Hotmail vs Goodmail

Frequent Slashdot Contributor Bennett Haselton wrote in with his latest column. He says "Are we being too hard on Goodmail for their plans to charge senders a quarter-penny per message to bypass companies' spam filters? Hardly anyone has mentioned that Microsoft has been doing the same thing for years, only (surprise!) charging more. Hotmail lets senders pay a $1,400 "fee" to help get through their spam filter; when I wrote to them about my newsletter being blocked as spam, they said they knew it wasn't spam, but they told me several times they would not even talk about unblocking it unless I paid the $1,400. It's odd that so little attention has been paid to Hotmail's program, since it not only mirrors the Goodmail situation, it validates Goodmail's critics who have said that once you start charging to bypass spam filters, the next step is the marginalization of people who won't pay." Read on for more words.

As you hear words like "Hotmail" and "AOL", you may be tempted to think this doesn't affect you if you've outgrown those companies, but I think that's a mistake. First of all, if you think you might ever run a business that publishes an e-mail newsletter, you'll have to worry that your mail might be blocked unless you pay to unblock it. Second, even if you're only a subscriber to a company's newsletter and you're not worried about filters on your e-mail address, the company publishing the newsletter has to spend time and resources getting their mails unblocked that they send to other people, time that could be otherwise spent improving their services. Third, even if you're not on the Internet at all, in a real sense it affects the kind of world we all live in, if the wealthy are able to communicate with their listeners more easily than everyone else (that gap has always existed, but the Internet narrowed it, and then unblocking-mail fees widened it a little). If the Republican National Committee can get their mail out and MoveOn.org can't, then that could influence elections, and could affect your life even if you're an Iraqi peasant goat farmer who hasn't updated his blog in weeks. And of course what Microsoft and AOL do, sets a precedent for what other companies can get away with -- so every anecdote about boneheaded mail filtering that you hear about, is potentially significant if it could become the norm.

I wasn't thinking about this when I wrote to Hotmail in 2006 about their users missing our e-mails because of the filter blocking them as "spam", as I jumped through some hoops before talking to a human. But the mentality of the people that I talked to seemed to be that "non-paying sender" and "spammer" were more or less equivalent. I explained that we only send mail to people who request it, we verify all new subscriptions, and every message contains an unsubscribe link. Hotmail replied, "The filters are there for the protection of hotmail subscribers. The Junk Mail Reporting program isn't in place to help you circumvent those filters... I recommend you do what you can on your end to educate your subscribers, keep your mailing lists up to date and follow the other guidelines for senders on the postmaster.msn.com site and don't expect our junkmail filters to be modified." Call me a dreamer, but I thought the whole point of having humans in the loop was that if the filter is making a mistake, you can modify it.

(Many people have suggested that I publish via RSS instead of e-mail. For me the problem with that is that our newsletter is used to send out the location of new sites for getting around blocking software, so that by the time the last sites have gotten blocked in most places, the new ones are being mailed out. As long as people can access their e-mail accounts, they can get the new site announcements. But if we used an RSS feed instead of e-mail, then blocking software companies would just block our RSS feed. And besides, even a normal newsletter publisher would lose most of their existing subscribers if they told everybody that they had to switch over to RSS to receive the newsletter in the future. Is it right that they should have to pay that penalty just because an ISP is falsely labeling their mail as spam?)

The $1,400 "fee" that you pay to help get your mail unblocked at Hotmail's servers, is to a third-party company called Sender Score Certified, formerly known as Bonded Sender, whose certifications are used by Hotmail. I didn't think I could get anywhere discussing with them the ethics of charging people to unblock their mail as spam, so instead I asked them, what would happen if someone forked over the cash and then their enemies started filing phony "spam" complaints against them, hoping to get their certification revoked? I think this is an important question for any spam policing system, but unfortunately it usually puts people on the defensive, because there's no real answer -- if you accept spam complaints, then you allow crackpots to do damage, and if you don't accept spam complaints, how do you know if a client is spamming? Bonded Sender's rep replied, "Do you really have that many enemies? If you are running a true 'non-profit', who is that mad at you? Maybe finding this out should be a little higher on the agenda. Where is the 'peace' in Peace Fire?" I asked the same question again, and eventually he said that complaints were based on SpamCop complaints -- a system known for being set up so that anyone could report anyone as a "spammer" without proof -- and that each such complaint would cause $20 to be depleted from your bond, and once it was all gone, you'd lose your certification.

"After reading all of your emails you have sent me," he continued, "it seems that you aren't really trying to find a solution to anything. You are mainly interested in pointing out flaws in programs and letting me know about how people don't like you." Actually I don't think I have enough enemies to cause me serious problems, but I'm working on it! I aspire someday to reach the level of notoriety achieved by groups like MoveOn.org, who does have enough enemies that if systems like Hotmail's were widely deployed, MoveOn would have to worry about militants falsely reporting their mails as spam in order to cost them money and/or get them blacklisted. That's the other basic problem with certification systems: they don't just favor the wealthy, they also favor the non-controversial. Do we really want an Internet where everyone has to be careful about who they offend, because anyone could get them listed as a spammer? I mean, that would be like having a free online encyclopedia where anyone could edit your bio and say that you killed someone!

Is it legal to block someone's mail as spam until they pay you money? Whoah, before I even use the l-word, I'd better insert a disclaimer. No, not that disclaimer. Nobody could possibly think that I was a lawyer after I filed motions in court with the pages stuck together to prove that judges weren't really reading them, unless I had some kind of career death wish. The disclaimer is that at least from my own experiences suing spammers, the law is whatever the judge wants it to be. Some judges say you can sue spammers out-of-state, and some say you can't. Some of them say you can sue in Small Claims only if you've lost money, and some say you can sue for damages even if you haven't lost anything. Some of them say a non-lawyer is allowed to represent their own corporation in court, and some say no. If judges don't even agree on the basic rules, good luck getting a legal consensus on a more abstract issue. Asking objectively if deliberately blocking non-spam e-mail is "legal" is like asking "Do apples taste good?"

But as a general rule, I think courts take a dim view of systematically publishing false statements about someone to try and get them to pay you off in order to stop. Unless you're a spammer, every time Hotmail labels one of your messages as "Junk Mail", they're publishing something untrue about you (at least to everyone who sees the message labeled as junk), and if you've brought it to their attention, then they may agree the statement is untrue but they go on making it anyway. In libel law, liability is partly determined by how much someone has been harmed by the false statements about them; in the case of mail being blocked as "Junk Mail", the harm is about as direct as possible, since because it was falsely labeled as spam, most users will never see it. This is why I think people who say "Hotmail/AOL/Yahoo can do whatever they want with their private network" are missing the point. If I used my own "private network" to publish a subscription service that people use to find out the names of new convicted felons in their neighborhood so that they can avoid doing business with those people, would you have no objection if I "accidentally" included your name on the list, but promised to review your situation for one low fee of $1,400?

There was a time in the late '90's when if Microsoft had said they were going to be blocking non-partner e-mails as "junk mail" unless senders paid a $1,400 "fee" to get unblocked, Congress would have hauled up Bill Gates and given him a good wedgie and told him to cut it out. But these days the Department of Justice doesn't have time to worry about other people's lost e-mail when they can't even lose their own e-mails properly.

All this happened at about the same time Goodmail was first attracting controversy for charging senders a quarter penny per message to bypass AOL's spam filters. When the EFF registered DearAOL.com to call attention to the issue (now defunct, but the Wayback Machine saved a snapshot), I hopefully registered DearHotmail.com in case any anyone wanted to use that example as well, but nothing ever coalesced around that. Meanwhile, some random mis-fire seems to have cancelled out some other random mis-fire, and Hotmail is apparently no longer blocking my mail, at least until this article gets published.

As far as I can tell, the only reason Hotmail got off scott-free and AOL/Goodmail didn't, was that Hotmail snuck their system in quietly, while AOL and Goodmail announced their partnership with great fanfare, apparently overestimating the extent to which e-mail publishers would greet them as liberators. This doesn't reflect very well on the outrage grapevine, people.

But the lesson took -- when Goodmail recently announced their partnership with four more e-mail providers, Goodmail featured a press release on their own site, but of the four ISPs, Verizon was the only one issued their own press release. Apparently the other three saw what happened with AOL/Hotmail and got the message.

You didn't ask, but my own idea for an anti-spam system would be to follow a protocol such that when you reply to a list server to confirm your subscription, the reply goes to an address like:

list-peacefire-confirm-481534893-sender=bennett=peacefire.org@mailserver.com

When you send that reply from your Hotmail account, Hotmail would see the "sender=bennett=peacefire.org" part of the address you're replying to, and recognize that to mean that you want to receive future messages sent from bennett - at - peacefire.org. So future messages from that address would be weighted not to be blocked as spam for that user. It wouldn't do anything to unblock person-to-person messages that get blocked as spam, but those are not mis-blocked as often as legitimate newsletters are, and this method would give newsletter publishers a way to get whitelisted at the same time that the user confirms their subscription. It wouldn't be perfect, since if the user then unsubscribes from the newsletter, but bennett - at - peacefire.org is a jerk and continues to send them mail, that mail would still get through because the Hotmail filter for that user still "remembers" that they confirmed their subscription, and doesn't know that they unsubscribed. However, the vast majority of nuisance spam comes from people you've never heard of, not from people whose newsletters you signed up for and then continued to send you mail after you unsubbed.

Or, suppose you're Amazon and you send mail to millions of users from orders@amazon.com, but you don't want everyone to have that address whitelisted because then a spammer could use the address "orders@amazon.com" to spam millions of people, hoping it would get through the filter of anyone who's an Amazon customer. So in that case people could confirm by replying to:

list-peacefire-confirm-481534893-sender=orders=amazon.com&senderip=72.21.203.1@mailserver.com

When the user sent their reply to that address, Hotmail would parse out the "sender=orders=amazon.com" part and the "senderip=72.21.203.1" part, and whitelist future mails from that address that come only from that IP.

I like this idea because it treats everyone equally, regardless of wealth or popularity, as long as they confirm subscriptions to their newsletter (which is regarded as good mailing list hygiene anyway). On the other hand, if you prefer filtering systems that work better for people who are rich and never offend anybody, then you'll be pleased to know that those seem to be winning.

To summarize:

Use Gmail

Re:To summarize:

[memojuez]

Ditto

Re:To summarize:

[Ngarrang]

And how long until Gmail does the same thing?

When more and more services are doing it, it becomes "common practice", which becomes "acceptable practice". Google may find someday they want the extra money it would provide.

"Do No Evil" is only as effective as your definition of "evil".

Re:To summarize:

[Com2Kid]

And how long until Gmail does the same thing?

GMail's spam filters are over 99.9% perfect after about a week of training from the user. I still occasionally check my spam folder, heck, yesterday a message was put in Spam that shouldn't have been, the first such occurrence in over a year. Although when I first signed up it happened quite a bit more often.

In comparison, when I last used hotmail (admittedly, quite a few years ago), they let lots of spam through, but regularly blocked emails I wanted to read. Hotmail even blocked emails from Microsoft! Game testing, so yes, I did want to receive those. I would add the sender to my safe senders list each time, but when ever a different email address was used to send out the invitation, oops...

Re:To summarize:

[networkBoy]

"Do No Evil" is only as effective as your definition of "evil".

Do no evil is only as effective as your product (users) sees it. If they leave in droves for the next !evil then so will your customers (advertisers in Google's case). It is fairly self limiting.

