Microsoft Will Sell Whitelist Services For Hotmail

Ec|ipse writes "Looks like Microsoft has found another way to make money, this time from spam. Microsoft has adopted a "whitelist" program (Bonded Sender by IronPort) which will allow marketers to pay Microsoft so that they are included on a special whitelist, guaranteeing uninteruptable delivery of their messages to Hotmail and MSN users. You can catch the full article at Excite. I especially like the nice naming for spammers, calling them 'marketers' sounds so much more legitimate." mgibbs adds "Hopefully the $20K fine that results from abuse of this system is enough to deter spammers."

And then

[GarbanzoBean]

And then they will charge users extra for "adv free" service. Oh wait, I thought they were talking about phone companies.

This should encourage everyone to move to Gmail!

[mike_diack]

Looks like they've just pointed a double barrelled gun at their feet. If they were trying to avoid wholesale migration away to either:
- Google's Gmail OR
- Novell's MyRealEmail....

Then this is a f***ing dozey way to do it!

why using hotmail?

[Frederic54]

I had an hotmail address years ago, back in the day before MS buy the domain... I never really used it... and I still don't know why people need an hotmail address? passport thing? you can live without it and without MSNM you know...
/. should make a poll to know who has and who hasn't an hotmail address, and in comments we would know why people who has one, well... has one.

Re:why using hotmail?

[s4m7]

and I still don't know why people need an hotmail address?

Ehh, where else am I going to go for a mailbox just to collect spam from all the "email required for free reg." sites I've visited? Seriously, collecting spam is the only thing I've ever used my hotmail address for, and frankly, the service is perfect for it. I use my hotmail address for almost all my dealings on the web with sites I don't fully trust. and I get almost no spam in my work account, or my home host account.

Little Guy

[millahtime]

So, Once again they get the little guy. What about that small nonprofit running their own mail server. Or that small business running their own mail server. They have to pay the same as the big business.

Large companies can afford to drop a payment on this but the small business/non-profit sure can't.

following Yahoo's footsteps

[Lumpy]

Yahoo has been doing this for a LONG time.

they have their "spam" filtering yet there are types of spam that will not go away as they have "special" spam from their "partners" that will NEVER EVER hit their filtering rules for spam.

I am betting that ALL free email sites will do this within this year.

Re:This is a BOND, not a payment

[rixstep]

What difference does that make? They're still spamming. I don't care if they do have a valid return address: 'unsolicited' is still 'unsolicited'.

Selling Data

[BlackHawk-666]

So does that make them "trusted partners" now, and does that therefore allow them access to your personal data in at least an aggregated form? I'm not and never will be a hotmail user, so I don't know the contents of their license agreement with the users, but I'm not beyond suspecting that MS will soon be selling your data to these spammers so they can target you even better.

MSN does not sell, rent or lease its customer lists to third parties. MSN may, from time to time, contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases, your personal information (e-mail, name, address, telephone number) is not transferred to the third party. We occasionally hire other companies to provide limited services on our behalf, such as handling the processing and delivery of mailings, providing customer support, processing transactions, or performing statistical analysis of our services. We will only provide those companies the personal information they need to deliver the service. They are required to maintain the confidentiality of your information and are prohibited from using that information for any other purpose.

Yup, I guess it does give them the right to do that.

Sigh.

[The+Fanta+Menace]

I fail to understand why anyone even bothers with hotmail anymore. There's nothing less professional looking than putting a free-email address on your business card or website.

Do any journalists know how to use english?

[hiroko]

mixed metaphors...
allow legitimate marketers to thread the gauntlet of spam filters

• run the gauntlet
• thread the needle

choose one.
D.

Re:This is a BOND, not a payment

[jtwJGuevara]

I concur. Isn't this fighting what Microsoft has allegedly stated they want to stop: the unsolicited sending of marketing based messages through the inboxes of every consumer and business employee? I didn't RTFA but judging from the gist of the summary I have to call major bullshit on Microsoft's stance on discouraging spam and creating technology to reduce/eliminate spam, and then pulling a tactic such as this to allow "marketers" who are legitimate to still send marketing emails in mass. Perhaps I missed something over the past 5 years regarding the definition of spam. I always under the impression that spam was the sending of any unsolicated message by a for profit agency in mass to a multitude of internet users. If that isn't what it is then I'll be eagerly awaiting Microsoft's marketing department to enlighten me on the subject.

Re:If only they would share the proceeds

[retards]

So what if it would weed out only non-serious marketers? You're implying there is 'legit' spam out there, that there actually should be a market for this shit.

