

Does anybody not realize that Hotmail is a free service! How can you complain about a Free service recieving spam mail. How can you sue somebody or even enforce an Anti-Spam law when you do not even pay for it. So in reality, the money for any infraction should go to Microsoft. I know they offer a pay service as well, but that is so your account is not frozen after 30 days of inactivity. If you are using a Hotmail or Yahoo account for your primary business email then you really need help. I always am very suspecious of people that provide me a contact email with Yahoo, Hotmail or any other Free type mail provider.

Hotmail: Tastes like old bacon.

[Oncogene]

It's like they don't want to have users. They're stupidly pushing everyone to GMail.

"GMail: It tastes like candy!"

you don't need it.

[Alberic]

I totally agree with a upper post.
Why use Hotmail ? Convenient ? Ad-free(no, i'm kidding)?

And so what, lazy people of Earth, who do not want to look a bit further, Hotmail isn't the only free Webmail, is it ?

Okay, just a little list :

*IcqMail
www.icqmail.com : up to 5 mailboxes per ICQ# you have...

*YOUR ISP
www.[your isp name].[your country code] : usually more or less 5 mailboxes. Just get one for your junk...

*Others ISP (free ones)
Living in France, I can tell about www.free.fr, yahoo(.fr,.co.uk,.anythingelse...), laposte.net(up to infinity mailboxes per capita), Gmail(coming soon to you...),etc

So, please, stop complaining about M$'s Hotmail, don't use it, and let spammers take care of the Hotmailers, they pay for it, so they'll mail first hotmail.

READ THE FUCKING ARTICLE

[Trailer+Trash]

Okay, people, there are about two clueful people who have posted so far, and about 50 idiots who are yelling "Microsoft is taking money to allow spamming". READ THE ARTICLE. Holy shit.

For those too st00pid to read it, here's your list of clues. Microsoft gets no money, IronPort gets the money.

If you're a legitimate emailer (i.e. you email to people who have asked for email) IronPort takes the $20K up front as a bond. If you spam, you get knocked off the whitelist and they take your $20K.

It's not "pay $20K and spam all you want". It's "put up $20K to say that you won't spam".

As someone else here said, their standards are *very* high. You must have no more than 1 complaint per million emails, which is a very low number. Having run double-opt-in lists myself before, I assure you that cluefucks will complain about something that they signed up for (and confirmed) the day before.

As an ISP, let me say that this is a great program.

They are very anal

Re:READ THE FUCKING ARTICLE

What is sad is that all the posts like yours that are right on are buried down here at the bottom.

Re:READ THE FUCKING ARTICLE

As an ISP, let me say that this is a great program.

They are very anal

are you a pr0n ISP perchance?

Re:READ THE FUCKING ARTICLE

[cyantist]

Also, the money debited from the bond goes to a non-profit. Ironport doesn't keep any of it. Just an FYI.

Hurrah

[slushbat]

I can now spam all hotmail users at least once for a mere $0.0001 per head maximum.

How I abandoned my Hotmail account

I had an hotmail address years ago, back in the day before MS buy the domain... I never really used it.

I did too, and I used it a lot. When MS implemented Passport, it drove them nuts that my old Hotmail profile didn't have all the personal information they wanted to collect. Whenever I tried to access another service from Hotmail, like Calendar, it wouldn't let me unless I entered more personal info. So I didn't. It eventually got all spammed up, so I set up a whitelist and used it only for certain things. Eventually, MS made a new rule that if you didn't log in for 30 days your account was suspended - to reactivate you had to, you guessed it, sign up for Passport with all your personal info. So that was the end of my Hotmail account.

In Denmark it is illegal - but who will sue?

It may be illegal here, but how did you plan to go about if you receive an American/Nigerian spam? 99.9% of the junk does definitely NOT come from a Danish sender or even a Danish server. Who are you gonna sue?

Internet tax

[justkarl]

You know, there was a senator who once proposed a e-mail tax. If thise kind of under-the-table loopholes could be closed, especially to the big companies like MS, maybe tax wouldn't be such a bad idea...given that we would find a solution to bad internet buisness.

Re:Do any OUTSOURCE SCABS know how to use english?

[G-funk]

Ok, since it's clearly some reference to some civil war crap we oceanans know nothing about, WTF is a Benedict Arnold CEO???

Why I used hotmail

[Dave419]

About 6 years ago hotmail was great. I didn't have my own computer and neither did most of my friends. Dial-up providers would usually only provide a single email address with an account and people wanted free private email.

Now, hotmail is crap. Within minutes of signing up for an account it has reached its capacity of SPAM and starts rejecting messages from being sent to it, at least it did the last time I tried using it about 3 yrs ago. A hotmail account these days is an invitation to SPAM, and to being filtered as SPAM by accident by an over zealous SPAM filter. If this change could revitalize hotmail, make it free, and have a useful amount of space, I might consider using it again. If I hadn't learned how to set up a mail server running Gentoo.

Sounds like a violation of the RICO Act

[spidergoat2]

Isn't this just like paying protection to the mob? It's worthy of Tony Soprano. "Having a problem with spam? I can take care of dat for youse. My boys will be around once a month to collect". Call it what you will, it still seems to be extortion and a clear violation of racketeering laws.

Wonder when

[goatan]

This whitelist will be automatically added to Blacklists. This sounds like microsoft are saying give us some money and we will let you spam to your hearts content.

Re:Wonder when

[nmjon]

You are absolutley correct!!!!!!!!!

Let Bill and friends do whatever they like.

Because I don't, never have, and never will use Hotmail. who cares? Oh wait, there are millions of cheap suckers that do.

Violation Decision...

[Allen+Zadr]

" And who decides if the spam is violating the rules?"

IronPort

Re:Violation Decision...

[Arker]

This still leaves a bit of unclear to me though. Do they pull it if your complaint rate is too high, period, or do they attempt to adjudicate the complaints? This is a major issue, since if they adjudicate they're going to have not only higher costs as a result, but they're also going to be explicitly allowing spam. But if they go by complaint rate alone, then it's up to the receivers and those standards could be rules that must be adhered to in addition to avoiding a high complaint rate.

Re:Violation Decision...

My understanding is that it's just the complaint rate. Therefore, the standards are a side issue - a low complaint rate is what the mailer has to achieve.

Re:If only they would share the proceeds: control!

[G4from128k]

People here should know that putting a pricetag on something doesn't make everything kosher.

A very good point, in general. Yet as an adult I feel i have the right to enter business relationships - there is nothign wrong with selling my email processing labor. As long as the consumer retains control, I see no problem with bulk e-mail. With control of the system, I can easily raise the price of spam delivery to 50 cents or a dollar per message if the 15 cents/spam is generating too much volume.

Bulk mail without opt-in should be criminalized regardless if the envelope is paper, SMTP or whatever. Bulk mail is just another form of 'I have money, I can send propaganda to anybody, you cannot stop me, muahahaha!".

I'm not sure I want the government holding my hand and deciding what is good for everyone and what is not. I don't even see how the government can regulate spam given the international nature of it and the fact that commercial email has legitimate uses such as when my airline emails me that my flight schedule has changed or tells me of upcoming airfare sales.

To me, the greatest scheme for controlling spam would be monetary -- the spammer pays the recipient an amount that the recipient decides and the sender agrees to. Add recipient-controlled whitelists, blacklists, and rebates and the system provide zero-cost email between friends and trusted parties and consumer-regulated communications otherwise. This avoids the heavy-handed, one-size fits all approach of government regulation and pays each recipient for the resources consumed by spam as judged by the recipient. If someone hates spam so much, they can set their price at $100 per email.

The big problem with the current system is that the recipient bears a disproportinate burden of the costs. The cost to send an email is miniscule. But the cost to personally accept, read and process an e-mail is large. All I seek is a means of charging for my labor.

It's not spam if you sign up for it.

[thehomeland]

It doesn't count as spam if it's included in the sign-up agreement. If you agree to receive advertisements from 'marketers' that MS allows, then it doesn't count as 'unwanted/unrequested advertisements' (no matter how much you don't want it) because it was a prerequisite for using the service. Get a real email address if you want out, plain and simple.

Whitelist or Blacklist? (was: Better site...)

[thedillybar]

Damn I thought it was the actual whitelist.

I was about to import it into my spam blacklist.

Re:Do any OUTSOURCE SCABS know how to use english?

[spoonyfork]

Ok, since it's clearly some reference to some civil war crap we oceanans know nothing about, WTF is a Benedict Arnold CEO???

OMFG WTF LOL!!!11onehundredelevenone. First off, don't pretend to know something you don't. Benedict Arnold was alive around the time of the American Revolution, not the American Civil War. However, I'm willing to give you partial credit because many scholars believe the Civil War was mostly unfinished business from the Revolution.

Seriously though, if google is such a fine substitute for inherently knowing anything to the point of being worshipped as a False God of Knowledge.. why don't you just look it up yourself? Here's a spoon-sized poke at your badger. Traitors (such an ugly word) don't find favor with anyone after the fact. Once you betray something as large as oh I don't know.. your country it is hard nay impossible to earn the trust of anyone again.

Re:This is a BOND, to IRONPORT

Fron the list of Directors at Ironport.com:

JACK SMITH: CO-FOUNDER AND INVENTOR, HOTMAIL CORPORATION

"...After the acquisition, Smith worked as Director of Engineering at Microsoft...then leading a team developing next generation Internet software infrastructure."

DOUGLAS C. CARLISLE: MANAGING DIRECTOR, MENLO VENTURES
Former board memeber of Hotmail.

SCOTT BANISTER: CHIEF TECHNOLOGY OFFICER
"Scott started his career as a pioneer in the email business. He was founder and VP Technology of ListBot...ListBot was acquired and became Microsoft's ListBuilderTM, part of the bCentralTM suite of business offerings..."

SCOTT WEISS: CEO
"...Scott was one of the early team members at Hotmail, the world's largest web-based email service. At Hotmail, Scott was responsible for all partnership and revenue generating business development efforts. It was this experience at Hotmail that helped Scott identify the emerging business opportunity that would later evolve into IronPort Systems. After Hotmail's acquisition by Microsoft, Scott led a business development team at Microsoft with the MSN division. "


No, they're not Microsoft. But they're dang close.

Every Journalist Knows

[WormholeFiend]

Every journalist knows they shouldnt put all their chickens in the same basket before they're hatched.

Funny Numbers

Microsoft's Hotmail and MSN e-mail services, which together claim 170 million regular users

Of course that includes the 169 million spoofed HotMail addresses in spam messages.

This isn't as bad as the 'Article' says, but...

[Arker]

I must say I'm really disappointed in this. Ironport have generally been good guys, but their trust level just plumetted. If you read the sender standards page you'll notice that, while they are at least trying to rule out some of the worst spam, their standards explicitly do allow spam (by diluting the concept of 'consent' to the point it's unverifiable and thus meaningless.) On the other hand, it doesn't sound like they're going to try to adjudicate complaints, just charge a small fee for each one and make judgements based on the sheer number of complaints, so it will be interesting to see how that works out. If enough end-users refuse to tolerate spam, that could effectively keep it out of the whitelist, even though the 'standards' are written to allow it.

Re:This isn't as bad as the 'Article' says, but...

[TCaptain]

So if I understand what you say correctly, they charge you a small fee to lodge a complaint about a spammer?

Man, they might make a small fortune there...but it doesn't exactly give them incentive to clean up their list :)

Re:This isn't as bad as the 'Article' says, but...

[Allen+Zadr]

I fully agree with you here.

For short-term financial gain (taking the bonds) they could certainly adjucate in their own favor (levy fines) - however, if the bond is saturated, then the sender no longer qualifies either.

The point of this is so that companies like 3Com, HP, Microsoft and similar have a better chance of reaching their customers. (Yes, if you bought ANYTHING from ANY company, they legitimately have reason to E-mail you).

It is in IronPort's best interest to keep up the white-list for legitimate senders only. MoreSexForYou.com need not apply.