Now, you may retain enough users to still be profitable with the spam, ala hotmail, but I think the Gmail userbase is a bit less spam accepting.
-nB

Re:To summarize:

[zippthorne]

But don't forget to manually type the https:// because gmail defaults to plaintext.

Re:To summarize:

[WindBourne]

As opposed to MS? Or Yahoo? Or Apple? Or your Gov? Do not get me wrong. I think that Google having this much knowledge about us is worrisome. But, I also note that all the other major players are collecting info on us as well.

Re:To summarize:

[Solra+Bizna]

Until about a month ago, I was getting ~10 spam emails per day through the filters. All of them the same, obviously spam, subject lines ("RX_MEDS no pr3s needed" etc.) which on the one hand made me wonder how they were getting through but on the other made it easy to deal with them. Now I get one of those a week.

In my entire history at GMail, though, I've gotten one mis-marked legitimate message; and if someone else had been reading my incoming messages he would have thought it was spam too.

-:sigma.SB

Re:To summarize:

[jcluthe]

No $hit, I have had a hotmail account for at least 8 years, nothin' but spam, spam, spam! gmail (3 years) almost none.

Re:To summarize:

[Kashra]

The folks who SEND the newsletters don't have the luxury of telling all their subscribers to "use Gmail." They have to deal with the fact that a large percentage of their readership may not use Gmail (for any number of reasons) and the fact that Gmail exists doesn't help them in the least.

Re:To summarize:

[Blue+Stone]

>"yesterday a message was put in Spam that shouldn't have been, the first such occurrence in over a year."

Interesting - I have a couple of gmail accounts and the same thing happened to them - last week, one message that should have been in the inbox. It was particularly strange because one of the messages had a filter on it, to give it both a label AND a star (you would have thought ther'd be a rule saying that nothing with a star or a label should ever go into the spam folder unless the filter tells it to).

It would seem that something strange happened with Gmail's spam filters last week.

Re:To summarize:

[TheRaven64]

So run your own mail server. If you don't already have a server somewhere, get a dozen or so friends to chip in for the hosting costs. It costs more than free, but completely control the system.

Re:To summarize:

[weszz]

That kinda goes against what the author says later... if YOU use gmail (or another good service), but the people on your list you are trying to send messages to DON'T, then YOU have the problem. They probably don't even know you can't contact them unless they go through the hundreds of messages tagged as spam...

Re:To summarize:

[Spoke]

GMail's spam filters are over 99.9% perfect after about a week of training from the user.

While GMail's spam filters are pretty good, I do find an annoying amount of emails from a couple mailing lists (dspam and postfix mailing lists) marked as spam fairly regularly. I probably get a 2-5 of these false positives a week.

Luckily it's easy for me to see those emails since I have filters which label those messages.

Given the volume of mail I receive on my gmail account it probably is 99.9% effective, but I would prefer a few more false negatives than false positives.

Re:To summarize:

[Zonk+(troll)]

Or just install the CustomizeGoogle extension for Firefox. It has an option to automatically switch gmail, calendar, apps, etc to ssl. Plus it can remove the ads, block cookies to google-analyitics.com, randomize the search tracking cookie, and many other things.

Re:To summarize:

[WindBourne]

Which I do. But I also use gmail as well. I find that it is a good mix to have both.

Re:To summarize:

[Arthur+B.]

And they'll lose their marketshare to another email service who will guarantee a lifetime of receiving email with no fees. Oh no in fact they won't do it in the first place so that this doesn't happen. Companies make money by providing services, not by restricting services.

Re:To summarize:

[rudlavibizon]

Cinquitto!

Re:To summarize:

[ClassMyAss]

You know, people always seem to be surprised that Google escapes most of the Slashdot criticism, and I'll agree that most people here don't have much negative to say about them. But even those who complain about this lack of criticism rarely have anything to offer other than 1) "Nobody ever criticizes Google, how lame is that?", or 2) "Google claims to do no evil, but how can we really be sure that they won't ever be Bad?" Rarely have I seen an actual complaint about them. So I put this to anyone offended by the positive vibes Google is getting: why exactly should we be complaining about? I've never paid Google a dime, and they've provided me many services that have truly made my life much easier (search, Gmail, maps, Google Code, etc., all of which I use practically on a daily basis). Yup, I've helped them make a profit by seeing their ads and very occasionally clicking one that interests me, and they've got a lot of data on my habits, but I've found them to be pretty up front about all of this. Where is the problem? Compare this to Microsoft, whom I've probably paid for the same crummy software once for every computer I've ever purchased, and my reward is being treated like a criminal every time Windows craps up and needs a reinstall. If you want to know why people don't have much to say against Google, it's that simple fact: they give a lot of people free stuff that actually helps them do what they need to do. If that's evil, I could tolerate a hell of a lot more of it.

Google doesn't get a blank check to do whatever it wants from me, but at the moment they have relatively few blemishes (the China thing, and the privacy issues, mainly), especially compared to all the other companies out there. The moment they start trying to screw over their users, I'll start bashing them as strongly as I would now bash Microsoft, but as long as they are behaving in our interests, why not give credit where it is due? Of course, once the current management disengages from the day-to-day running of things and the intense growth spurt that the company is seeing starts to slow, I predict a distinct shift in business style (it happens with all companies once they reach true saturation), and at that point we can probably talk about the evil that Google will do. But now? I just don't see it. Am I missing something?

Re:To summarize:

[rm999]

It's funny, I have a general rule: If I am expecting something at my Hotmail address (which at this point is rare), the *first* place I look is my spam folder. This has worked literally 90% of the time.

Re:To summarize:

[Fujisawa+Sensei]

The folks who SEND the newsletters don't have the luxury of telling all their subscribers to "use Gmail." They have to deal with the fact that a large percentage of their readership may not use Gmail (for any number of reasons) and the fact that Gmail exists doesn't help them in the least.

They don't? They don't have the ability to send confirmation emails when a user sends a subscription request or post: "Cannot send news to Hotmail" on their webpage?

Re:To summarize:

[superbus1929]

I'll just stick to my own domain's email, thanks.

Re:To summarize:

[lazy_playboy]

Gmail's spam filer is good. But I find it hard to check for false positives as I get 1500 spams per month. I get about 5 false negatives per month. It's been a good fire and forget solution for my parents who really don't like the less savoury spam.

Re:To summarize:

[Com2Kid]

Did you make sure to mark all spam as such? Also, I am willing to bet that the single marking of a spam message as non-spam has a larger affect than marking many spam messages as spam. (Hey, if someone wants spam, give it to them! :-D

Re:To summarize:

[xenocide2]

In my entire history at GMail, though, I've gotten one mis-marked legitimate message; and if someone else had been reading my incoming messages he would have thought it was spam too. I think this statement bears repitition, as possibly the best way to benchmark spam filter performance realistically.

Re:To summarize:

[stickystyle]

...and if someone else had been reading my incoming messages he would have thought it was spam too. ...If you ask some people here, someone WAS reading your email.

Re:To summarize:

[Cro+Magnon]

Google is a business, and every business I've seen eventually gets around to screwing the customer. I agree that Google's current behavior is good (though not perfect), but it would be a mistake to assume that it will remain so, and its size, and the amount of data it has access to is worrysome.

Hopefully, the very fact that some people are watching it suspiciously will delay its inevitable decent into evil.

Re:To summarize:

[x_MeRLiN_x]

That's all well and good for a personal web site, but do you think your boss would be happy about the fact that you chose not send the company newsletter to the majority of subscribers?

Re:To summarize:

[davester666]

> GMail's spam filters are over 99.9% perfect

I LOL when I read this, just because I recently went through the spam folder and it only held spam, except for...slashdot emails...

But, I also find GMail's spam filter's do work well, as rarely does a spam message get through to be caught by my Mail.app spam filter.

Re:To summarize:

[module0000]

Couldn't have said it better myself. GMail = all these problems don't exist. Can't wait till every business in the worlds realizes the superiority of GMail and Google for Domains over their current Outlook & groupware solutions. Goodbye the rest of you email providers, I for one support our new GMail overlords.

Re:To summarize:

[clang_jangle]

Or set up your MUA to work with Gmail's servers via ssl. That's what I do.

Re:To summarize:

[brian.gunderson]

I'm about as big a google fan as can be. My (severely down-modded) comment was simply a humorous observation.

Re:To summarize:

[Hucko]

You must have been doing it right then. I too use Hotmail to receive newsletters, friends, etc that are likely to end up on a spam list. If they past the test, they get my official account (no inane emails, as well as other insecure practices). People, use Hotmail as your spam account! Well done to you Solra Bizna!

Re:To summarize:

[jZnat]

Unless you have some recent and accurate numbers regarding the popularity of Hotmail, I would say you're full of shit. There are probably more Yahoo! or AOL users than there are Hotmail users nowadays.

Re:To summarize:

[redcane]

Perhaps there should be a standard for SSL SMTP that is widely used, falling back to normal SMTP where needed.... Anyone who cares enough would have their mail server on SSL to stop "snooping".

Re:To summarize:

[utnapistim]

And how long until Gmail does the same thing?

I don't believe they will, for a simple reason: if they do that, their main revenue source (targeted advertising) is going to suffer. Let me expand on that:

If they start compromising their service, people will notice (It's enough for a couple of dozen websites publishing sought-for newsletters to tell you "don't use gmail as it classifies the newsletter you subscribed to as SPAM") and once people start to notice gmail starts being less desirable.

Once gmail starts being less desirable, google looses the targets of their targetted advertisement. In other words, asking for money to "uncensor" you (as a newsletter pubisher) should prove to be a long-term revenue strategy more reliable than targetted ads (And - as far as I can see - it doesn't look that way).

Re: To summarize:

[eiapoce]

To blunty summarize most computer users are computer illiterated. They all know how to push the big power button run Norton and get viruses. But to ask them to switch email provider or operate in a safe conscious way is a too difficult taks.

Enrico

P.S. If you are reading slashdot you are part of a minority.

Re:To summarize:

[psmears]

Perhaps there should be a standard for SSL SMTP that is widely used, falling back to normal SMTP where needed You mean, like RFC2487, implemented in Exim, Postfix, Sendmail, MS Exchange, ...? :-)

Re:To summarize:

[zippthorne]

Yeah, 'cause nothing says "I'm concerned about security" like installing a bunch of third-party add-ons.

Re:To summarize:

[Fujisawa+Sensei]

Then its not my decision what goes onto the web page to begin with, and my boss can choose to fork out the money to payoff Microsoft or whoever to deliver the emails. And its not my problem.

Re:To summarize:

[what444+the+human]

We get free email but purchase spam filters. That alone should signal everyone that the spam issue is in the ridiculous stages. Yahoo and Hotmail are free and the spammers love it. Today the spammer is one yahoo address, and tomorrow he's another... No credit card or identification needed to make up free email addresses.

Wel im not paying anything to extortion

[unity100]

When a client complains that his/her site gets suspended due to his/her non receipt of invoice notifier/renewal email in his/her hotmail/dugamail/omegamail/anymail account due to these companies' "policies", i explain the situation in detail and advise them to acquire a more usable and reliable email account from elsewhere.

hotmail lost many users due to that over 4 years.