People here should know that putting a pricetag on something doesn't make everything kosher.

Bulk mail without opt-in should be criminalized regardless if the envelope is paper, SMTP or whatever. Bulk mail is just another form of 'I have money, I can send propaganda to anybody, you cannot stop me, muahahaha!".

Rant over.

Re:This is a BOND, not a payment

[nodwick]

What difference does that make? They're still spamming. I don't care if they do have a valid return address: 'unsolicited' is still 'unsolicited'.

It actually could make a difference, if it makes spam economically unprofitable for spammers. Spammers make their money from the fact that they can send out a bazillion emails and survive on very tiny response rates. By increasing the cost of sending spam, in the form of seized bond funds, Microsoft can make it infeasible for spammers who post bonds to profitably send unsolicited spam. This is also the idea behind those "internet postage" and other proposed spam-defeating measures.

The beef I have with this scheme is that since it's the user that's inconvenienced by the spam, the bond money should be sent to them in the event of a violation. The fact that Microsoft is the one getting the funds is what makes it seem like a money grab.

May be a good, realistic approach

[RhettLivingston]

Anyone thinking there is a greed motive for this is wrong. There is no way that Microsoft would trade this much bad press for the paltry amounts of money that this could generate. So, here's what I think is happening.

Microsoft has been pursuing various antispam paths, but the ultimate one, enforceable legislation to stop it, has encountered some resistance unless the legislation's effects are limited in some way. I think they are trying to counter some of this resistance.

There are occassions that I get "spam" from software companies (whose products I've used in the past) advertising new products. I don't mind that kind of spam, yet I almost always find them in my spam box because I use a pure white list approach and forgot to put the company on my white list.

The kind of spam that really drives me nuts and causes me to switch addresses is the spam that's looking for that one sucker in a million, the viagra spam, the refinancing spam, and the pornographic spam.

If the guidelines a) ban the improper spam while allowing contacts from other companies and b) strongly enforce requests to remove my email from a list, I could live with this system. Especially if they implement a one stop shop to manage whose lists I'm removed from.

But why would I want to live with this? Because it cuts the only leg of the spammers arguments that has been getting any mileage at all out from under them. If you create an enforceable system and say, "you can spam if you follow the rules of this system", then they can't argue that their "legitimate" spam is being blocked anymore and all antispam legislation suddenly gets a green light.

Re:This is a BOND, not a payment

[Syberghost]

So what? It's essentially a $20,000 fee to guarantee getting past the antispam filters of 170 million people.

That's cheap, and thus economically feasible.

It will keep out spammers who have a low-margin product that gets a low (.0001%) response rate, but for spammers that have a high-margin product or a high response rate, it'll be seen as a fee.

If the response rate is even .001%, it'll be profitable for things like penis enlargement pills.

Re:This is a BOND, not a payment

[wayne]

Sorry to give you one less reason to hate MS, but they are taking the money as a BOND, not as payment. MS only gets the money if the spammers don't follow their rules.

MicroSoft doesn't get the bond, bondedsender gets the bond. Bondedsender has an incentive to whack spammers quickly so as to get the bond money. This discourages spammers from using bondedsender, which encourages ISPs like MSN/Hotmail to use them.

If you get a spam from somone on the bondedsender program, just report it via spamcop.net. The report automatically goes to bondedsender. If you are not sure if the spam came from someone using bondedsender, just report it via spamcop.net and let them figure it out.

The article is unclear

[Croaker]

The original poster assumed that Microsoft is opening the door to spammers. What is unsaid in the article is if these e-mails were actually solicited.

I could see that legit ads (i.e. you definitely signed up to recieve them) might be tossed out with the huge amount of spam. What Microsoft *might* be doing here is saying "OK, you say you are opt-in, we'll let your stuff through, but we're gonna take a bite out of you if you are lying to us."

Unfortunately, the author of the article didn't bother to state exactly what the rules are that Microsoft is imposing. Roast the journalist, not Microsoft (at least, not yet).

Re:This is a BOND, not a payment

[galego]

As someone else noted ... 'unsolicited' IS 'unsolicited'. In fact ... the only reason to hate them less would be if they *DID* take the money and then pass on feature enhancements or work out legitimate discounts on legitimate products sold by those advertisers.

Think about it .. the way you describe the BOND works better for M$ and there's less work for them. I'm sure there's details I'm omitting/overlooking, but humor this conspiracy theory for a moment ...