As with any service, only time will tell. I'm watching SpamAssassin's use of IronPort's service. They will probably be the first to react to any abuses.

Re:This isn't as bad as the 'Article' says, but...

[Allen+Zadr]

Not really, a judgement against the bonded sender (they failed to follow the guidelines) results in a small fine being removed from their bond.

IronPort's bonded-sender service investigations are based on SpamCop. (There are a large number of SpamCop auto-SPAM-reporting products and servers). Basically, if you SPAM chances are you'll be reported to SpamCOP at a higher hit rate than your 'victims' are likely to respond to your "campaign".

Re:This isn't as bad as the 'Article' says, but...

[Arker]

For short-term financial gain (taking the bonds) they could certainly adjucate in their own favor (levy fines) - however, if the bond is saturated, then the sender no longer qualifies either.

The sanest option would be not to adjudicate them at all, but simply to count them, I'm just confused from their website which route they are taking.

The point of this is so that companies like 3Com, HP, Microsoft and similar have a better chance of reaching their customers. (Yes, if you bought ANYTHING from ANY company, they legitimately have reason to E-mail you).

To mail me about a problem with the product I bought? Sure. But nothing else. If they want to send me ads they'll get LARTed the same as anyone else.

It is in IronPort's best interest to keep up the white-list for legitimate senders only. MoreSexForYou.com need not apply.

So far as I'm concerned, if moresexforyou.com keeps a real opt-in list and doesn't spam, they are a legitimate sender - and if 3Com, HP, or MicroSoft spam, they aren't.

Re:This isn't as bad as the 'Article' says, but...

[Allen+Zadr]

Problem is - logically - once you buy something from a company, you have a relationship with that company. You can certainly block them yourself, using your own methods, however, they are not doing anything wrong, technically.

Microsoft (unless you are using a paid-for-through-ads-service-like-hotmail), HP, 3Com, IBM are all really good about allowing me to set what announcements and types of Emails that I want or don't want. From my own experience, these are responsible Email marketers - thus I used those as examples.

If I get an Email from MoreSexForYou.com there are only two possible explanations. One of my co-workers is signing me up without my knowledge, or they culled my Email address from one of several news-group archives that contain my Email address. Either way, this is not responsible Email marketing. ... Funny the opt-out link goes to the same page-with-20-popups as the sign-me-up link. Not responsible marketing.

Because this is a heated subject, I have little doubt that how they treat this will make-or-break the company. They bought SpamCop because of the good-will the SpamCop name has. That purchase also puts them in a rare position to do this the right way. Only time will tell.

Re:This isn't as bad as the 'Article' says, but...

[whoever57]

Their standards are so low it sounds kust like spammers:

# Opt-In with Verification: The Recipient affirmatively requests to add his/her email address to a mailing list. The Recipient receives a verification email notifying him/her of the subscription and providing clear unsubscribe instructions.

# Opt-In: The Recipient affirmatively requests to add his/her email address to a mailing list.

These two requirements constitute "opt-out" style lists, since there is no checking of the "affirmative" request and by default the email address is included in the list.

I shan't be using their lists to whitelist any email arriving at my mail servers any time soon.

Re:This isn't as bad as the 'Article' says, but...

[Arker]

Problem is - logically - once you buy something from a company, you have a relationship with that company.

I'm sorry, but that's just not true.

A purchase is not a relationship. I buy things from many people I have no relationship with. If you offer something for sale, and I buy it, that's a transaction, not a relationship. If you want to email me about something that has to do with the transaction, that's fine, but if you try to say that the transaction gives you a license to spam me, you're just a spammer.

Microsoft (unless you are using a paid-for-through-ads-service-like-hotmail), HP, 3Com, IBM are all really good about allowing me to set what announcements and types of Emails that I want or don't want.

If you agree for them to send you those emails, then they aren't spam, but don't pretend they get to magnaminously allow you to choose them. It's your right. Your email box is private property.

If I get an Email from MoreSexForYou.com there are only two possible explanations. One of my co-workers is signing me up without my knowledge, or they culled my Email address from one of several news-group archives that contain my Email address.

And either of those routes would mean the same thing - spam.

But my point was simply that just because it's a sex site doesn't make it spam. If they sent it to you because you requested it, that would be responsible email marketing. And if HP, 3Com, MS, IBM, or whoever sends you bulk mail that you did not request, then they are spammers. As to Ironport...

Only time will tell.

Agreed.

Re:Do any OUTSOURCE SCABS know how to use english?

Wrong war. It was the American Revolution, and google is your friend.

Makes whitelist sites spammer targets?

[geoff+lane]

If you know that a particular site is on the whitelist it makes sense to route your spam via that site if you can.

Honeypot, flies, attract are some words that come to mind.

"no more spam in 2 years"

[martin]

says Mr gates.

That'll be because its now been relabelled, legitimate commercial email..

same old story - change the rules..

Q. How many M$ programmers does it take to change a lightbulb?

A. None, they make darkness the new standard...!!!

CNN has the "full" article also

[mondainx]

http://money.cnn.com/2004/05/05/technology/msft_sp am.reut/index.htm

This really sucks..

Explain this

[Arker]

They still cannot send spam, however, they may only send mail to registered users. If users complain, the company has to either prove they joined or pay up.

This doesn't jive with the terms on their website. Particularly read the section titled "consent." This section defines 'consent' so broadly as to include many cases where proof is not available, i.e. they do not require opt-ins be verified, they allow buying or renting lists from third parties, etc. They're explicitly allowing all the lame excuses spammers traditionally use when accused of spamming. So which is it - do they have to prove consent as you say, or do they not, as the official website says? This is very confusing.

Actually, this DOES make sense

[Moryath]

Believe it or not, there ARE groups out there that advertise via email - but aren't spammers - that are arguably upset about spammers who clog inboxes.

One of them I buy stuff from infrequently - Overstock.com. I get an email from them every day, usually delete it right off, but I don't mind getting it because I did, indeed, sign up for it when I bought something from them the first time.