Re:Wel im not paying anything to extortion

The fact that the email is not being sent is the sender's fault. This article is not true. I contacted Hotmail about my email being blocked. They were professional and gave me a list of things that I needed to do in order to resolve the issue. For email to get to Hotmail users, the sender must following the rules of the Sender ID Framework, which involves changing some DNS settings. More information about that can be found here:
http://www.microsoft.com/mscorp/safety/technologie s/senderid/default.mspx

Senders are not required in any way to purchase a certificate from this third party company mentioned in the article.

Re:Wel im not paying anything to extortion

[rtechie]

The problem with this is that the only mail servers that support Sender ID are Exchange and Sendmail, experimentally, and the specification was only finalized and released back in NOVEMBER. Domainkeys was just released and its MUCH more likely it's going to be widely adopted. And Sender ID does not work with mail forwarding.

Re:Wel im not paying anything to extortion

[Craig+Ringer]

AFAIK Sender ID support in a mail server is only required for verifying sender ID information on incoming mail. To enable sender ID on your domain so others can verify your mail, all you should need to do is add a TXT record to your domain that specifies a list of authorized servers.

Forwarding is somewhat of an issue, but the most common uses can be overcome by whitelisting the forwarding host. I personally don't think it's that big a deal, and in fact I have routinely whitelisted a couple of forwarding hosts for other reasons.

Re:Wel im not paying anything to extortion

[kindbud]

For email to get to Hotmail users, the sender must following the rules of the Sender ID Framework, which involves changing some DNS settings.

LOL. That's totally wrong. You can have Sender-ID setup in perfect form, right from Microsoft's own HOWTO page, and they will still throw your mails in the Bulk folder if they haven't seen your MTA before. We called them about this, they told us their mail servers take a while to get "trained" on our mail flow. It's true that Sender-ID is required to get out of the Bulk folder, but having Sender-ID is no guarantee that they think your mail server is trustworthy. In other words, Sender-ID is a bunch of busy work that really has no effect on your mail delivery rates at the site that fucking invented it. It's just another useless hoop to jump through. They don't trust it at all.

Marked as Spam, eh?

[EveryNickIsTaken]

Well shit, If your newsletter reads anything like your post, I'd mark that as spam too, champ.

Could be workable, if...

[Perp+Atuitie]

A "tax" of this kind could be a way around spam, but the Hotmail/Goodmail way has one fatal flaw: it's used as a profit center for the mail carrier. If the tax went to recipients of the spam, who are after all the real victims here, there could be an argument for initiating it. As it stands though, this is just another service-provider scam, a kind of subset of the hierarchical Internet.

Re:Could be workable, if...

[Intron]

Any pay-for-email scheme will be abused by the con artists currently profiting on spam. If the recipient gets the money, then all of those bots will start sending mail to 'victims'. If the ISP gets the money, then they will set up fake ISPs to collect email tax. Pay-for-email is a stupid idea.

Re:Could be workable, if...

[corbettw]

it's used as a profit center for the mail carrier. If the tax went to recipients of the spam, who are after all the real victims here You have an interesting definition of "victim". Someone who uses Hotmail for their mail spends nothing to use that service. When they receive a given spam, it takes a minuscule amount of their time to delete it, assuming it gets past the spam filters. Microsoft, on the other hand, spends (thousands|millions) of dollars per (month|year) to provide this service, and processes (millions|billions) of emails per (day|month). With millions of subscribers, a single spam that goes to a sizable portion of that list will take up some real resources, resources the company could better use either for their own uses or that of their customers (I suppose this would in effect make the customers victims, too, but on a much smaller level as individuals).

That said, charging people to get around the spam filters is going to do nothing but infuriate their subscribers who will eventually leave for other services. In the long run, they're not really going to gain anything, at least not compared to how much they stand to lose. Just another example of a corporation seeking some short term gain and ignoring the long term peril they place themselves in.

Unfortunately, I don't have a useful suggestion for people who send out legitimate email and get caught up in this mess.

Re:Could be workable, if...

[TheGratefulNet]

You have an interesting definition of "victim". Someone who uses Hotmail for their mail spends nothing to use that service.

your time is not worth anything, it seems (?) but mine sure is.

my 'eyeballs' is what pays for any free service. there are very few TRUE free services.

just because cash isn't blatantly changing hands in front of you does NOT mean that you are getting something for nothing.

Re:Could be workable, if...

[Itninja]

The people who simply get the spam in their inbox are certainly not the "real victims here", as you said. The actual victims are the people, corporations, and/or non-profits that supply the mails servers and IT personnel around the world. A tremendous amount of their resources are used to manage all this meaningless spam.

For the end user, massive spam is a pain, and could potentially take a measurable amount of time to delete and filter. For the organizations that provide the email to the end user, spam is a direct deficit to their bottom lines. And not all of them are mega-billion-dollar corporations. I work for a non-profit in Washington State than maintains several hundred servers for schools statewide. We have a dedicated FTE who does little else other than manage all the filtering, whitelisting, blacklisting, and mail server configuration & maintenance required to keep the spam under control. That's $50K a year plus benefits - just due to spam.

Re:Could be workable, if...

[wile_e_wonka]

I don't see how a "tax" like this could ever actually work as a way around spam.

Charging advertizers to get email through doesn't block any spam. Spam blockers use algorythms, etc to attempt to find and block spam, but when they fail the mail gets to the inbox without having to pay money. I do get this kind of spam in my Hotmail account. The advertizers who pay are merely guaranteed to get to the inbox. The payment does nothing to keep spammers out of inboxes.

If all email was taxed, then all people who don't pay could either be blocked altogether or relegated to the questionable mail box. If blocked, there would still be troubles--first, it would immediately fail because email should be free and everyone agrees with this. Second, some spammers would just pay. If non-paid mail was sent to the questionable mail box, everyone would be checking that box all the time because of the emails they get from real people who don't pay (and opening more spam than ever this way).

In conclusion--no email "tax" to advertizers or to all emailers would work to cut down spam.

Re:Could be workable, if...

[Iron+Condor]

Someone who uses Hotmail for their mail spends nothing to use that service.

Hotmail is only free if your time is worthless.

Re:Could be workable, if...

[cswiger]

Nicely put-- where's the "+1 tasty sarcasm" mod when you need it?

Re:Could be workable, if...

[nasch]

If all email was taxed, then all people who don't pay could either be blocked altogether or relegated to the questionable mail box. If blocked, there would still be troubles--first, it would immediately fail because email should be free and everyone agrees with this. Second, some spammers would just pay. If non-paid mail was sent to the questionable mail box, everyone would be checking that box all the time because of the emails they get from real people who don't pay (and opening more spam than ever this way). I don't think email should be free. If we could come up with a universal micropayment system that worked well, we could solve the problem. Each email costs a small amount of money (perhaps 1 cent), payable to the recipient before the message can be delivered. If the recipient has the sender whitelisted (this could mean it's someone in their address book) the payment is refunded or not required. The recipient also has the option of refunding the payment manually. Spam as we know it now wouldn't be feasible, because a million emails would cost $10,000 to send out, which ruins the economics of it. Newsletters could require confirmation of whitelisting before sending an email to an address, or maybe a prepayment of the first email fee to insure against costs incurred.

This plan only has a couple of gaping holes, which makes it better than most. :-) But I think something like it will be possible and maybe even likely sometime in the next 10 or 20 years.

Re:Could be workable, if...

[wile_e_wonka]

Not a bad idea, but here's the problem I see--one reason 1,000,000 spam messages is not economical for a cost of $10,000 is because only a tenth of them make it to anyone's inbox. If spammers paid the $10,000 this would get them to the person's inbox--all 1,000,000 spam messages in the inbox. This could make the $10,000 cost economical depending on how well done the spam message is. Also--to make it more economical the spammers would just evolve the same as they always do--if I were them I would use targetted emailing instead of blanket emailing. Right now blanket emailing is fine because it's free, but the cost of targeting it would become worth it when there are micropayments involved.

However, the micropayment plan you describe in conjunction with a spam filter could work. Maybe not enough better than just a pure whitelist system, though, for it to catch on.

Re:Could be workable, if...

[nasch]

The worst case scenario is pretty much what you describe - spam would change. In order to make it worthwhile, the spammer would have to get a much much higher response rate, which means he would have to do a lot more research to target the messages, which would add even more to the cost. The result would be far fewer messages in total, far fewer that you're not interested in, and more that you are interested in. That last isn't saying much since one spam email you're interested in would be more than you're getting now, but overall that would be the result. Which would be an improvement. I'm sure it wouldn't totally eliminate spam - I'm not sure that's possible. But it might drastically cut down on the volume, while increasing the "quality" and the percentage of messages that are actually useful to the recipient. I think we'll get a micropayment plan in place anyway for other purposes eventually, and this seems like an obvious way to apply it - but it might require migrating off of SMTP. As I said, only a couple of gaping holes.

Easy Answer:

[jshriverWVU]

Are we being too hard on Goodmail for their plans to charge senders a quarter-penny per message to bypass companies' spam filters?

No. Personally I think it's fraud, since you're telling and selling the customer one thing, then allowing people to bypass their own securty for a profit at the expense of it's end users.

Re:Easy Answer:

[Chikenistheman]

No one seems to understand that the idea behind spam is to keep costs low (free) and make as much money to turn the best profit. So even if they make 100$ and spent nothing they turn profit. If someone has to shell out 1400$ in order to push their medication spam they won't make any money. 1400$ seems like a reasonable price to weed out potential spammers. I used to work for a company that would send out a newsletter every month to anyone who put an email address in our site, whether you liked it or not. Sure we had an opt-out policy but we would definitely make more than 1400$ by sending out 100,000 legitimate business-related email. So for those who think a spammer would gladly pay 1400$ for easy access to all that is hotmail i just don't see it that way.

Re:Easy Answer:

[jshriverWVU]

It's not so much that a real spammer will have to pay, as much as the fact it gives them a control over your email that you don't have. Since you are the end user you should be able to define what is and isn't spam. Giving them control makes you powerless. What if you're LUG suddenly is blacklisted and you can't receive emails, and they refuse to remove them from the blacklist unless the LUG pays them the money?

Re:Easy Answer:

[TooManyNames2007]

That is exactly correct. If a payment for delivery is to be levied that action should be under the control of the email address "owner".

Fascinating

[thetroll123]

"I find your ideas fascinating, and I would like to subscribe to your newsletter"

Re:Hwo dare they

[jellomizer]

But GMail has advertisments based on keywords of your email. Thats Evil Capitalism too. Why cant a company just pay millions of dollars to keep a good email service for free with no ways of them making money, just so people can use a non-ISP Email address, so they don't have to tell people that they changed email every couple of years, because I changed ISP, I want to tell people that I have changed Email every couple of years because I decided to move from one email service to an other....

I KNEW IT!!!

[mastropiero]

All those chain letters I sent to avoid making hotmail a paid service and so many people dismissed them, they even regarded it as a hoax! I am so dissapointed....

Net Neutrality has just left the building...

[FranTaylor]

and was found slumped dead over a toilet.

Re:Net Neutrality has just left the building...

[tvachon]

More at 11...

Welcome back, it seems that it was found dead snorting a mixture of cocaine and ground up salt off a dead Asian hookers ass. Some theorize that it contracted a severe case of bird flu and died on the spot.

Re:Hwo dare they

[Xybre]

Did you even read the first paragraph of the article?

