Nov 03 2007

MSN Hotmail – New King of Spam a lot

Published by under Security

Couple of month ago and after getting totally sick of all the spam in my mailboxes, so I changed the configuration and installed greylisting support on the mail server. So how does greylisting work? What happen is that each time a given mailbox receives an email from an unknown contact (ip), that mail is rejected with a ”try again later”-message. This, in the short run, means that all mail gets delayed at least until the sender tries again – but this is where spam loses out! Most spam is not sent out using RFC compliant MTAs; the spamming software will not try again later. That did the trick for while… but now during the last couple of weeks I have noticed that MSN Hotmail accounts are being used as sender and by that avoiding getting blocked by the greylisting – highly annoying! Then again, it’s was just matter of time before this would happened.

Question remains if Microsoft is sleeping or what – since these activities can’t really pass by without any notice by MSN. They should now have quite a few high volume users that send quite a few e-mails. Sending abuse reports to Microsoft seems to work (slowly) even if I don’t get any feedback from them; then again I guess that I’m not the only one with this problem. Having an anti-spam policy isn’t enough and doesn’t do the trick of blocking spam. Microsoft has also admitted that up to 98 percent of messages sent to Hotmail addresses are spam. Question is if not 98 percent of messages sent from Hotmail addresses are spam as well.

According to Sarah Lefko, MSN product manager, MSN has been very aggressive and proactive in protecting MSN Hotmail users from spam and together with SenderID blocking 20 millions e-mails per day. Problem is that it just doesn’t work.

What would the solution be then? Well, I’m really tempted to block Hotmail and don’t accept any e-mails from hotmail.com domain. Then again, it’s just really a bad work around of the problem. Also, how can it be that Google’s Gmail account isn’t abused? So far I haven’t received a single spam from gmail account….. yet.

Kim Haverblad

No comments

Trackback URI | Kommentars RSS

Leave comment