Ironport's service isn't just a "pay us lots of money and we'll look the other way" thing - the people in question do indeed have to stick to decent ethics about what they're selling, and to whom, and make sure it's damn easy to get off the list. So I view this as a relatively ambivalent thing.

It's not good, in the sense that spammers may manage to sneak in. But it's not bad, because the spammers will likely get zapped pretty fast, and because the idea of REAL companies putting up a bond of trust, "their money where their mouth is" so to speak with regard to a code of conduct, is a GOOD THING.

M$ is just doing it to make more $

think about it from a position of a legit host sending emails to their clients.

1. M$ does a report on their email utilization to find a host that sends a lot of emails to their clients. (membership status, announcements, etc)
2. hotmail filters these randomly into the junk bin, or just deletes the messages before they get received.
3. the host gets complaints from users that they are not getting feedback they requested
4. host contacts micrsoft, pays them money to hack a hole in their faulty false positive email filter.
5. M$ profit.

To turn a profit, all they need to do is make their filter more and more restrictive, creating more and more false positives.
The next step: email groups
keeping your users informed about their accounts or sending them receipts for purchase is not spam. But it is for hotmail.
why is no one complaining about all the false positives?

It's not technically unsolicited

[therblig]

If you go to their website, http://www.bondedsender.com, and look at their rules, you will see that they do have somewhat reasonable rules that must be followed. There are many more rules than just this, but here is the part under the section called "Consent."

Consent

V. Participating Senders must ensure that consent with appropriate disclosure or a prior business relationship exists prior to sending Commercial or Promotional Email Messages.

Acceptable forms of consent include:

Double Opt-In: (sometimes referred to as 'Confirmed Opt-In'): The Recipient affirmatively requests to add his/her email address to a mailing list. The Recipient receives a confirmation email and the Recipient confirms his/her request by replying or visiting a provided URL.

Opt-In with Verification: The Recipient affirmatively requests to add his/her email address to a mailing list. The Recipient receives a verification email notifying him/her of the subscription and providing clear unsubscribe instructions.

Opt-In: The Recipient affirmatively requests to add his/her email address to a mailing list. Pre-Selected Option with Verification: The Recipient consents to have his/her email address added to a mailing list by leaving a clear and conspicuous pre-selected option intact. The Recipient receives a verification email notifying him/her of the subscription and providing clear unsubscribe instructions. Commercial or Promotional Email Messages sent under this form of consent must include clear and conspicuous identification that the message is an advertisement or solicitation.

Pre-Selected Option: The Recipient consents to have his/her email address added to a mailing list by leaving a clear and conspicuous pre-selected option intact. Commercial or Promotional Email Messages sent under this form of consent must include clear and conspicuous identification that the message is an advertisement or solicitation.

What are you saying?

[Saeed+al-Sahaf]

IronPort's business is SPAM prevention.

So you agree with Microsoft that these people that are paying Hotmail to SPAM you are not actually spammers? You agree that they are "marketers"? IronPort is facilitating Microsoft in allowing these "marketers" to spam you. That's spam prevention???

Re:What are you saying?

[johnnyb]

From IronPort's site it looks like they are just allowing opt-in email.

off topic, reply to sig

[PsiPsiStar]

Two wrongs don't make a right, but three lefts do.

You've never driven in Pittsburgh.

It was already impossible to block their SPAM

[Ra5pu7in]

If you have a hotmail account, you already know you can't block or filter to the trash any email from "staff@hotmail.com". It just isn't allowed. Of course, if you're like me, you only have the hotmail account for registering and you know it will only ever have spam, therefore you have everything go to the junk mail folder which will empty automatically. Only pitfall is I have to access it about once a month to prove it is "active".

Re:It is me...

[im+a+fucking+coward]

It's a negative reaction to the piece of shit MS has turned HM into. It's nostalgia for days of yore when HotMail wasn't an endless commercial. The UI is now so completely overwhelmed by what MS thinks you might be interested in if you literally had shit for brains that considerate, thinking people take offense.

The reality is that they are going to plunge headfirst into more of this horse shit unless the userbase drops precipitously. I think they should just remove the email functionality and see how many idiots keep using it.

Where are you Gmail???

[tommertron]

Seroiusly, I don't think Google would ever do something like this. Why can't it come soon enough?

Some clarity from bondedsender.org

[pdp0x14]

"Sponsored by IronPort Systems, the Bonded Sender program turns the spam problem upside down by identifying legitimate email traffic. Originators of legitimate email can now post a financial bond to ensure the integrity of their email campaign. Receivers who feel they have received an unsolicited email from a Bonded Sender can complain to their ISP, enterprise, or IronPort and a financial charge is debited from the bond.

"This market-based mechanism allows email senders to ensure their message gets to their end user, and provides corporate IT managers and ISPs with an objective way to ensure only unwanted messages get blocked. For FAQs and white papers describing the Bonded Sender program, visit http://www.bondedsender.com

Being "Windows Certified"

[mnemotronic]

The company I work for, which makes rotating magnetic storage devices, pays what some co-workers describe as "an enormous amount of money" to be Microsoft or Windows "Certified" (I don't know the exact figure). Now, understand that MS doesn't do an bit of work here .... we buy the test platforms, run the tests, collect & collate the data, and go forth to Redmond on bended knee to present our lowly product and request "Certification". MS collects a fat check and stamps it "yea" or "nay".

Pardon my attitude, but if you ask me, they should be the ones coming to us to see if they're ATA, Serial-ATA, FC, or Serial-SCSI compatible. We have the expertise, they just write a driver.

SourceForge would be a good start

[Principal+Skinner]

I'm afraid you didn't segue very well into that sentence, so I'm really not sure what you meant, but if you meant "SourceForge should get signed up for this somehow", then that's the first thing I thought of when I read the post.

Every SourceForge email I get to my Yahoo[ungrammatical punctuation omitted] account ends up in my Bulk folder, and every time, I click the "Not Spam" button on it, but to no avail. Apparently some people think it's just easier to make email they signed up for go away by marking it as spam than by unsubscribing from the service, to the detriment of the other users of that service.