It's not about YOU using it, SOMEONE uses it, maybe they have their account there from before they knew better, or maybe they do it just to piss you off, whatever the cause, if you're sending out a newsletter, or a payment receipt, or responding to a craigslist ad, or use a mialing list, or whatever you're doing, and you're on the "spam" list, your email might never see your customer/client/whatever. If you don't make money online, or if you don't do anything that involves mass mailings, then maybe it doesn't affect you directly, but the precedent is still there. Rights, even customer rights, aren't just about YOU, they're about everybody.

*steps off the soapbox*

well thank God for choices....

[Brigadier]

I've used hotmail and yahoo since college at least 8 years. In the last year or so I've switched to gmail. Funny for the very reason mentioned (spam) I never use yahoo, nor hotmail for personal mail because there spam filter is iffy at best, not to mention the fact that they produce there own spam in an attempted to advertise their products. So they can choose to propagate spam but where is it going to get them.

Re:well thank God for choices....

[zxnos]

the spam filter is iffy at best on gmail as well. at least in my experience. i used it for school. an instructor sent 4 emails from the same account with the subject XXXX - 1 of 4, 2 of 4 etc. i received two of the messages. i replied to one of his messages saying i didnt receive a couple. he re-sent all becuase other students didnt get others. i still missed one. anyway this happened a few times when he sent out emails. i checked the spam folder. there they were. long story short. a person i had replied to still got tagged as spam. bad.

Change over to GMail

[Nom+du+Keyboard]

I suggest your encourage your subscribers to change over to GMail. I made the change after two of my ISP's (AT&T and Comcast) refused to forward e-mail to me from my own domain. I couldn't even whitelist myself, because they'd blacklisted all of NameZero.

Google, OTOH, deliverers everything, and does a 99%+ accurate job of putting spam in the spam folder, and e-mail in my inbox. Once I was able to accurately see all my e-mail, I was able to kill a very old address that wasn't part of my personal domain, but forwarded through it, that was generating up to 500 spam messages a day. I wasn't aware how bad it had gotten due to the first named ISPs hiding the problem, rather than showing me what all my e-mail looked like. Fond as I was of this address, when it becomes this kind of problem, even good memories of my first e-mail and early Internet days has to go. Google makes this possible, all this for free!

All things considered, I'm sure Google would love to take away all of Hotmail's customers, and they'll do it by providing better service at an equal or better price.

Re:Change over to GMail

[Neil+Blender]

I suggest your encourage your subscribers to change over to GMail.

Yeah. That can be the first topic of his next newsletter. It'll be useful advice to people whose ISPs are blocking it.

Re:Change over to GMail

[griffjon]

And there's also the forcibly-change-over-to-gmail option - we had some important aolusers (board members) at a previous job; they never got important board listserv emails or massmails or such, they refused to leave AOL and we couldn't afford any of the solutions to get around the AOL blocking.

So I created individual gmail accounts for all the aolusers which we sent to, and set the gmail accounts to auto forward to their AOL accounts. Problem solved.

Re:Hwo dare they-POP3

[Nom+du+Keyboard]

Do you still see those adds if you use a POP3 e-mail client such as Outlook/Outlook Express/Thunderbird to receive and handle your e-mails locally?

Learn from the pros

[wiredlogic]

You just have to learn from the spam pros and randomize your newsletters to make them look legitimate.

Bennett?

[michrech]

He's still around? Seems this time he's being a whiny little crybaby that a company that provides a service for "free" to customers is allowing spammers to send mail to their accounts so long as said spammers pay for the privilege. Boo fucking Hoo. Other than looking at some ads, the service isn't costing you anything at all. If you don't like the ads, or don't like the company behind the service allowing spammers to pay (which helps pay for the infrastructure) to bypass the spam filters, then don't use the damned services.

It really isn't that hard to comprehend. You are not entitled to free email service. You'll use what is available, roll your own, or fucking deal with it. Whining about it will not solve your problem.

Re:Bennett?

[michrech]

The "individuals" to whom he evangalizes his services include residents and natives of oppressive nations, as well as students and other minors. It's generally safe to assume that colleges and universities don't filter web browsing traffic, and if they do, there's a problem. Unfortunately, minors do not have full legal standing until they are 18. That's why they're called "minors". I agree that, yes, some are mature enough to warrant receiving full legal status earlier, and many more are still not ready at 18. But 18 was the age chosen. Until that time, they are not (usually) legally responsible for their actions; their parents or guardians are. I'd have no problem with the "service" he provides, if it were advertised at residents/natives of oppressive nations. The fact that Bennett doesn't seem to understand that his advertising to children is WRONG because of all the reasons you listed (and probably more) is what makes me so angry when I see any of his babbling. There was a time when I thought teenagers should be treated as adults, able to make many of their own decisions (such as being able to look at porn on the internet). Care to guess how old I was at the time?

What I did at my previous job was to sign up onto his circumventer list (under several different email addresses). As he emailed the new circumventers, I'd add them to my "stupidcensorship" list in squidGuard, then restart the daemon.

The reason I mention I signed up to his list under different email addresses is because I decided, one day, to start emailing him, asking him why he was targeting this advertisement at children (specifically children in schools). The short version of the story is that he got upset with me and removed that account from his list. Apparently, in Bennett's eyes, parents (and the schools they entrust to take care of their kids during the day) don't deserve the right to decide whether their children are behind a filter or not. His main beef is with the commercial filters, however, and I can see his point (as far as how ineffective they can be), but that still doesn't give him the right to override what the parents decide.

Bennett is a sniveling, pathetic, crybaby. He deserves all the negative happenings in his life that he gets, in my opinion.

This again?

1. Bonded mail isn't just a Hotmail idea as you appear to paint it, AOL (for example) use it too, yet you're content to simply use this as an excuse to lambaste Microsoft.
2. You complain that SpamCop allows false reports; this may well be true, but you don't tell us how many reports are needed. Nor why your email may be reported; what are you doing to make subscribers complain, or make them assume the mail is spam.
3. Your assertion that if you switch to RSS then Microsoft will block your RSS feed is utter nonsense. How exactly is this going to work? Some hook into the TCP-IP stack? Does Microsoft control the RSS reader? Even the one built into IE doesn't work like this.
4. Is it legal to block email marked as spam until you pay? You know the answer to this. Their servers their rules. Adding a whitelist into the mix changes nothing and that mode of "attack" sounds like the old "free speech" argument employed by rather a lot of spammers.
5. Mislabelling your mail is libel? So are you going to sue spam assassin as well? Your nonsense of reporting someone as a felon again seems like the escalation in arguments that spammers use. Marking someone as a felon has real world consequences, marking a mail as spam doesn't. You're attempting to compare someone thing me saying "Bennett Haselton wets his bed" with "Bennett Haselton molests small children".

You've had problems with Hotmail and MAPS before when you hosted in the same IP range as spammers. You had been offered solutions before (moving IP) but didn't want to. You've sued spammers and have been promoting your anti-spam idea & thoughts for years, but never bothered to implement them.

So frankly this comes off as sour grapes again on your part. The idea that you have some god given right to use space on hotmails (or anyone else's) servers, without ever addressing what causes reporters to think your mail is spam in the first place.

Re:This again?

[Res3000]

I won't comment on all your points, but you got one point wrong:

Your assertion that if you switch to RSS then Microsoft will block your RSS feed is utter nonsense. How exactly is this going to work? Some hook into the TCP-IP stack? Does Microsoft control the RSS reader? Even the one built into IE doesn't work like this.

That's not his problem. He sends out e-mails to people with sites to work around "corporate policies" or the great chinese (fire-)wall. The producer of this blocking softwares would just block his page (or have already done so) and his users couldn't get the informations. For once Microsoft isn't involved in the game.

Re:Hwo dare they-POP3

[ZachMG]

When using Apple Mail I have never seen an ad anywhere.

No

The ads aren't inserted in the messages, they're part of the Gmail web interface. They're not even overly intrusive, they just hang out in their own ad area and aren't difficult to ignore. So, to answer your question, you won't see the ads if using a local app to handle your mail.

no free lunch

[grumpyman]

Other 'free' mailing services doesn't have a 'price tag' does not mean they'll do it for free.

Re:The real irony here is...

[boris111]

Why can't spam filters filter out every permutation of v1@gra, or viagra. I'm surprised what still gets through sometimes.

I kind of agree

[gurps_npc]

That hotmail and goodmail should not be charging people to unblock spam.

Instead they should simply refuse to unblock spam, period.

Yes, that means that newsletters like this would not get through.

I have a Phone at home. If some insane lunatic started up the idea of calling all his friends having them call all of their friends, as a means of sending out important news, I would laugh at him.

I also laugh at anyone, even this 'nice' newsletter that actually thinks EMAIL is an apropriate means of obtaining this information.

RSS is one way to go.

ANOTHER way to go is messageboard style.

There are still more ways to send out information. You can take an applet that you give to your subscribers that does something similar to hat phone idea does. While it does not work on a phone, it would work on the internet.

But the IMMENSE problem of spam pretty much means that NO, NEWSLETTERS ARE NOT APPROPRIATE FOR EMAIL.

Find another solution, the one you are trying is causing huge problems for the interent. It is NOT our job to help you perpetuate a BAD idea, no matter how much your personal non-profit benefits from the bad idea.

Re:I kind of agree

[smokestacker]

"NO, NEWSLETTERS ARE NOT APPROPRIATE FOR EMAIL." In that case, junk mail isn't appropriate for snail mail. Tell all those companies to stop sending me pamphlets. Seriously, I like my email newsletter.

Re:I kind of agree

[Chirs]

How exactly would you deal with all the mailing lists used for various purposes, including lots of open source development?

The linux kernel mailing list sends hundreds of messages a day. How would you propose to manage this without using email?

Re:I kind of agree

[jZnat]

Usenet. You know, the thing we used for this sort of thing in the first place, but nobody seems interested in anymore (other than for warez and whatnot). Perhaps an updated version of NNTP that supports Unicode, binary attachments, and better measures to thwart spammers is in order?

Re:I kind of agree

[dangitman]

RSS is one way to go.

Except that 90% of people are NOT going to use RSS. Email is superior in many ways for things like newsletters.

But the IMMENSE problem of spam pretty much means that NO, NEWSLETTERS ARE NOT APPROPRIATE FOR EMAIL.

Uhhhh, why not? Email is an ideal electronic replacement for physical newsletters. It's superior and cheaper to physical distribution, and has almost no drawbacks - expect for crap like the topic of this discussion.

Follow the Money

[Crispin+Cowan]

A core principle in figuring out any kind of shady shenanigans is to follow the money. The problem with Goodmail, and with Microsoft's pay-to-play fee, is that the money is being paid to the wrong party. Paying the fee to the mailbox-hosting ISP cannot help but create a corrupting conflict of interest, making this a bribe. Nasty spam will be allowed through if the vendor has the $$$ to pay, and legitimate bulk mail that people have opted into will be blocked, if the news letter is not coming from a moneyed source.

Instead, consider a P2P scheme where the postage is paid directly from the sender to the receiver, where the receiver themselves can white-list a sender as not having to pay. It would produce these kinds of effects:

• For most personal onesey twosey mail, sending volume approximately equals receiving volume, so the postage payment is mostly a wash, with chatty people paying quiet people a modest amount on average.
• For opt-in news letters and mailing lists, the receiver would be expected to white-list the source, e.g. I would white-list my subscription to Bugtraq.
• Spammers and "legitimate" bulk mail advertisers alike would have to pay in proportion to the volume of mail they get delivered (non-delivered mail doesn't pay the postage).

