Microsoft Will Sell Whitelist Services For Hotmail

Ec|ipse writes "Looks like Microsoft has found another way to make money, this time from spam. Microsoft has adopted a "whitelist" program (Bonded Sender by IronPort) which will allow marketers to pay Microsoft so that they are included on a special whitelist, guaranteeing uninteruptable delivery of their messages to Hotmail and MSN users. You can catch the full article at Excite. I especially like the nice naming for spammers, calling them 'marketers' sounds so much more legitimate." mgibbs adds "Hopefully the $20K fine that results from abuse of this system is enough to deter spammers."

This is a BOND, not a payment

[Richardsonke1]

Sorry to give you one less reason to hate MS, but they are taking the money as a BOND, not as payment. MS only gets the money if the spammers don't follow their rules. Probably something like "must use real return address and have a unsubscribe link that doesn't add you to more lists."

In Denmark it is illegal to send spam!

[Saggi]

In Denmark the marketing rules forbid people to send uninvited marketing material. Unless you specifically accept to receive it - it will be illegal (and punishable by court) to send it. This law is not only to electronic e-mails but goes to all kinds of marketing. You are not allowed to call by phone to someone in order to sell them something (unless the user has registered his phone number somewhere and accepted to receive a phone call).

So unless you check the checkbox somewhere in your hotmail registration, you will be able to sue MS - in Denmark at least...

personal experience

[astanley218]

My company was informed of this bonded sender program by MSN/Hotmail support 2 months ago. At the time they claimed the Bonded Sender program was a third-party service with no affiliation to MSN/Hotmail or Microsoft. At the same time, they also claimed that even if you DO subscribe to the bonded sender program MSN/Hotmail will give no guarantee that your emails will be delivered!

Re:why using hotmail?

[AndroidCat]

It's handy to use for Usenet posting, a web site contact address or one-shot subscription signups. People can get in touch, and if I want to, I can shift communication over to a real mailbox. And every four years when the account gets joe-jobbed by a spammer or nut cult, I just open the next account in sequence. (I'd better update my /. journal.)

MS isn't sellling anything, they are buying

[wayne]

A classic screwed up slashdot submission.

MicroSoft isn't selling anything, they are using the services of another company, namely bondedsender.com.

Who are bondedsender? They are part of ironport systems, who also own spamcop.net. Spam reported to spamcop.net automatically gets reported to bondedsender.com and the spammer gets whacked.

This is really good news because spamcop.net/ironport were recently sued by the spammer snotty scott richter. This means that ironport will have more income to not only fight the spam lawsuit but fight spam in general.

Re:This is a BOND, to IRONPORT

[Allen+Zadr]

The bond is to IronPort and is relinquished to IronPort.

IronPort is NOT Microsoft! IronPort is selling a service which Microsoft has purchased for the purpose of using on Microsoft's Hotmail (and MSN) mail service.

Not how it works

[mikeage]

This is a very misleading summary. Basically, the bonded program (which even spamassassin recongnizes and assignes according a minus "point") requires mailers to put up a bond before their emails are allowed. They still cannot send spam, however, they may only send mail to registered users. If users complain, the company has to either prove they joined or pay up.

READ THE FUCKING ARTICLE

[Trailer+Trash]

Okay, people, there are about two clueful people who have posted so far, and about 50 idiots who are yelling "Microsoft is taking money to allow spamming". READ THE ARTICLE. Holy shit.

For those too st00pid to read it, here's your list of clues. Microsoft gets no money, IronPort gets the money.

If you're a legitimate emailer (i.e. you email to people who have asked for email) IronPort takes the $20K up front as a bond. If you spam, you get knocked off the whitelist and they take your $20K.

It's not "pay $20K and spam all you want". It's "put up $20K to say that you won't spam".

As someone else here said, their standards are *very* high. You must have no more than 1 complaint per million emails, which is a very low number. Having run double-opt-in lists myself before, I assure you that cluefucks will complain about something that they signed up for (and confirmed) the day before.

As an ISP, let me say that this is a great program.

They are very anal

This isn't as bad as the 'Article' says, but...

[Arker]

I must say I'm really disappointed in this. Ironport have generally been good guys, but their trust level just plumetted. If you read the sender standards page you'll notice that, while they are at least trying to rule out some of the worst spam, their standards explicitly do allow spam (by diluting the concept of 'consent' to the point it's unverifiable and thus meaningless.) On the other hand, it doesn't sound like they're going to try to adjudicate complaints, just charge a small fee for each one and make judgements based on the sheer number of complaints, so it will be interesting to see how that works out. If enough end-users refuse to tolerate spam, that could effectively keep it out of the whitelist, even though the 'standards' are written to allow it.

Re:It's also a list to avoid!

[Electrum]

IronPort's business is SPAM prevention.

Actually, they play both sides of the fence.

Re:It all makes perfect sense now.

[Christopher_G_Lewis]

Actually, (after quite a bit of searching, mind you) according to this Fees the fine, while small, would not be insignificant.

They're talking $20 per complaint, after your "free" complaints per month. Which, for the "low" volumne bulk sender( less than 1,000,000 per month), is 1 complaint per month.

So, for the above example, 10 complains - 1 free complaint * $20 is $180. The sign up costs are $375 Application, $500 license, $500 bond.

So after your first month, you've spent $875, bonded $500, e-mailed 500,000 messages, and lost $180.

And somewhere else, I thought read that if your bond drops below half, you have to replace it. So they've effectively created a charge system for spam.

This would be quite nice if they donated some of the bond money to, say, the SpamAssassin Development Team, or maybe SourceForge.

The hole Ironport wants you to install

[Animats]

IronPort wants you to install a hole to let their stuff through. For SpamAssassin, for example, they want you to put in

• header RCVD_IN_BONDEDSENDER eval:check_rbl('relay', 'sa.bondedsender.org.')
  describe RCVD_IN_BONDEDSENDER Received via a whitelisted Bonded Sender address
  score RCVD_IN_BONDEDSENDER -100.000

Note that "-100.000". That says "accept this, even if it looks like spam". You might want to use, say, "-3.0" instead. Give them a little credit, but don't open the floodgates.

Watch for spam with the "RCVD_IN_BONDEDSENDER" flag in the X-Spam-Status header line. You might want to have Mozilla (I assume Slashdot readers aren't using Outlook) move such messages into a "Bonded Sender" folder. That lets you watch what they're sending.

As soon as you find a real spam passed by BondedSender, please post it to NANAE.