I don't know if Hotmail+SourceForge users are affected by this, but regardless, there are doubtless a lot of legitimate services that are pigeonholed because a sufficient percentage of users are misevaluating the emails from those services. It would be unfortunate if some totally non-marketing companies/orgs had to pay to make sure this didn't happen, and it still wouldn't help my old prof, meesh, who likes to send mass e-mails to all her old students, putting their names in the Bcc: field so that they don't get a 10k message with 8k of addresses and 2k of content (no explicit To: field? Must be spam!) but it would be better than nothing.

Re:SourceForge would be a good start

[Allen+Zadr]

Someone who get's my point!

Yes, that is exactly what I meant. SourceForge is definately a bulk Emailer. All of it is legitimate. I think it would be useful if SourceForge and places like it (?anybody else have SlashDot email them replies to posts?) could be whitelisted prior to spam-filtering.

For myself, the other biggie is umich.edu (the Ldap mailing list).

Not following Yahoo's footsteps

[Ra5pu7in]

NOTE: I am only comparing the FREE accounts here, not the paid which have other services.

Yahoo does not force a "white list" on you. I have both a Yahoo account and a hotmail account. I have never received a "special" spam from a Yahoo partner. As ecklesweb states, this is a user preference (like the hotmail automatic subscriptions to newsletters) that can be turned off. I turned it off early on.

More importantly, Yahoo does have three levels of spam filtering - none, some, and strong. At the strong level, I have yet to have anything filtered that shouldn't be and I only come across about four a month that get through, which I can easily report as spam to improve Yahoo's filtering. This actually filters spam I have never before received based on other's reporting.

OTOH, hotmail's spam filtering is not really that -- it is a matter of filtering any emails not from a known contact or your safe list and blocking any emails from a black list you have to create. EXCEPT that they have this wonderfully small limit on the free accounts. Of course, I only use this account for registering, so it is nothing but a spam filter and I don't have to provide addresses that are safe or not safe.

Whoa. Had a wacked thought which may be totally off the map, but do any of these free email sites have access to your contact lists - basically the online version of your address book? How well secured is it from outside access? That would be a spammer's wet dream - a list of valid emails. (Okay, that could be taking conspiracy too far, but I also know just how insecure MS software has been.)

Isn't this a step towards whitelist only?

[kcornia]

Seems to me like this is a step in the direction of entities eventually only accepting mail from "whitelisted" persons or groups, which will in all likelihood lead to a "fee" to be on a whitelist, thereby causing e-mail to no longer be free...

Maybe I'm being short-sighted, but this sounds fishy to me..

um...

[Run4yourlives]

Aren't they planning on "reading" your emails and then serving up targeted ads?

Not all that much different if you ask me.

Re:um...

[AlexPSU]

That's not how adwords works. The ads are auto-generated bu the content of your email. Technically they aren't reading it but rather they're serving strategically targeted ad content.

Problems and the appearance of problems

[93+Escort+Wagon]

I know I'm being cynical here, and some of you will think this is quite a stretch - but I gotta wonder if this same mindset will apply to decisions involving the Microsoft-backed hardware DRM schemes. That is, will "good corporate citizens" be given some sort of pass-through key to the DRM system, so they can provide (responsibly, of course) "helpful services" to the end user?

Can M$ be trusted with anything?

[tiger99]

Can a twice Convicted Monopolist who is not showing the slightest sign of reform be trusted with anything like this? And will the whitelsit be reliable and secure? Or was that a silly question, words like "reliable" and "secure" do not belong in the same sentence as "Microsoft", or "Gates".

I confidently predict, based on very consistent past behaviour by the Criminal Monopolist, that the whole thing will be a technical and security disaster, and will inflict massive damage and disruption worldwide.

Meanwhile, surely any attempt to extend Sir Scumbag's monopoly should surely result in action by the court? This is clearly an attempt (again, and again, and again...., like everything they do now, having long ago run out of anything approximating to innovation) to use their confirmed monopoly in one field to leverage the extension of it to another. The Scumbag basically wants to control all email in the world, in fact he needs to, because his paranoid psychotic mind compels him to, as it has compelled him to dominate every market he touches. He must be stopped.

Idea for Google:

[Sophrosyne]

Set up a shell company,
Get on Hotmail's Whitelist
Spam everyone inviting them to join Gmail.

The "bond" is $200 to $4000, not $20,000

[Animats]

Where did that "$20,000 bond" figure come from? BondedSender's price list starts at $200, for nonprofits. The "bond" for sending 5,000,000 spams is only $1000. And for $2000, you get to send 50,000,000 spams. Per month.

Re: READ THE FUCKING PAGE

Exactly, but what I haven't seen modded up past the MS slams was who gets the money... I was checking these guys out a few days ago, couldn't understand the model... Set up a bond, but if you get a complaint they take the money? Made no sense... Seemed like the thing was skewwed. But, unlike the majority of you dipshits, I actually researched it before jumping to conclusions.

Snipped from http://www.bondedsender.com/fees.jsp , so you don't tucker yourselves out having to read a bunch of words...

B. Bond Debits

The Bonded Sender Program is designed so that most legitimate senders will pay little or no bond debits, while the cost will be prohibitive for any sender of unsolicited commercial email (who would also not qualify based on the current standards for the Bonded Sender Program). Proceeds from bond debits are not retained by IronPort Systems and are instead shared with third-party non-profit organizations.

The hole Ironport wants you to install

[Animats]

IronPort wants you to install a hole to let their stuff through. For SpamAssassin, for example, they want you to put in

• header RCVD_IN_BONDEDSENDER eval:check_rbl('relay', 'sa.bondedsender.org.')
  describe RCVD_IN_BONDEDSENDER Received via a whitelisted Bonded Sender address
  score RCVD_IN_BONDEDSENDER -100.000

Note that "-100.000". That says "accept this, even if it looks like spam". You might want to use, say, "-3.0" instead. Give them a little credit, but don't open the floodgates.

Watch for spam with the "RCVD_IN_BONDEDSENDER" flag in the X-Spam-Status header line. You might want to have Mozilla (I assume Slashdot readers aren't using Outlook) move such messages into a "Bonded Sender" folder. That lets you watch what they're sending.