There's a bunch of interesting things that can be done with this model:

• Postage is just an offer to pay, which only causes actual payment if the receiver redeems the postage.
• Postage can be nothing more than a GPG certificate attached to the mail, validated by the receiver's MTA or MUA.
• Receivers can dial the amount of postage they require to accept an e-mail. They could set it to a static value, e.g. "at least 2 cents or I'm not interested", or they could even use SpamAssassin to dynamically set the postage, e.g. "at least 10 cents * the spamass score" so that highly spammy mail requires much more postage than plaintext free of spam phrases.
• Gold miners can set up spam trap mail addresses that do nothing but accept postage and throw the mail away. This is abusive to spammers who are paying to have their mail delivered. Cry me a river :-)

Re:Follow the Money

[Crispin+Cowan]

This exists, it's the business model for Boxbe.

Cool! I did not know about this, it is great that someone is trying this model. However, I see that Boxbe is using a server-oriented model so they can basically filter spam and legitimate mail sent to yourname@boxbe.com. I imagine a more P2P solution, where the SpamAss agent on any mail server would use a server company like Boxbe as a payment clearing service, and filtering is done on whatever MTA you are using.

I care, because I am already getting lots of spam at my well-known address at crispincowan.com and would like to filter it. A solution that requires users to change their e-mail address is not a great solution for a lot of users.

Re:Follow the Money

[ozphx]

Outlook (and probably other clients) have a feature where you can put a stamp on your message and pay in CPU cycles. Pegs my CPU for about 100ms, so I'd hate to be spamming out billions of them.

Guess its hashing the message, rcpt and timestamp and dropping a few hundred rounds of AES over the hash.

Simple and effective.

Re:Follow the Money

[r3m0t]

Hashcash! My favourite anti-spam solution.

If only somebody would use it...

Re:Follow the Money

[rstewar]

You've just described what we do at Boxbe. If you are not on my whitelist, you have to take a captcha test or pay. We do take a 25% commision on the fee, but 75% goes to the mail recipient. We use DKIM and SPF to help figure out whether the sender is legitimate or not. Randy Stewart randy@boxbe.com [Disclosure: I work for Boxbe.com]

Re:Follow the Money

[ozphx]

> If only somebody would use it...

Good news then. Outlook 2007 has it on by default, and I'd assume the MS anti-spam products read it. Only a matter of time before other anti-spam vendors include the support I guess.

MS call it Outlook Postmarking, and it is apparantly "innovative". (Wait are they taking a leaf out of Apple's book here?...)

Re:Follow the Money

[Crispin+Cowan]

So make it work as a plug-in for SpamAssassin, and then you have something :-)

Not an unreasonable suggestion

[Craig+Ringer]

Regarding mailing list subscriptions, that's not an entirely unreasonable suggestion, though it's really not much more than auto-whitelisting. However, you'd need to address the:


From: "Sexy Chick" <confirm-12312312-from=mailouts=sending.domain.com @sending.domain.com>

Reply for an exciting photo!


issue. People are stupid. Enough spammers are not stupid that they will trick stupid people. People will demand to be protected from their stupidity, and the filters will go back in.

The ability to examine your mailer whitelist and remove things from it would help, mostly because this can be made as easy as clicking the "Junk" button. With a little agreement an un-whitelisting could even generate an automatic unsubscribe.

To actually be useful, such a scheme would have to be combined with a sender verification system like SPF or DomainKeys. Lack of any sending server verification is basically a waste of time (spammers will just start mailbombing with mailing list sender addresses) and IP-based verification is way too inflexible.

Your biggest problem is that it's basically limited to being useful for mailing lists and perhaps regular correspondants. It also doesn't address ensuring that the confirmation message gets there in the first place (good luck figuring out how to do that!). Its limited scope means it's probably harder to get people to implement it, especially when they won't be making $1400 a pop for sender "approval" anymore.

Did you miss the point?

[geekoid]

why, yes, I think you did.

Let us say you have a business, and as part of that business, you send emails to your customers that sign up for it. Not spam, this is information your customers want from you.

Some of your customers use hotmail. Not hotmail wants to charge YOU 1400 dollars to get through there system. That's a problem. It's extortion, it's being a bad internet neighbor, and it breaks the basic premise of email;which may be ok, If when someone signs up for the free email gets clear notification that someone might have to pay 1400 dollars to get an email to them.

They no it's wrong and thats why they try to hide this information from everybody but the person the want to extort.

Re:Did you miss the point?

[michrech]

No, I think YOU (and the jackass that modded my original post as flamebait) missed the point. You are using someone ELSES system, at no cost to you. You have aggreed to their terms of service in order to do so. That you didn't read the TOS, to see if there WAS a possibility of missing emails because a company you wish to receive emails from is being blocked for not paying a fee to the provider, is not relevant to this issue. It's your fault, not the company you are getting FREE service from. It is their network, their computers, and their software. They can damn-well do whatever they want with it. If enough people leave the service because of the actions OF the service, the service will either change or go away. It really is that simple.

As I said in my previous post, the company that is providing you with FREE email (for which you had to agree to a TOS) is in NO WAY required to actually make sure every piece of email gets to you. If you want that kind of service, get it in writing (or roll your own fucking email service).

I really am ashamed to see how the current generation is thinking more and more that they just DESERVE whatever they want, and expect it to be handed to them for free.

I very much believe the old saying, "You get what you pay for" really applies here.

why, yes, I think you did.

Let us say you have a business, and as part of that business, you send emails to your customers that sign up for it. Not spam, this is information your customers want from you.

Some of your customers use hotmail. Not hotmail wants to charge YOU 1400 dollars to get through there system. That's a problem. It's extortion, it's being a bad internet neighbor, and it breaks the basic premise of email;which may be ok, If when someone signs up for the free email gets clear notification that someone might have to pay 1400 dollars to get an email to them.

They no it's wrong and thats why they try to hide this information from everybody but the person the want to extort.

Re:Did you miss the point?

[Baba+Ram+Dass]

Let us say you have a business, and as part of that business, you send emails to your customers that sign up for it. Not spam, this is information your customers want from you. If I have any sense, I'll tell Hotmail to go fuck themselves and politely tell my customers their free e-mail service does not accept our e-mails and that they should complain or find a new provider.

It's amusing how often people forget there is still such a thing as choice, even when it comes to free services.

Re:Did you miss the point?

[Baba+Ram+Dass]

It's advertised as an e-mail service. It is indeed reasonable to assume that an e-mail service delivers e-mails. Spam is e-mail too, but many e-mail services do not deliver that form of e-mail. The point is that buyer should BEWARE and read the fine print (even on things they aren't actually paying for). You get what you pay for usually, and when you don't you can go to the next company. It's call competition, and last time I checked Hotmail wasn't the only dog in town.

Re:Did you miss the point?

[ericrost]

Hey jackass,

He's talking about someone who DOESN'T use Hotmail who is trying to send out a newsletter that Hotmail then blocks (without that person ever having signed/clicked an ToS to send an email TO an email service) that newsletter and comes back with the fact that you need to pay for play to get it delivered.

So YES, you did miss the point.

Re:Did you miss the point?

[michrech]

Hey jackass,

He's talking about someone who DOESN'T use Hotmail who is trying to send out a newsletter that Hotmail then blocks (without that person ever having signed/clicked an ToS to send an email TO an email service) that newsletter and comes back with the fact that you need to pay for play to get it delivered.

So YES, you did miss the point. You fail it too, jackass.

It doesn't matter what Bennett is using for email service. If the subscribers of Bennett's "newsletter" aren't receiving the emails for it, and Hotmail isn't going to work with Bennett (I wouldn't either, if I were in their shoes), then they need to use a different service. As was mentioned previously (by someone who ALSO gets it), Hotmail (and, thusly, Microsoft) are not the only email providers in the game. There are probably HUNDREDS (at the very least, dozens) of other services (most of which are FAR better than MS's offering, in my biased opinion) that could be used to receive said email.

If Bennett doesn't like his emails not being delivered, he can either pay the fee MS wants, or he can go cry in his milk. This may be America, Home of the Free, but that doesn't mean that MS should be forced to allow Bennett's emails into a service THEY own, operate, and fund.

What if I decided to block all emails from Bennett? Should he be able to throw the same bitch-fit he's throwing here, and have it matter one bit? No. It's my email service. I'll configure it how I see fit.

Get a clue.

Re:Did you miss the point?

[ericrost]

"You are using someone ELSES system, at no cost to you. You have aggreed to their terms of service in order to do so. That you didn't read the TOS, to see if there WAS a possibility of missing emails because a company you wish to receive emails from is being blocked for not paying a fee to the provider, is not relevant to this issue. It's your fault, not the company you are getting FREE service from. It is their network, their computers, and their software. They can damn-well do whatever they want with it. If enough people leave the service because of the actions OF the service, the service will either change or go away. It really is that simple."

Well, my point was your original comment was completely inapplicable to the situation you were commenting on. He has accepted no TOS. He is not using "someone ELSE's system". Microsoft has agreed to provide email service in exchange for showing and selling lots of advertising. As such the customer (who is making them money) has some reasonable level of service to be expected from a service provider (ad supported or otherwise).

You can block whoever you like on your domain as long as you don't have a customer who has a reasonable expectation of deliver of services.

Thank you for playing though, your straw man was crunchy.

Re:Did you miss the point?

[michrech]

Well, my point was your original comment was completely inapplicable to the situation you were commenting on. He has accepted no TOS. He is not using "someone ELSE's system". Microsoft has agreed to provide email service in exchange for showing and selling lots of advertising. As such the customer (who is making them money) has some reasonable level of service to be expected from a service provider (ad supported or otherwise).

You can block whoever you like on your domain as long as you don't have a customer who has a reasonable expectation of deliver of services.

Thank you for playing though, your straw man was crunchy. You still fail it. You must have one thick skull. It is MS's sole decision as to whether they are going to allow email to pass into their system from a specific person. This is in the TOS when you sign up. You are using a service provided to yoy by a company, at no charge for you. They, in fact, do deliver emails to their "customers". The fact that one particular email gets blocked doesn't mean they magically no longer offer "email service".

Talk about straw men. I think all the crow are picking yours apart.

Re:Did you miss the point?

[Scooter's_dad]

If I have any sense, I'll tell Hotmail to go fuck themselves and politely tell my customers their free e-mail service does not accept our e-mails and that they should complain or find a new provider.

How are you going to tell that to your customers when Hotmail won't deliver your messages to them?

Re:Hwo dare they

[networkBoy]

Yes they do, but the big difference as I see it is that they are up-front about it.
Google: We give you free e-mail, with spam filtering in exchange for advertisements on the side bar.
Hotmail: ditto, oh, and we let pay for spam through too, but we didn't say that.

-nB

Re:Hwo dare they

[pla]

But GMail has advertisments based on keywords of your email.

Not if you use POP to get your GMail rather than their web interface.



Thats Evil Capitalism too.

Despite the impression you could easily get from reading Slashdot, most of us don't actually dislike capitalism (though some of us might not realize as much). In reality, a closer reading of the more well-written Slashrants on the subject reveals that most of us actually object to corporate protectionism and profit-before-humans laws in general.

