Slashdot Mirror
Microsoft Will Sell Whitelist Services For Hotmail
Ec|ipse writes "Looks like Microsoft has found another way to make money, this time from spam. Microsoft has adopted a "whitelist" program (Bonded Sender by IronPort) which will allow marketers to pay Microsoft so that they are included on a special whitelist, guaranteeing uninteruptable delivery of their messages to Hotmail and MSN users. You can catch the full article at Excite. I especially like the nice naming for spammers, calling them 'marketers' sounds so much more legitimate."
mgibbs adds "Hopefully the $20K fine that results from abuse of this system is enough to deter spammers."
Sorry to give you one less reason to hate MS, but they are taking the money as a BOND, not as payment. MS only gets the money if the spammers don't follow their rules. Probably something like "must use real return address and have a unsubscribe link that doesn't add you to more lists."
"Men lie."
"Yeah, about sleeping with other women, but never about bioluminescent plankton."
-Dan Brown
In Denmark the marketing rules forbid people to send uninvited marketing material. Unless you specifically accept to receive it - it will be illegal (and punishable by court) to send it. This law is not only to electronic e-mails but goes to all kinds of marketing. You are not allowed to call by phone to someone in order to sell them something (unless the user has registered his phone number somewhere and accepted to receive a phone call).
So unless you check the checkbox somewhere in your hotmail registration, you will be able to sue MS - in Denmark at least...
-:) Oh no - not again.
www.rednebula.com
My company was informed of this bonded sender program by MSN/Hotmail support 2 months ago. At the time they claimed the Bonded Sender program was a third-party service with no affiliation to MSN/Hotmail or Microsoft. At the same time, they also claimed that even if you DO subscribe to the bonded sender program MSN/Hotmail will give no guarantee that your emails will be delivered!
It's handy to use for Usenet posting, a web site contact address or one-shot subscription signups. People can get in touch, and if I want to, I can shift communication over to a real mailbox. And every four years when the account gets joe-jobbed by a spammer or nut cult, I just open the next account in sequence. (I'd better update my /. journal.)
One line blog. I hear that they're called Twitters now.
MicroSoft isn't selling anything, they are using the services of another company, namely bondedsender.com.
Who are bondedsender? They are part of ironport systems, who also own spamcop.net. Spam reported to spamcop.net automatically gets reported to bondedsender.com and the spammer gets whacked.
This is really good news because spamcop.net/ironport were recently sued by the spammer snotty scott richter. This means that ironport will have more income to not only fight the spam lawsuit but fight spam in general.
SPF support for most open source mail servers can be found at libspf2.
It doesn't matter how you guard your email address. Unless it is a senseless string of characters, someone will eventually send to it. I saw spammers trying huge (10K+ entry) lists of randomly generated lists of names (aaab@aol.com, aaac@aol.com,aaad@aol.com, and so on). Then they would try adding different domains to names known from a first domain (jims@aol.com, jims@hotmail.com, and so on...) You can't just guard your address. Someone will still find you to deliver spam.
Boys from the City. Not yet caught by the Whirlwind of Progress. Feed soda pop to the thirsty pigs.
IronPort is NOT Microsoft! IronPort is selling a service which Microsoft has purchased for the purpose of using on Microsoft's Hotmail (and MSN) mail service.
Kinetic stupidity has a new brand leader: Allen Zadr.
The bond is held by BondedSender, i.e. IronPort, not Microsoft. According to their site "Proceeds from bond debits are not retained by IronPort Systems and are instead shared with third-party non-profit organizations."
This is a very misleading summary. Basically, the bonded program (which even spamassassin recongnizes and assignes according a minus "point") requires mailers to put up a bond before their emails are allowed. They still cannot send spam, however, they may only send mail to registered users. If users complain, the company has to either prove they joined or pay up.
-- Is "Sig" copyrighted by www.sig.com?
IronPort's Whitelist access is available, here.
Kinetic stupidity has a new brand leader: Allen Zadr.
run the gantlet.
Gauntlets are pieces of armor for the hands. See here and here.
The SpamAssassin test USER_IN_DEF_WHITELIST checks to see if the sender is in the list of companies that are on its built-in white list. Network Solutions, internic, register.com, nytimes.com, amazon.com, mypoints, paypal, the FT, Palm, Handspring and others are all on it. They don't sell access to it, so it is not the same as what Microsoft is doing. It is similar, however, in that some companies get a free pass (well, up to -15) for any mail that they send out.
-- http://www.swcp.com/~hudson/
Okay, people, there are about two clueful people who have posted so far, and about 50 idiots who are yelling "Microsoft is taking money to allow spamming". READ THE ARTICLE. Holy shit.
For those too st00pid to read it, here's your list of clues. Microsoft gets no money, IronPort gets the money.
If you're a legitimate emailer (i.e. you email to people who have asked for email) IronPort takes the $20K up front as a bond. If you spam, you get knocked off the whitelist and they take your $20K.
It's not "pay $20K and spam all you want". It's "put up $20K to say that you won't spam".
As someone else here said, their standards are *very* high. You must have no more than 1 complaint per million emails, which is a very low number. Having run double-opt-in lists myself before, I assure you that cluefucks will complain about something that they signed up for (and confirmed) the day before.
As an ISP, let me say that this is a great program.
They are very anal
Do you have ESP?