As soon as you find a real spam passed by BondedSender, please post it to NANAE.

Re:The hole Ironport wants you to install

[SnapperHead]

Actually, this is good. Now, instead of SA wondering if its spam or not, using those above headers I *KNOW* its spam and to delete it without question.

Re:The hole Ironport wants you to install

[Kelson]

Well, Bonded Sender has been a default part of SpamAssassin FOR AT LEAST A YEAR now, and a quick search at google groups yields only three posts to NANAE containing either the old RCVD_IN_BONDEDSENDER or the newer RCVD_IN_BSP_OTHER, and none in RCVD_IN_BSP_TRUSTED.

Two of them are phishing scams that triggered the rule only because SpamAssassin checked forged Received: lines when it shouldn't have. The other is less clear.

Re:The hole Ironport wants you to install

[Kelson]

I guess you don't need those outbid notices from eBay, or shipping notices from FedEx, or newsletters from CNN, or ticket confirmations from Southwest, or...

Well, you get the idea, right?

Re:The hole Ironport wants you to install

[Animats]

The trouble, though, is that IronPort/BondedSender reserves the right to change the rules at any time. Already, bulk mailers are complaining the rules are too restrictive. Once they have all the backdoors in place at major ISPs, they can change the rules.

A likely change would be to embrace the Direct Marketing Association's "Four Pillars of Responsible E-Mail Marketing".. That's opt-out, not opt-in. And it's "narrow opt-out"; you may have to opt out for each "line of business" of each spammer separately. Once for Viagra, once for refinancing, once for toner cartridges...

My point is that you don't want to blindly let through everything Ironport sends. You might give them some credit in the spam filters, but don't just open a hole.

Re:The hole Ironport wants you to install

[dba69]

ISPs and other receivers of email from Bonded Senders do not sign any contracts to use the service. If the rules changed to the DMA 4 pillars, how many ISPs and other organizations would continue to query bonded sender? This program would die a quick death.

Rule changes will be dictated by the receivers and I hope another Goliath begins using the program so MS doesn't "own" the rules.

It's a delicate balance and if managed properly is extremely effective for ensuring delivery of VERY legitimate bulk senders (i.e. CNET - 40M emails per month, 2 complaints)

Re:The hole Ironport wants you to install

[Animats]

If the rules changed to the DMA 4 pillars, how many ISPs and other organizations would continue to query bonded sender? This program would die a quick death.

I hope you're right. But this involves Microsoft.

Re:The hole Ironport wants you to install

[SnapperHead]

Yep, since I don't use any of the above services I don't have to worry.

In the *VERY* rare event that I did, I would add a pin hole for just that address.

Re:The hole Ironport wants you to install

[Ed+Avis]

The only people using the bonded sender headers will be direct marketers. So surely you want to give the rule a positive score? I'd say +5 or so since such a header is an almost certain indication of spam. (Or if not strictly speaking spam, at least crud.)

My Prediction...

[JPickard]

Microsoft really needs to do something about it's image -
Having been landed in court for antitrust violations and with their software needing updates every week, Microsoft are really looking bad, and people are really looking for an alternative.

With MacOS and Linux getting updated so much faster, the software Giant and Monopolist will need to act quick if it wants to stand any chance of making it through the to the next decade.

X.400 was a great idea

[cipher+chort]

Yeah, but you have to admit the concept of non-repudiation for all messages is a great thing, and also the trusted cloud approach... I never saw spam in any of the X.400 systems that I monitored.

Of course, this system is much different since it's basically a pay-to-spam type of thing.

IronPort works both sides of the street.

>IronPort's business is SPAM prevention.

Uh, try again. IronPort's first, and still foremost product (i.e. the one that works well) is the number one SPAM CANNON (I mean Customer Relationship Management engine), which generates millions of messages per hour.

Now that that sending market is saturated, they have turned the same box around, and they are turning it into a SPAM catcher/filter (which turns out to be harder, as their tech support guys are discovering).

Now they are billing companies that are honest and need to send mail-- there are certainly lots of these!

Brilliant marketing, really, but let's go easy on the white hats.

Ugh.

[mikeboone]

So I guess everyone who sends mail to a user list is a spammer?

Come on. These users did not just mistakenly enter their address. They fill out an account form where the checkboxes for email are clearly marked. Their email addresses are not shared with anyone. Each mail that goes out to them has full details on how to unsubscribe. If they don't want to login to their account on the website to unsubscribe, they can reply, and it's read and handled by a human being. In addition, the emails contain no intentional misspellings or bayes word games.

I get tons of spam every day and I can tell the difference.

Re:Ugh.

[Mekkis]

Perhaps I got a bit inflamed about spam in general. I'm sorry for offending you, but it's a touchy subject for me. I get a long ton of spam every day, as I believe most folks with an email address over a month old do (mine's going on six years at the same Hotmail address, though I'm using other programs now) The point I'm trying to make is that many, many, many spammers and adware whores make the claim I "opted in" to their mailing list or "consented" to install their adware/scumware when in fact I did no such thing. I think there are lots of folks out there who've experienced the same troubles, especially when contacting the idiots to inform them that I absolutely do not want their bulk email or ad software.
I feel like I'm banging my head against the wall when I tell them I didn't sign up or consent for install - once they say I've given them my consent, it's like pulling teeth to tell them that I did not in fact do so when I God forbid actually attempt to de-install the adware or "opt-out".
So no, not all commercial email is spam - as long as you know you're actually signing up for something. But there are lots of advertisers out there who use sneaky #*&%ing tricks to bypass anti-spam law. I don't think I'm alone here in hoping to see spammers, pseudospammers and adware whores all suddenly suffer an instant brain aneurysm and put us out of their misery.

Re:Ugh.

[mikeboone]

I hate spam too. So far today 64 made it past my server-level spam and virus filter (but were caught by the Bayes filter at the email client).

I think part of the problem is the conditioning of users that spam has caused. If I can't remember actually signing up at a site, I'm reluctant to click any link or reply to the message in the fear that it will simply confirm that my address works.