Hey, I have a good job, my boss lets me read Slashdot, I make enough to afford plenty of toys. I can thank capitalism in general for most of that (as opposed to communism, where I honestly don't even see the point of getting up every morning to go to work). I can't, however, overlook the fact that we have people punished with paying basically their life's savings for sharing music, while companies like the former Union Carbide can kill people and walk away with a slap on the wrist; You or I risk imprisonment for letting a website know it has a security flaw, while Sony distributes rootkits and only basically had to say "oops, sorry, our bad"; We get stiffer sentences for dosing ourselves with THC than Merck gets for falsifying clinical trial data on COX2 inhibitors leading to numerous premature deaths.



Why cant a company just pay millions of dollars to keep a good email service for free

If you think they don't get anything out of "giving" us all those "free" email accounts, I have a bridge for sale...

As the most obvious, they get massive amounts of personal information about us - Even if you give completely fake info to sign up, they can reconstruct a given user's social network better than that user can. And although GMail lets you use POP, as you mention, they do indeed show targetted ads to the webmail-using majority of their viewers. And don't discount "brand loyalty" through laziness. Already at MSN, as your default IE homepage? Well, may as well use Microsoft's search, and get a free Live account.

Re:Who gives a $hit about hotmail, really ...

[Xybre]

Your comments are highly subjective. Not everyone respects Google/Gmail (I do, though I don't post my Gmail accounts in public forums). Additionally, you only get an AOL email address with an AOL account which, ostensibly, you pay for, it's not free to sign up. Though if it were, for just an email address, I would still rank it below Hotmail. You do however get a free AIM email account, if I remember correctly.

Again, as I said, people have reasons for keeping around Hotmail and Yahoo accounts. Could be business reasons, maybe they're good for site registrations that require a live email address (what I do), there's many reasons, and a blanket statement for an issue clearly affecting people does nothing to solve the problem.

In response to your hypothetical, yes, I'd at least look at the resume, a legacy email account is not a reason to disqualify a perfectly suitable candidate, unless they also code .NET.

About the auto-mated whitelisting idea...

[TypoNAM]

About the idea of whitelisting based on subscribing through an email reply or what not (and forgetting about at times when the user confirms via a URL link) instead of restricting to a specific email server like so:
"list-peacefire-confirm-481534893-sender=orders=am azon.com&senderip=72.21.203.1@mailserver.com"

Why not leave it at your original format of:
"list-peacefire-confirm-481534893-sender=bennett=p eacefire.org@mailserver.com"

And have the receiving email service/network verify where the emails are coming from using SPF and/or similar ideas instead of specificially restricting to an IP address. Because after all we aren't guaranteed IP addresses for life. :)

SPF and IP address spoofing

[benhocking]

As you mention, SPF, DomainKeys, or a similar scheme is the only way to verify header information. The "article" seems to not realize that IP addresses can be spoofed just as easily as e-mail addresses.

Re:SPF and IP address spoofing

[Craig+Ringer]

That's not true. IP addresses are way harder to spoof, not least because a well run upstream network will (mostly) prevent you from doing it though source IP filters etc.

This is not to say that IP addresses are, in absolute terms, hard to spoof. However, From: email addresses are so hilariously easy to spoof that all you need is a telnet client or a scripting language with any sort of mail or socket support.

How is this in any way like goodmail?

[seebs]

Hotmail's blocking people who don't pay. No one's proposed blocking people who don't use goodmail; they've proposed whitelisting people who do.

Hotmail's deliverability is unreliable even when you're "clean", so I'd just write it off; do not use hotmail for business services, and do not accept hotmail addresses for anything where you need reliable delivery.

They're still using Bonded Spammer?

[Animats]

My experience is that Bonded Spammer is essentially dead. If you have Spam Assassin set to tag Bonded Spammer mail, you'll get items in X-Spam-Status like "RCVD_IN_BSP_TRUSTED". I have Firefox set to dump all those into the Bonded Spammer folder. The last e-mail to come in with that tag was in January 2007. I used to get more Bonded Spammer e-mails back in 2004 and 2005, but in 2006 it tapered off, and now it seems to be gone.

Is anyone else still seeing that junk?

How about my on its last leg..

[ericrost]

Hotmail acct that gets (in a 30 day period) 1800 messages delivered to the inbox (all spam, the only reason the account is still around is because of being registered at a specific company's external career site that won't change email addy's) and 8 Spam messages filtered....

Seems it doesn't work no matter how you slice it. Also, of those 8 spam messages, one of them is a newsletter I subscribed to that gets through to the inbox ~50% of the time.

Compare that to my double buffered gmail (one acct to give out, one I actually use with the given out accts inbox forwarded to it). I get all the messages I'm looking for, and for the life of the account I have 2 spam messages (life = 6 months so far).

Answer, hotmail/filtering sucks, esp pay to play. Gmail can somehow magically figure out I'm not interested in p3n1s p!llz

hmm.. just my 2 cents.

Re:How about my on its last leg..

[claybats]

A friend gave me a free invite for a Gmail account. He was the only one that emailed me there. That Gmail account gets as much spam as my Hotmail account did and does an equally poor job of filtering it. --Just another anecdote

Re:How about my on its last leg..

[ericrost]

My secondary acct gets a good deal of spam (I give out the addy frequently to forms, etc) but the filter seems to work a LOT better was my main point.

Re:Hwo dare they

[Xybre]

I'm not certain but the "Evil Capitalism" might have been sarcasm.

In any case, I agree with your statements more than not. Corporations face much weaker punishments than individuals do, at least in this country.

Google doesn't really hide the fact that it aggregates your data. It makes money off of the statistics your emails contributes to the whole, it all feeds back into their advertising, it's how they built their fortune as a company (advertising, not email).

Easiest way of realizing that this kind

[goldcd]

of charging is a bad idea, is just to think what would happen if everybody used.
I might run a moderately successful newsletter and I find it's blocked by host x.
So I pay host a $10 (I'll pretend this is cheap).
Now all my users will get their newletter - yay.
Then users on host b report their mail isn't showing up - so I pay out another $10.
Then users on host c etc etc.

Compounding this issue is the more hosts you pay, the more the others will want to be paid etc etc
I assume this would eventually lead to a situation where you'd pay off as many hosts as you can afford (in descending order of popularity/cost) until you could still just make a profit.
New users signing up, would be asked to try to use an email account you'd paid protection on, so you know you'd be able to get your mail to them. This I'd assume would lead to a gradual migration of end users to the provider that had collected the most protection money (and therefore you were more likely to get the majority of your email in).

Re:Easiest way of realizing that this kind

[EgoWumpus]

Well, at what point do people start saying, "You can't route email packets through this backbone server until you pay the protection fee."?

The difficulty with this mentality is that it suddenly becomes in everyone's interest to charge for everything, and then only the biggest systems get paid, because there is a strong economic interest in grouping up. This sort of concentration of power should be avoided at all costs.

Funny Figures?

[Frosty+Piss]

Hardly anyone has mentioned that Microsoft has been doing the same thing for years, only (surprise!) charging more. Hotmail lets senders pay a $1,400 "fee" to help get through their spam filter...

More? Maybe at a single whack it's "more", but let's see how that breaks down in terms of 1/4 penny spam-mails? It's 560,000 spam parcles. Given that most spammers send out MILLIONS, I'd say Hotmail's fee is probably cheaper than Goodmail's 1.4 cent fee. But of course, it's Microsoft, so it's twice as evil anyway.

SpamCop

[eaolson]

...complaints were based on SpamCop complaints -- a system known for being set up so that anyone could report anyone as a "spammer" without proof...

This is where I stopped reading. SpamCop requires proof in the form of the spam email itself. What other proof of spamminess could there be?

Re:SpamCop

[TheRaven64]

Unless spammers are including PGP signatures associated with their SMTP server, it is trivial to forge a spam email. Just take any from your spam folder and change the headers to be from someone you don't like. Of course, for SpamCop to take this seriously, you'd need a lot of people to send in spam claiming to be from the same address. Many of SpamCop's input also, I believe, comes from their own honeypots; no one has a legitimate reason for mailing these, and so anyone who does gets blacklisted immediately.

Re:SpamCop

[Trailer+Trash]

This is where I stopped reading. SpamCop requires proof in the form of the spam email itself. What other proof of spamminess could there be?

That's a good start, but having a piece of text doesn't tell you if it's spam or not. I mean, some stuff is obviously spam, sure. But I get a lot of really nice looking emails that advertise legitimate businesses or "newsletters" that are polished, and, well, they're spam. But they look just like the newsletters that I get which aren't spam.

I've asked around, and a lot of people will simply report stuff as spam because they're too lazy to unsubscribe from something to which they have subscribed. That's the chink in SpamCop's armor.

I still believe in the SpamCop model, but there has to be a way for someone falsely accused to get out of it and the fraudulent report must be punished. To simply charge the victim $20 in a case like that is, simply put, fraud.

Re:SpamCop

[kindbud]

Anyone can report any email as spam to Spamcop, whether it is spam or not. Anyone can even mistakenly report any email as spam to Spamcop, and it will be treated as spam. The sender will get a nasty-gram from Spamcop with the original recipient redacted, same as what happens for actual spam. Having reported an email to Spamcop is not proof that it is spam. It is proof that it was reported to Spamcop, and nothing else.

Correction

[Frosty+Piss]

1/4 cent...

Re:The real irony here is...

[TheReaperD]

The answer to this is simple... computers are stupid. In order to block every variation of viagra, the creator of the filter has to type in (viagra|v1@gra|vi@gra|\/1@gra|etc|etc|.......) and on and on. There are some shortcuts to make it slightly simpler but, they can't use them to much before it starts marking Virginia as spam. The problem is, spammers read this list and go "Oh, they missed \/.1@gra so, we'll use this. So, the messages get through until the creator of the filter adds that version. Then the spammer reads the new filter, finds another that they missed and change their spam to get through. Repeat until end of time.

The only thing I can see as a solution to this, is for the Internet to change to where every computer has a unique ID that is tied to the hardware and that this is hard wired to sending email. That way, when a computer starts sending spam, it can be blacklisted. If it is the actual spammer, their blacklisted until they buy a new network card, at minimum. The reason that spammers are successful is it's currently so cheap to send spam. If they start having to buy new hardware every day they want to spam, the cost goes up significantly. If it's an infected botnet computer, they remain blacklisted until they confirm their computer has been cleaned of the viruses.

Obviously, the article is from a spammer

[cdrguru]

Aside from that, I think it is fair to say that email is pretty much something that is useless for any commercial application and pointless for something like a "newsletter". The spam vs. ham ratio has gotten to about 1000 to 1 these days, even if they aren't directly seeing it. And that is part of the problem.

It is assumed to be acceptable for an ISP to block "spam". It is assumed to be OK for anyone to get in the way of mail to a recipient to save them from receiving the torrent of spam that they would otherwise be subjected to. False positives are considered to be something that just happens. None of the agents preventing delivery of mail offer any notification to the user that mail may be waiting for them in the "bulk" or "spam" folder, nor offer any recourse if the mail is simply deleted without delivery.

With that in mind, email is suitable for something for friends and family only. If you are trying to send a receipt to someone for an online purchase, such email is commonly considered to be "commercial" which equates to "spam" in some people's minds. Outlook by default takes anything from sales@abcdef.com and puts it into the deleted items folder, just confirming the view that anything related to "sales" must be spam.

Email is pointless for any commercial use. Companies trying to resurrect email as a viable communications medium are starting to notice this. Sure, pay to send email and some percentage of your customers won't have your email blocked. What percentage? 10%? This means you need to budget tens of thousands of dollars for "email protection" if you are going to go this way.