1. Spammer (errr ... Marketer?) signs up for whitelist
2. Spams/Markets away on innocent bystanding email users and employs questionable/misleading/illegal tactics
3. Users are the ones who will end up policing it ... most likely by a few of them getting burned, and a few being vigilant and savvy enough to root out the bad guys.
4. M$ sits on the notice/'looks into it' until it becomes widespread common knowledge and can't be ignored (like most of their security holes).
5. M$ takes the BOND money, puts it in pocket and blacklists the Marketer ... or I guess it's really Spammer at this point, right?
6. Rinse & Repeat

Seems like a little bit of patience will get Microsoft some cash with little effort.

Re:This is a BOND, not a payment

[SupaMegaBuffalo]

The beef I have with this scheme is that since it's the user that's inconvenienced by the spam, the bond money should be sent to them in the event of a violation. The fact that Microsoft is the one getting the funds is what makes it seem like a money grab.

Well the users are getting an email account for free with Hotmail. If they were paying for their accounts then i can see some logic in that.

Re:In Denmark it is illegal to send spam!

[srmalloy]

In Denmark the marketing rules forbid people to send uninvited marketing material. Unless you specifically accept to receive it - it will be illegal (and punishable by court) to send it. ... So unless you check the checkbox somewhere in your hotmail registration, you will be able to sue MS - in Denmark at least...

Except for that paragraph waaaay down at the bottom of the "user agreement" that you just clicked past when you signed up for your Hotmail account, where it says something like "Microsoft reserves the right to send you advertisements from various business partners and other organizations. By accepting this User Agreement, you are consenting in advance to receiving these advertisements." You use someone else's free service, you play by their rules.

Terrible for small hosts/providers

[joshuao3]

This system could potentially hurt many small hosting companies and small businesses. Businesses that have their own mail servers, or small hosts that provide mail services for their clients are now going to have to pay more just to provide basic mail service. Telling people "sorry, you can't send to MSN accounts" is simply not acceptable. It doesn't matter if it's a bond or not, the fact is that a small host now has to pay a lot of money to provide an essential service to it's clients. IronPort could essentially charge whatever they want if they own exclusive rights with MS for this service.

This approach form Microsoft is scary as hell for small hosts/providers and I hope that it doesn't happen if there is only one whitelist that MS goes with. If there were multiple whitelists, then I'd feel much more comfortable.

Re:This is a BOND, not a payment

[Jaywalk]

They're still spamming.

No, they're not. It's bulk email, but it's not unsolicited. Looking into my junk mail folder -- the one that picks up the bulk email -- I see updates from ParentCenter.com, HomeDepot.com and PublicKnowledge.org. These are all organizations that I signed up for to send me regular updates, so it's not unsolicited email. But the company spam filter doesn't know that, so it sweeps them into my junk mail folder along with the Viagra and penis enlargement crap. If these companies were on a white list of companies that post a bond $20k against a promise to only send "opt-in" bulk email, the mail filter could be programmed to assume they're legitimate and I wouldn't have to keep checking to see how much legitimate mail I'm losing.

Re:This is a BOND, not a payment

[innocent_white_lamb]

It seems pretty clear that the "injured party" is the spamee here, not Microsoft.

You're paying for the bandwidth?

Re:It's also a list to avoid!

High volume email is not necessarily spam.

They are interested in helping people to send out legitimate high volume email. It's therefore in their interests to stop people sending unsolicited bulk email, which gets in the way of the legit stuff.

Re:This is a BOND, not a payment

[dasmegabyte]

I think a lot of anti-SPAM pundits on /. are actually anti-marketing pundits. Meaning they consider ALL email selling ANYTHING to be SPAM.

I grew up with publications that were, essentially, advertisements. Remember Computer Shopper? You never read the articles, did you? I sure didn't...but I read the ads. Same with RC Hobbiest. Nowadays, I get all sorts of cool publications and catalogues in the mail...VW Trends, Road Runner Sports, JC Whitney for Volkswagens, Crutchfield, Campmor, Victoria's Secret...and you know what, I look through them all. I don't always buy stuff, but I always find interesting things I didn't know existed (especially in that last one). Believe it or not, I enjoy that.

Now, email has opened up the door even further. I get catalogs from teeny tiny agencies that would never be able to offer them offline for the expense. I like that...I like looking through the clearance items at some obscure Bug shop in Tampa Bay that I'd never find out about otherwise. I just wish these mails would make it through my spam filter!

Actually, this DOES make sense

[Moryath]

Believe it or not, there ARE groups out there that advertise via email - but aren't spammers - that are arguably upset about spammers who clog inboxes.