I can understand that a user might find themselves in that situation. As a sender, I'm not sure what else I can do on top of what I'm currently doing: unsubscribing any of the addresses in bounced messages, monitoring the AOL complaint feedback loop (do other ISPs have these?), and occasionally purging the older user accounts even if I haven't gotten bounces.

Sending email is a small part of my job, and I'm not an experienced mail server administrator. My goal in posting about this subject is mainly to learn more about the best practices for sending requested commercial email.

I thought Microsoft already sold their email list.

[krgallagher]

I opened a hotmail account once. My company decided to adopt MS Instant Messaging as a standard and I did not want to give out any real email addresses to set up the .NET Passport thingy so I createrd a new Hotmail account. I was recieving spam in the account within 24 hours.

Q:why using hotmail? A: Geographical situation.

[perseguidor]

You need passport for MSN Messenger, and where I live msn-mess is the only way to go. IM market share is distributed quite distinctly in different countries and regions, as far as I can tell. No one here here wants to get into exotic things like IRC or Jabber. Or even AOL, you know - only 1 in 10 people I know is aware there's IM apart from MSN. Gaim obscures dif. protocols enough to make it less painful. But why do I bother talking to all that people anyway? Beats me. Must have something to do with pineapples.

Pay me and I'll let you spam Microsoft!

[zenaida_valdez]

And I'll be cheaper, too!

Who bears the real cost of spam?

[jubitzu]

This could be a great idea, although I would change one thing. Instead of the fine going into Microsoft's pocket, put it in the pocket of the poor soul who had to read the spam message. His time was wasted and he should be compensated for it.

Mod +5 Ingenious

Re:If only they would share the proceeds: control!

[retards]

Yet as an adult I feel i have the right to enter business relationships - there is nothign wrong with selling my email processing labor.

Yes, and people who want spam can ask for it, for those who say nothing, the law should say that you are not allowed to send them spam. The same could easily be applied to snail mail. The problem will be defining what "bad" bulk mail is. I would define it as anything that can be seen as an advertisement.

If someone hates spam so much, they can set their price at $100 per email.

Ridiculous. How can you expect to collect money from a party you have no business agreement with? To get your version to work you need lot's of regulation. You would have to rewrite laws about contracts and who knows what.

Why is opt-in so bad? I never said that people who want spam should be allowed to get it, all I'm saying is that you would have to get the recipients permission before sending, for example in the terms of service of your airline.

Apologies to Shakespeare for the paraphrase.

[the_rajah]

Spam by any other name...is still spam!

"Si hoc legere scis nimium eruditionis habes."
(If you can read this, you're overeducated.)

Logical conclusion?

[nurb432]

So, in the future if I'm a company and i want to send ANYONE e-mail, i must cough up 20 grand to be on the 'good guy list', else risk being flagged as spam before my customers even see the email?

Good way to weed out the smaller fish ....

$20k is nothing

[TastyWords]

$2k per month just to connect, even if you are a White hat.

A new industry

[ReNeGaDe75]

I can see room for lots of money to be made. Microsoft, in an effort to keep the public happy, will require that "marketers" sign an agreement to not send spam (which of course, the purpose of this whole thing is to send spam), but they will intentionally leave a loophole allowing "marketers" to relay spam.

These "marketers" will sign up with Microsoft, then relay spam in exchange for a small fee from the spammers.

This way everybody wins! Well, except the customers of course... but who cares about them really?

Let's fund both sides of the war

[please+explain]

The owner of the most spammed sites on the planet is partnering with the biggest spammer arms dealer to ensure open access to your Inbox for their customers

Re:Let's fund both sides of the war

[dba69]

Get a clue.

Why does Spamhaus describe IronPort "without reproach"

I recently purchased systems from them and they are clearly on one side of the battle - the anti-spam side

Re:Let's fund both sides of the war

Hopefully you got the Brightmail technology with those boxes, that is what is keeping some of the spam out, for now, at quite a premium price. The SMTP protocol provides safeguards so that servers cannot lose mail. Those boxes cheat by running in an unsafe mode that can lose mail. Receive 5 messages per sec and unplug a box to test. Unsafe skipping i/o ops modes make SMTP fast, at a price. I hope you have disposable mail.

I understand the sting and "get a clue" because the hardware worth about $2,000 per box cost you at least 10 times that much per box or more. It would take significant extra work to repurpose those underpowered boxes in the future.

Re:Let's fund both sides of the war

[dba69]

I'm not sure what you are talking about with the cheating. Prior to purchasing, I put this system in a lab and was sending 20 messages per second through it (50% capacity on the mid-tier system I was testing according to IronPort). I pulled the power on the system and then fired it back up. The queues rebuilt and the last message that was accepted by the server was delivered. A soft bounce was sent to the senders who hadn't completed the SMTP conversation. I would love to know if you've tested or experienced anything different.

And yes, I purchased Brightmail, great technology.

Ultimately that doesn't really matter...

...as they deduct $20 for any spam complaint (beyond the very low permitted complaint level of 1 per million emails). They don't investigate the complaint's merits at all, they just deduct the money. This makes the system financially impossible for non-legitimate emailers (i.e. spammers).

FAQ tells about bond debits - non-profits, too

From http://www.bondedsender.com/faqs/general.jsp#bond_ debits

What happens to the bond debits?

In order to avoid conflicts of interest, forfeited bonds are distributed to an independent, disinterested non-profit organization. Currently, bond debits go to the Internet Education Foundation. The Internet Education Foundation is a 501(c)(3) non-profit organization dedicated to educating the public and policymakers about the potential of a decentralized global Internet to promote democracy, communications, and commerce. You can find out more about the Internet Education Foundation at http://www.neted.org.

Actually, it is quite useful

[Tor]

SpamAssassin gives a negative score to IP addresses listed in the IronPort bonded sender program. This has several times prevented my wife's email from her work address (at Charles Schwab) to our home machine from being mistakenly blocked; because she uses MS Outlook with "custom" stationaries, SA normally gives a pretty high score to her mail based on content checks alone.