Face it, email is pointless and unreliable. You will never know if your email is being blocked. You can't tell a complaining customer that never got their receipt that you will "fix" this somehow. It is broken and you need to figure out a different delivery mechanism.

Re:Obviously, the article is from a spammer

[perp]

If you think Bennett Hazelton is a spammer, then you are obviously without clue. Look at http://peacefire.org/ if you actually want to know who he is and what he does.

Don't blame Hotmail: There's a better solution

[CdBee]

RSS: Because everyone hates spammy "newsletters" that have a veneer of content and a morass of advertising. A feed is the correct way for a site owner to communicate with users.

Re:Don't blame Hotmail: There's a better solution

[Zonk+(troll)]

And someone has a problem with reading. From TFA:

Many people have suggested that I publish via RSS instead of e-mail. For me the problem with that is that our newsletter is used to send out the location of new sites for getting around blocking software, so that by the time the last sites have gotten blocked in most places, the new ones are being mailed out. As long as people can access their e-mail accounts, they can get the new site announcements. But if we used an RSS feed instead of e-mail, then blocking software companies would just block our RSS feed.

Re:Don't blame Hotmail: There's a better solution

[unity100]

you cant even expect any of the clients to actually regularly (everyday) use the feed, leave aside counting on it. web hosting, and web developments are not time tolerant stuff - one client forgets to check a feed, and his/her domain expires. but everyone has to check their mail, and they do, and they know how to do it. holding clients responsible for watching a feed would fail at the point of making them learn how to use it.

Re:Hwo dare they-POP3

[Constantine+XVI]

Nope. You only see the ads in the web interface.

Re:Hwo dare they

[ls+-la]

But GMail has advertisments based on keywords of your email. Use PoP3. All the mail, no ads.

Use SPF

[CustomDesigned]

From TFA:
Or, suppose you're Amazon and you send mail to millions of users from orders@amazon.com, but you don't want everyone to have that address whitelisted because then a spammer could use the address "orders@amazon.com" to spam millions of people, hoping it would get through the filter of anyone who's an Amazon customer.

Spammers can't forge a MAIL FROM of "orders@amazon.com" for recipients that check SPF. Decent spam filters let users whitelist emails/domains. With decent anti-forgery like SPF and DKIM, the problem is solved for the immediate future.

PS. For nitpickers who note that the amazon.com sender policy has a default result of "neutral" instead of "fail", spam filters (like mine) that track reputation of each mailfrom.domain:SPFresult pair independently eventually start rejecting amazon.com:neutral anyway.

I have a better solution I am looking to build

[John+Sokol]

It's basically related to upload/download ratios.
It assumes any user with a good u/d gets a white listed.
Doesn't matter who they are, or credentials or anything like that and it's much much cheaper. Although Money is the only motivator against spammers. You need to make it unprofitable. So people need to pay you to receive an email! You pay then back with a reply.
Although things like legitimate Mailing lists have a special white list bypass that the receiver must open up.

Initially I am looking to replace some components in Q Mail or build some POP3 relay that deals with this.
I was thinking of putting it on maildr.com or unmailable.com

Anyone want to help?

True

[benhocking]

I've actually spoofed a "from" header myself. :) However, I assume that there are easily accessible systems that allow you to easily spoof the original IP address. All your PC has to do (in theory, I've never tried it) is pretend like it's passing along an e-mail from the IP address you want to spoof. That does mean your IP address will show up in the stream, but it will still look like the "sender" IP address is the one you want it to look like.

I (perhaps obviously) know nothing about "source IP filters". Do they somehow detect that it makes no sense for IP xxx.xxx.xxx.xxx to be forwarding e-mail from IP yyy.yyy.yyy.yyy?

Re:True

[Craig+Ringer]

An ISP knows that it and it's customers are only in a certain ranges of addresses (which it allocated). Any IP packets leaving the ISP's network must, therefore, be within those ranges. It is trivial to add a border router egress filter that checks to see if the source address field is in the permitted range(s) and drops the packet if it isn't.

Dodgy ISPs may choose not to implement this, and so long as there is one dodgy ISP out there an attacker on that ISP (or tunneling traffic through a host on that ISP's network) can spoof IPs. That said, you either need to be on such an ISP or need to have access to a host that is (and that'll let you tunnel traffic through it). So it's not that easy.

Even if you can spoof source addresses, you are going to have a really hard time getting replies. The reply, of course, is routed to the real owner of that source address, which goes "WTF? This is a TCP reply packet for connection I never established" and drops it, sends an RST, or sends an appropriate ICMP error. This makes it rather hard to carry out a two-way TCP/IP conversation with spoofed IP addresses, as is required for things like spoofing the source address for the purpose of delivering email.

It's somewhat more useful with UDP/IP since you don't need to go through the TCP/IP connection handshake (which requires either 2-way communication or REALLY good guessing), so you can have a pretty effective monologue at the receiving host. This isn't useful for TCP/IP though because of the use of connection-specific sequence numbers and a handshake. Unless you can predict the sequence numbers, you're pretty much stuffed, and they're designed to be very hard to predict on decent operating systems.

Rather more complicated than:


telnet theirserver 25
HELO whatever-I-want
MAIL FROM: spoofed@spoofed.net
RCPT TO: someone@theirserver
DATA
From: spoofed@spoofed.net
To: someone@theirserver
Date:
Subject: Ha Ha!

Body Text
.
... isn't it?

Different experience with hotmail

[Spazmania]

I wrote to Hotmail in 2006 about their users missing our e-mails because of the filter blocking them as "spam", [...] they said they knew it wasn't spam, but they told me several times they would not even talk about unblocking it unless I paid the $1,400.

That's funny. I contacted Hotmail about an identical filtering issue, also in 2006. There was no mention dollars. They did want to make sure my list was opt-in. They also asked me to join a feedback loop where list messages that hotmail members mark as spam are stripped of their identifying information and returned so I can identify problems with my system where unintended recipients have slipped in.

I did find it difficult to get through to folks who could help, but once I reached those folks I found them to be cordial and helpful.

Re:Different experience with hotmail

[john83]

Could you indicate who those folks are? I've failed on that front, and just resorted to advising people on my mailing list to leave hotmail.

Re:Different experience with hotmail

[Spazmania]

Click on my web site and email me.

Re:Sounds like a good idea to me.

[TheRaven64]

Second I think I'm in the majority here, but who the fuck wants newsletters? Depends on the newsletter. For something infrequently updated, I'd rather subscribe to a newsletter than poll an RSS feed. It's simply more bandwidth-efficient to use a push service than a pull model for this kind of thing.

Re:Sounds like a good idea to me.

[e-scetic]

Second I think I'm in the majority here, but who the fuck wants newsletters? I consider them to be spam just like the crap I'm not interested in.

First of all, the stakeholders in any organization WANT newsletters. If you had a financial or otherwise stake in some organization you'd want to see what they're up to. You wouldn't want to have to dig for the info either - newsletters deliver the information you want, optimized just for you, on a silver platter.

Secondly, most newsletters are opt-in or double opt-in only. That means people ask for them and go to the trouble of double opting for them. If there is a great abundance of newletters out there then by simple deduction it follows that a great number of people want newsletters.

Forget all other questions....

[popo]

Billing for service (and for backbone usage) is coming, and coming fast from a thousand different directions.

The question you should be asking is this: How much would email and internet access have to cost for you to stop using it.

Because the answer is scary. And the big corporations know it.

Re:Hwo dare they

[Baba+Ram+Dass]

It's not about YOU using it, SOMEONE uses it, maybe they have their account there from before they knew better, or maybe they do it just to piss you off, whatever the cause, if you're sending out a newsletter, or a payment receipt, or responding to a craigslist ad, or use a mialing list, or whatever you're doing, and you're on the "spam" list, your email might never see your customer/client/whatever. There is no guarantee when it comes to e-mail delivery. When you send an e-mail, the e-mail client basically says: "Hey server, please give this message to user X on your system." How again do you, as the sender, deserve that message be delivered? You did nothing for the server; in fact, you created work for the server.

Now if the server in question is such a dick as to demand you, the sender, pay a fee to have the mail delivered to users on said server's system... too bad for the users on that system. You've done your part; you delivered the mail you promised you would send them. It's their e-mail service that screwed up, and they should complain to that service provider or find a new one.

So in summary, is Hotmail a dick for doing this? Absolutely. Is it their right to be a dick? Absolutely. It's also each Hotmail user's right to go elsewhere if they don't like the service (or lack thereof, since not all of their e-mail is being delivered to them) they're receiving.

I don't understand...

[tweak4]

So if Microsoft is filtering out spam so aggressively with Hotmail, then how come every time I check my Hotmail account (which is all of about once per month), the address of which I have never publicized or otherwise given out, there is always 4-5 solid pages of spam.
Either they're not filtering as much as they pretend to, or the "fee" isn't deterring spammers at all... either way, it isn't working.

At least Gmail's spam filters work most of the time...

The Audacity!

[EgoWumpus]

NO, NEWSLETTERS ARE NOT APPROPRIATE FOR EMAIL.

Who are you to tell me what I want to use my email account for? If I want to receive newsletters, are you saying I cannot? The problem is not solved by simply saying, "Oh, no more newsletters."

"I don't care one whit for simplicity on this side of complexity, but would give my life for the simplicity on the far side of complexity."

Call me an insane lunatic then...

[tweak4]

I have a Phone at home. If some insane lunatic started up the idea of calling all his friends having them call all of their friends, as a means of sending out important news, I would laugh at him.

You've apparently never worked in an office or had kids in a school/soccer team/cub scout pack/etc that made use of a phone tree then...

Re:Call me an insane lunatic then...

[broggyr]

Multi-Level Marketing?

Because Viagra Isn't Automatically SPAM

[Slashdot+Parent]

The mere presence of the word "Viagra" in an email does not make it SPAM. Ever hear of a urologist? I'm willing to bet that urologists discuss Viagra over email all the time. For fun, I created an email message that I sent to myself to see what SpamAssassin scored it:

Subject: Interesting phenomenon related to Viagra use

Hi, Dr. Smith-

I just wanted to write you to let you know that I really enjoyed the article you wrote in the New England Journal of Medicine about the side effects of Cialis, Viagra, and Levitra. It turns out a patient of mine experienced debilitating nausea while on Levitra, so I prescribed Viagra in its place, as you recommend.

In addition, I thought you might be interested to know that this patient suffers from Raynaud's disease, and he reported a 50% reduction in the frequency of his attacks after switching from Levitra to Viagra. Curious, I found an article in PubMed detailing this phenomenon and I thought I'd pass it along to you.

I hope your knee is healing up nicely, I'm sure you can't wait to get back on the tennis court.

Best Regards,
Dr. Gerald Jones SpamAssassin scored it -0.9, which is what I would expect. This is despite the "DRUGS_ERECTILE" rule firing.

The spam filter that you would design would reject the message, and that would be an obvious false positive.

Better luck next time, my friend.

Oh?

[Slashdot+Parent]

That's a problem. It's extortion, it's being a bad internet neighbor, And I always thought that good fences made good neighbors.

mail quota policy

[spectro]

This article gave me an idea: A policy service like postgrey but to handle mail quotas per sender's ip. If you set your policy to a default of 10 mails per (unknown) sender by default, on their 11th they get a "45X Daily Mail Quota exceeded, please try again tomorrow".

This service should come with an easy to use interface to tweak quotas per sender's IP so you can allow all these mail-lists or high volume senders.

gotta go, need to call my patent lawyer...