One of them I buy stuff from infrequently - Overstock.com. I get an email from them every day, usually delete it right off, but I don't mind getting it because I did, indeed, sign up for it when I bought something from them the first time.

Ironport's service isn't just a "pay us lots of money and we'll look the other way" thing - the people in question do indeed have to stick to decent ethics about what they're selling, and to whom, and make sure it's damn easy to get off the list. So I view this as a relatively ambivalent thing.

It's not good, in the sense that spammers may manage to sneak in. But it's not bad, because the spammers will likely get zapped pretty fast, and because the idea of REAL companies putting up a bond of trust, "their money where their mouth is" so to speak with regard to a code of conduct, is a GOOD THING.

It's not technically unsolicited

[therblig]

If you go to their website, http://www.bondedsender.com, and look at their rules, you will see that they do have somewhat reasonable rules that must be followed. There are many more rules than just this, but here is the part under the section called "Consent."

Consent

V. Participating Senders must ensure that consent with appropriate disclosure or a prior business relationship exists prior to sending Commercial or Promotional Email Messages.

Acceptable forms of consent include:

Double Opt-In: (sometimes referred to as 'Confirmed Opt-In'): The Recipient affirmatively requests to add his/her email address to a mailing list. The Recipient receives a confirmation email and the Recipient confirms his/her request by replying or visiting a provided URL.

Opt-In with Verification: The Recipient affirmatively requests to add his/her email address to a mailing list. The Recipient receives a verification email notifying him/her of the subscription and providing clear unsubscribe instructions.

Opt-In: The Recipient affirmatively requests to add his/her email address to a mailing list. Pre-Selected Option with Verification: The Recipient consents to have his/her email address added to a mailing list by leaving a clear and conspicuous pre-selected option intact. The Recipient receives a verification email notifying him/her of the subscription and providing clear unsubscribe instructions. Commercial or Promotional Email Messages sent under this form of consent must include clear and conspicuous identification that the message is an advertisement or solicitation.

Pre-Selected Option: The Recipient consents to have his/her email address added to a mailing list by leaving a clear and conspicuous pre-selected option intact. Commercial or Promotional Email Messages sent under this form of consent must include clear and conspicuous identification that the message is an advertisement or solicitation.

Isn't this a step towards whitelist only?

[kcornia]

Seems to me like this is a step in the direction of entities eventually only accepting mail from "whitelisted" persons or groups, which will in all likelihood lead to a "fee" to be on a whitelist, thereby causing e-mail to no longer be free...

Maybe I'm being short-sighted, but this sounds fishy to me..

Re:Second side to this coin...

[Allen+Zadr]

Congratulations, you've just blocked a whole slew of reputable businesses, including Microsoft, Harvard University and ZD Net. Nobody in your office was expecting an online version of PC Magazine, right?

I hope that's really what you wanted.

Re:If only they would share the proceeds

[retards]

Are you serious? Id like to know just when the U.S. Constitution amended the constitution to make speech illegal.

I don't think I have the right to come into your house and speak my mind guaranteed by the constitution of the United States. This is about sending people stuff they didn't ask for because it's cheap for the sender, but (maybe) not for the receiver. If I was a billionare, maybe I would get kicks out of sending you 10 000 lbs of rocks and dumping them on your lawn, each day. Would you consider that freedom of expression?

I'd rather live with SPAM and bulk email than live with state-sponsored censorship.

I don't see how changing the default answer to the question of "do you want bulk mail" from "yes" to "no" for everybody infringes either freedom or security. I said "no bulk mail with out opt-in", not "you should never get bulk mail no matter what".

Apologies to Shakespeare for the paraphrase.

[the_rajah]

Spam by any other name...is still spam!

"Si hoc legere scis nimium eruditionis habes."
(If you can read this, you're overeducated.)

Let's fund both sides of the war

[please+explain]

The owner of the most spammed sites on the planet is partnering with the biggest spammer arms dealer to ensure open access to your Inbox for their customers

Re:The hole Ironport wants you to install

[dba69]

ISPs and other receivers of email from Bonded Senders do not sign any contracts to use the service. If the rules changed to the DMA 4 pillars, how many ISPs and other organizations would continue to query bonded sender? This program would die a quick death.

Rule changes will be dictated by the receivers and I hope another Goliath begins using the program so MS doesn't "own" the rules.

It's a delicate balance and if managed properly is extremely effective for ensuring delivery of VERY legitimate bulk senders (i.e. CNET - 40M emails per month, 2 complaints)