The idea is similar to Habeas - use this service if your business is legitimate; spammer abuse will be dealt with by the provider (in this case, IronPort will take their deposit, and remove them from the whitelist).

I like this service. It is not a magic bullet, but one among many checks that is quite effective in more accurately block spam and only spam.

Re:I thought Microsoft already sold their email li

[fermion]

I have a hotmail account that I use only to complain about spam. The address in never listed anywhere. I use it for no other purpose. It has never recieved any spam. This may be because it is listed somewhere as a known malcontent, but to be fair, I see not evidence that MS sells addresses. This is very different from other services.

Send e-mail to a hotmail user -- get more SPAM!

One more way Microsoft has created bad-will.

Perform a simple experiment.

• Create 2 new Hotmail accounts (carefully uncheck all the opt-in stuff). -- experimental and control.

• Create 2 new Yahoo (or similar free service) addresses. Similarly don't opt in to anything. -- also experimental and control.

• Send an e-mail from your brand-spankin' new yahoo experimental account to the hotmail experimental account

Within a week, your experimental yahoo account will start getting viagra and grey-market software offers! Your control accounts will more than likely remain unmolested.

I'm not kidding.

Seriously, I have accounts that used to get zero spam until I started e-mailing people on hotmail. It wasn't until I ran a couple test messages from my spam-free yahoo account to the hotmail account that I realized how I got on the list.

It's TRUE!

Hotmail Popper - use Rules

[daniel+de+graaf]

Actually, I use Hotmail Popper to get the mail through POP3 and use an Outlook rule to get rid of these messages. Then, it is accessed every day (or so).

However, it's now shareware - I still use the 2.1.1 freeware version and it works fine. Could email you it from "dg dg 83 p at hot mail" if you want it.

New revenue stream??

[EmbeddedJanitor]

So who gets the 20k and how do they get it? I bet the abusee gets none of it.

I can see this whole thing just mealting down to be a mechanism whereby MS periodically smacks a spammer's hand and takes the $20k or part thereof. Nice money for MS, nice legitimised biz for spammers. Everyone wins except the abusee.

Does anyone use hotmail for real email?

Who the hell uses hotmail for real email? I've got a couple of hotmail accounts which I use to register with some websites where you're not allowed access till you're registered. Most of these dump their cr*p in my hotmail account, in addition to the 2 bajillion viagra, mortgage, loan, and sexy babe emails every day.

If hotmail were shut down, that would reduce the world's spam numbers by 70%.

Re:I thought Microsoft already sold their email li

[DavidD_CA]

I thought Microsoft already sold their email list.

What article were you reading?

Perhaps it's you who should "get a clue"

[cipher+chort]

"Clearly on one side of the battle" you say, well lets see what side that is, shall we? A little trip through the WayBack machine is in order, I think...

IronPort's original product

Hmm, what is that? Oh yes, it's the first product IronPort Systems ever sold. What does it do? Why, it sends up to 500,000 messages an hour and opens up to 10,000 simultaneous connections! Yes, those certainly look like "anti-spam" measures to me.

Let's take another snapshot from the Internet Archive, this time look at the news items at the bottom of the page: Interesting marketing tips from IronPort

Wow, most of them talk about "maximizing your e-marketing dollars" and "are you emails getting through?". Yep, looks like fighting against spam to me...

Here's another snippet, notice how they make mention of how well they deal with spam filters on the recipient's end. Also notice the words about multiple "campaigns" happening simultaneously and being able to assign 256 IPs to one device, hmm, why would you need 256 IPs to send e-mail? buy our servers because we try to evade spam filters!

In fact, while the first archive of www.IronPort.com is from Aug 26, 2001 it wasn't until Apr 02, 2003 that their "C series" was displayed. For close to 2 years they exclusively sold and marketed "marketing" servers before they ever came out with e-mail "protection" servers.

Even today, the bulk of the anti-spam functionality in their products comes from an OEM agreement with Brightmail, so that shows you how many of their own resources they been dedicating to "fighting" spam.

Now, I have some friends at IronPort and they're actually nice people (no sarcasm this time). One of them actually works in the Bonded Sender program and the people working in that program aren't exactly tolerating spam, so it's not like the company is pure evil.

If you look at the company history, though, it should be apparent which side they're on. Actually, just look at the featured customers on their website. Nearly all of them are customers of the e-mail sending servers, not the e-mail receiving models. I'm sure everyone is familiar with what an upstanding corporate citizen click.doubleclick is... featured IronPort customer.

All right, that's about enough. Hopefully I don't get k-lined tomorr... er, today :-\

P.S. Nothing personal, I'm just setting the record straight.

Re:Perhaps it's you who should "get a clue"

[dba69]

Plain and Simple, it's just a better MTA. IronPort's original product was purchased by DoubleClick, CNN, Major League Baseball, CNET, AOL etc.

1 Facts to consider:

They've never offered a product or technology to get through or around spam filters or take advantage of open relays.

Makes no difference to me

[trigggl]

My spam filter is set to block anyone not in the address book, which doesn't work for M$ emails, but does for everything else. Now that M$ isn't charging space for items in the Spam folder, I don't care who emails me there. If I'm not expecting it, I won't see it unless I look in the Junk Drawer. In four years, I've found one email I was not expecting that was from someone I know in the Junk.

There was a time that I let my computer trust everything from Microsoft. Those days are long gone. Microsoft is no better or worse than anyone else that values profit over quality. I just don't trust anyone that is clearly geared that way.

As has already been stated, I use Hotmail for registration purposes only, now. There was a time I really liked Hotmail. That time was before M$ owned it.

They don't sell it

[trigggl]

I have a Hotmail account that I don't receive any Spam on. I also have one that I do receive a lot on. There are spammers out there that know how big hotmail is and they program their email clients, or whatever program they use, to choose addresses at random. It's kind of like a password cracking program. If you choose your username like you choose your password, it will be harder for spammers to find you. I'd tell you what I did to prevent the spam, but then I'm sure the spam would start coming. I have a feeling spammers read /.