Re:Sounds like a good idea to me.

[Charcharodon]

Secondly, most newsletters are opt-in or double opt-in only. That means people ask for them and go to the trouble of double opting for them. If there is a great abundance of newletters out there then by simple deduction it follows that a great number of people want newsletters.

I get newsletters all the time that I chose not to opt-in or specifically opt-ed out. Most newsletters aren't worth the paper they're printed on, financial or otherwise. If it is that important to me I check up on it on a regular basis.

But mainly all my parent post was to see if I could pull a negative Karma. I've been getting postive for so long I just want to see how much it'll take to get to drop.

Re:Sounds like a good idea to me.

[Charcharodon]

-1 Troll. It's an improvment. I just wait for another Apple Fan boy circle jerk love fest articles and say something mean about Steve Job's mother or how much the iPhone sucks and people that buy it are mindless drones that should get me a lower score.

Read on...

[CrazyClimber]

This is off topic, but I'd like to nominate "read on for more words" as the phrase of the day. I can see this replacing "after the jump" as being the new blog boilerplate.

So... One just have to buy Windows

[marcosdumay]

Nice to know that Hotmail will only accept mail from Windows servers. With specific authorization from the ISP.

It's not about the money, it's about control

[rstewar]

[Disclosure: I work for Boxbe [boxbe.com], a market based solution to spam]

I commented on the previous Goodmail story but I'll say it again, it's all about control. Goodmail and Hotmail control who can and cannot get into your inbox. Not a good thing.

Using payment as a way to ensure messages get through is a viable solution. Most filtering techniques for spam have failed. For every new spam technique anti-spam software developers stop, several new techniques pop up. The financial incentives for spammers to continue doing what they are doing is very high. Thus, the arms race continues. You might have noticed, we're losing badly against spammers.

That said, the incentives for the Goodmail and Hotmail systems are all wrong. As mentioned above, the only people that will pay are big marketers. While this certainly cuts out true spammers (Viagra, Cialis, penny stocks, etc), it also cuts out you and me. The money collected ought to go to me, not my ISP. Worse, my ISP shouldn't control who can reach me and who can't.

To CmdrTaco's point, Boxbe has a very similar methodology for auto-whitelisting mailing list and recipients of mail that I send. We use an individualized code appended in the email sig file, thus ensuring that people that I email won't receive a challenge message. This solution works very well for me.

Randy

Nobody cares...

[jojoba_oil]

Okay. This will come off sounding as flamebait, but at least read it before marking it as such.

I'm willing to bet my Karma (what Karma, right?) that Bennett Haselton is, himself, a spammer. I periodically stumble, to my dismay, across his ramblings posted here as front-page material. With most of them overly self-righteous and witchunty in nature, I think he has a little something to hide.

So, to keep things concise I'll simply list facts here:

• He delegitimizes spam-fighting cases by attempting to ridicule judges with his website, judgejokes.com. This is even more instrumental than it seems:
  • It is registered by his censor-fighting organization, Peacefire. Because making fun of judges is totally a worthwhile project for an organization as such.
    
  • It documents both his solicitation of other spammers, and lack of understanding of the law.
• He's worked on filter-circumvention software, which made news years ago. A direct quote from that site: "That software, Haselton and the IBB acknowledge, could have other uses here at home".
  
• He spams Slashdot with countless articles that could be summarized to 1-to-2 lines (and often are by comments shortly after being posted). A few of these are linked as related articles above.
  
• He takes huge issue any time that any of his emails aren't received. This article is evidence enough.
  
• And a few other things. I know I'm forgetting many. Anyone else want to step in?
  

Oh, and do yourself a favor, Bennett. Visit Web Pages That Suck to learn how not to design a webpage. I have yet to see one of your pages look even half-way professional -- which should be important to you if you really want Peacefire to catch on.

Now commence the -1, Flamebait if you see fit. =D

Re:Nobody cares...

[moderatorrater]

I completely agree. The most obvious sign to me is that he's never, ever done wrong, he's always the victim. Come on, get a grip. At the very least this guy's just slashvertising himself over and over again. He's right, there's a conflict of interest, but as several people have pointed out, they haven't exploited it like he claims they have.

Re:Nobody cares...

[Fretje]

I couldn't agree more...

I don't understand that people are still using e-mail for things e-mail is not made for...
Please Please, use RSS readers and the likes, add the site(s) in question to you default page collection in your browser of choice, but please don't complain about mail not getting to it's recipients...
This is common nowadays... One has to assume that e-mail doesn't reach its recipient.

I think it's time for a campaign to make john doe aware of this...

Re:Hwo dare they-POP3

[vigmeister]

Wait... the answer to a rhetorical question gets modded Informative?

Cheers!

Gmail - charge the sender or sell the customer!

[TooManyNames2007]

Don't be too quick in telling your newsletter subscribers to move to Gmail, because while Google doesn't charge the sender on the inbound, they do however sell your customer out to the highest bidder. So, if you're sending a newsletter on custom auto-parts (hoping to possibly attract your reader to your website to purchase product) don't be surprised when Gmail hijacks your customer with a highly targeted ad from one of your competitors placed just to the right or your news letter copy.

Gmail Prediction - I'll tell you something Gmail will introduce someday, paid protection! - per email paid advertisement protection so your competitors ads can't bid on your customers. And I'm sure Google will optimize the fee by basing your protection fee based on the current market price of those bidding on the keywords within your message.

My favorite hotmail feature...

[heavygravity]

If you don't check your email for a month, they DELETE ALL OF YOUR EMAIL. So if you have an extended holiday, an unfortunate stay in the hospital, or have a broken computer for a month - they delete absolutely everything. Hard to believe, isn't it? Most geeks can't imagine not checking their email for a month, but lots of "normal" people can lose years of communication because of this policy.

This story would be so much more interesting

[Russ+Nelson]

This story would be so much more interesting if Bennett wasn't an idiot. But then again, if he wasn't an idiot, there wouldn't be any story here.

Disclaimer: I've consulted for Goodmail, so I actually have some clue of what's going on here.

Missed the point?

[ukemike]

All you ditto heads missed the point. You can use gmail, but this is about the receiving side not the sending side. It does you no good to have a nice mail client if your outgoing emails are getting blocked by hotmail and you cannot reach your customers or the members of your web-based political organization. So you say that hotmail wouldn't block the whole gmail domain, well they might (it could potentially be a HUGE income stream!). Regardless if you are emailing on behalf of an organization you're gonna want a domain, which gmail could handle for you. But when they start blocking info@society_for_prevention_of_cruelty_to_first_po sters.org until you pony up $1400 to hotmail, and $1400 to AOL, and $1000 to Lycos, and $1800 to bigfreeemailwebsite.com, then you are effectively censored.

so next time a spam article comes up instead of being the first person to say "Use gmail!" or the fourth person to say "ditto!" Try something new and novel. RTFA!!!

Personally I have this radical belief... I believe that I have these inalienable rights. I don't care if the censor is in Washington DC or Redmond, WA it's still censorship.

Re:The real irony here is...

[WilliamSChips]

Your post advocates a

(X) technical ( ) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
(X) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
(X) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
(X) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(X) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
(X) Huge existing software investment in SMTP
(X) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(X) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(X) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
(X) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(X) Countermeasures must work if phased in gradually
( ) Sending email should be free
(X) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(X) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!

TFA author answered his own question

[macraig]

Haselton answered the question he asked in the first sentence with the the last sentence in the same paragraph! If Microsoft's misdeeds with Hotmail filtering are a validation of GoodMail's critics, then the obvious answer to his question is:

"No, we're not being too hard on GoodMail. We're not being hard enough on Microsoft and Hotmail."

I don't even need to read the unquoted part of TFA, do I?

I will pay a fee...

[Robber+Baron]

...but only if the money collected goes into a fund used to pay out bounties on known spammers.

Sending emails to hotmail

[JcMorin]

I operate a server that send between 34 000 to 37 000 emails to Hotmail per month,

• we have configure our server with the SPF DNS entry
• we automatically remove email that return error while sending the email
• we do unsubscribe users that ask for it
• we have registered to their snds service: https://postmaster.live.com/snds/data.aspx and we are flaged in the green 95%+ of the time

I still think you can send a fairly large amount of emails without having to pay if you play by the rules.

Bad email service? Move on...

[tubapro12]

Recently a friend of mine sent me an email. When I replied, her email system blocked my email because it was from a g(oogle)mail address and apparently they believe all g(oogle)mail addresses are spam. In my opinion, if email providers refuse to reliably deliver emails, its time to move on to another email service provider. Not as if there isn't a million under the sun, many quality services are free and provide top of the line spam filters. Throughout the time I've been using g(oogle)mail, only once have I had to remove a trusted email from my spam folder, and never have I received spam in my inbox.

two points

[cas2000]

1. hotmail's mail servers are their private property. they get to choose what mail they want to accept, not you and not any other sender. if they want to block your mail or your newsletter, that's your tough luck. you have no say in it whatsoever. their server, their rules.

2. hotmail's customers, however, have a right to complain. if the mail service they are using or paying for is blocking legitimate mail that they want, then they should complain. ultimately, this probably means they should get themselves a mail service provider which doesn't block mail that they want, or at least takes reasonable action to minimise false-positives.

Hell, if that's a summary...

[djlowe]

... then I don't want to RTFA - I don't think my life expectancy is that high :)

Think of the new internet/e-mail users

[bcc123]

I run a newsletter for one type of craft that is popular among women over 50.
A lot of them are having a hard time understanding the concept of a double opt-in, let alone adding something to the whitelist. A lot of the users are simply not computer savvy, and there is nothing wrong with that.

On top of that, I run a message board in the same niche.
Last night, I received a spam complaint from Hotmail about a "reply notification" e-mail sent to one board member.

http://www.quiltingboard.com/posts/list/1408.page

That person has been a member of the board for months and posted several hundred messages on the board.
So I seriously doubt she decided that my board is spam all of the sudden, and then changed her mind (about 5 hours after I'd locked the account) and registered a new account so she could as why the old one isn't working.

Why did it happen? It's because she didn't add my sending address to a whitelist and one time Hotmail decided that my e-mail is spam and put it in the junk folder. And when she tried to empty her junk folder, she didn't notice that e-mail among a bunch of real spam. And so now, I have one more registered complaint with Hotmail.

Not a week goes by without me getting spam complaints from large providers via the feedback loop.

Is it my fault? No. Is it her fault? No.
Yet, I'm pretty sure that my deliverabiliy rate to Hotmail will go down because of the complaints.

THe big boys aren't trying to solve the spam problem. They are ty

Something is missing here

[jskline]

Something is missing here in the conversations and the fact is that if the amount to circumvent the filters is only $1400, then consider this. The spammers are not going away because there is too much of a financial incentive for them to continue. This being said; assuming the spammer can make probably $5000-$10000 from a single client to send their junk out, this could be factored in as simply a "cost of doing business". Then with that said; your Inbox again becomes populated with the next pharmaceutical offering from another offshore entity. And with the usual careful crafting of the mail, it gets past even the advanced filter in Outlook or Thunderbird, and your left having to delete it anyway. Remember; it doesn't matter how much we talk about it to people, many still patronize these spammers clients and hence this cycle perpetuates. As long as the clients are willing to pay the spammers, that means they're getting a return on investment.

This to me is sort of promoting the spammers that are actually making a living at their chosen trade.