You don't need a hotmail account to use MSN messenger. You can use your own e-mail address:
LINK
I believe the intention of the whitelist is for companies like airlines, Fedex, etc to send legitimate email notifications to their customers without having to worry about SpamAssassin throwing their email in the trash.
Presumably there is some sort of due diligence that is done before bonded status is granted so that any ol' spammer can't just pony up $20k and get on the list. One thing is for sure -- they wouldn't stay on that list if they are found to be spamming.
Fron the list of Directors at Ironport.com:
JACK SMITH: CO-FOUNDER AND INVENTOR, HOTMAIL CORPORATION
"...After the acquisition, Smith worked as Director of Engineering at Microsoft...then leading a team developing next generation Internet software infrastructure."
DOUGLAS C. CARLISLE: MANAGING DIRECTOR, MENLO VENTURES
Former board memeber of Hotmail.
SCOTT BANISTER: CHIEF TECHNOLOGY OFFICER
"Scott started his career as a pioneer in the email business. He was founder and VP Technology of ListBot...ListBot was acquired and became Microsoft's ListBuilderTM, part of the bCentralTM suite of business offerings..."
SCOTT WEISS: CEO
"...Scott was one of the early team members at Hotmail, the world's largest web-based email service. At Hotmail, Scott was responsible for all partnership and revenue generating business development efforts. It was this experience at Hotmail that helped Scott identify the emerging business opportunity that would later evolve into IronPort Systems. After Hotmail's acquisition by Microsoft, Scott led a business development team at Microsoft with the MSN division. "
No, they're not Microsoft. But they're dang close.
I must say I'm really disappointed in this. Ironport have generally been good guys, but their trust level just plumetted. If you read the sender standards page you'll notice that, while they are at least trying to rule out some of the worst spam, their standards explicitly do allow spam (by diluting the concept of 'consent' to the point it's unverifiable and thus meaningless.) On the other hand, it doesn't sound like they're going to try to adjudicate complaints, just charge a small fee for each one and make judgements based on the sheer number of complaints, so it will be interesting to see how that works out. If enough end-users refuse to tolerate spam, that could effectively keep it out of the whitelist, even though the 'standards' are written to allow it.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
IronPort's business is SPAM prevention.
Actually, they play both sides of the fence.
can i use this "whitelist" as a "blacklist" it seems a handy thing to have a list of self confessed spammers
header RCVD_IN_BONDEDSENDER eval:check_rbl('relay', 'sa.bondedsender.org.')
describe RCVD_IN_BONDEDSENDER Received via a whitelisted Bonded Sender address
score RCVD_IN_BONDEDSENDER +100.000
should work for SpamAssassin 2.2x/2.3x
The +100.000 should ensure they get marked as spam.
Actually, (after quite a bit of searching, mind you) according to this Fees the fine, while small, would not be insignificant.
They're talking $20 per complaint, after your "free" complaints per month. Which, for the "low" volumne bulk sender( less than 1,000,000 per month), is 1 complaint per month.
So, for the above example, 10 complains - 1 free complaint * $20 is $180. The sign up costs are $375 Application, $500 license, $500 bond.
So after your first month, you've spent $875, bonded $500, e-mailed 500,000 messages, and lost $180.
And somewhere else, I thought read that if your bond drops below half, you have to replace it. So they've effectively created a charge system for spam.
This would be quite nice if they donated some of the bond money to, say, the SpamAssassin Development Team, or maybe SourceForge.
www.christopherlewis.com
No, someone asked if they could block a whole slew of reputable businesses and I told them how one would go about doing it. I have no intention of implementing that on my mail server.
Snipped from http://www.bondedsender.com/fees.jsp , so you don't tucker yourselves out having to read a bunch of words...
describe RCVD_IN_BONDEDSENDER Received via a whitelisted Bonded Sender address
score RCVD_IN_BONDEDSENDER -100.000
Note that "-100.000". That says "accept this, even if it looks like spam". You might want to use, say, "-3.0" instead. Give them a little credit, but don't open the floodgates.
Watch for spam with the "RCVD_IN_BONDEDSENDER" flag in the X-Spam-Status header line. You might want to have Mozilla (I assume Slashdot readers aren't using Outlook) move such messages into a "Bonded Sender" folder. That lets you watch what they're sending.
As soon as you find a real spam passed by BondedSender, please post it to NANAE.
What does the Hormel product have to do with unsolicited commercial email?
The upper case version of the word is trademarked by Hormel, and is acceptable for breakfast (depending on personal taste). The lower case version of the word refers to unsolicited commercial email and is acceptable for hunting someone down and kicking their ass when they send pictures of hot asian teenagers having sex with men who have enhanced their s1ze and are taking \/1c0d1n and v1@gr4 they bought in an online f4rmecy to your 11 year old kid.
WWJD? JWRTFA!
Microsoft really needs to do something about it's image -
Having been landed in court for antitrust violations and with their software needing updates every week, Microsoft are really looking bad, and people are really looking for an alternative.
With MacOS and Linux getting updated so much faster, the software Giant and Monopolist will need to act quick if it wants to stand any chance of making it through the to the next decade.
I opened a hotmail account once. My company decided to adopt MS Instant Messaging as a standard and I did not want to give out any real email addresses to set up the .NET Passport thingy so I createrd a new Hotmail account. I was recieving spam in the account within 24 hours.
Insert Generic Sig Here: