Microsoft Going After Hotmail Spammers 403
Mirkon writes "Quoth The Register: "Microsoft has targeted spammers with a lawsuit aimed at bulk mailers who harvest email addresses of Hotmail subscribers in order to bombard them with junk." Details are apparently sketchy at this point, but it's nice to see America's favorite monopoly putting its power to good use." The original news.com.com story is slightly more informative.
Re:I took Hotmail spammers to mean ... (Score:5, Informative)
Just do this (Score:5, Informative)
Re:Mail readers. (Score:2, Informative)
Re:I took Hotmail spammers to mean ... (Score:5, Informative)
Take a look at your full headers, those are forged.
I filter out mail from @yahoo.com|@msn.com|@hotmail.com|@aol.com where the connecting host does NOT end in yahoo.com, msn.com, hotmail.com, or aol.com
Just this alone got rid of 20% of my mail (all spam, never a false positive).
Re:Mail readers. (Score:2, Informative)
Re:It is not a monopoly (Score:2, Informative)
The mere existence of competition is not sufficient. Your competition has to be a significant enough threat to your market share that you price your products competitively in order to compete with them. There is no sign that MS is doing this. They may not like Linux, etc., but they're not significantly lowering the price of Windows in order to compete with Linux, etc., because Linux, etc. are such a non-threat that MS doesn't need to re-price Windows.
The financial reality of MS's monopoly is borne out by their recent SEC filing, which showed that the overwhelming majority of their revenues and profits came from Windows, and Office. These are precisely the two areas that the findings of fact focused on as the basis of MS's monopoly - users are forced to buy Windows at any price because they are forced to buy Office at any price, in order to achieve application compatibility with other businesses, colleagues, etc.
MS was found to be a monopoly in U.S. Federal court. This finding of fact was upheld on all appeals, including an attempt by MS to get the U.S. Supreme Court to reverse the ruling. They failed. Since the Supreme Court is the court of last resort in the U.S., this is an established, legal fact, that cannot be overturned on any future appeal of this case. Once the Supremes shoot you down, it's game over.
The only thing that could change MS's status as a monopoly, is a decrease in its market power large enough to force MS to price its OS offerings lower because of competition from Linux, Mac OS, *BSD, etc. Even then, it would take another series of court rulings to recognize this new market situation.
Until this extremely unlikely combination of events, and the naive dictionary definition view of the world notwithstanding, MS is legally a monopoly in PC operating systems, and is treated as such by every court of law in the U.S.
Moreover, they have also, in the same process, been found to be guilty of illegally abusing their monopoly. So they are, beyond hope of any appeal, guilty of illegal abuse of their monopoly in PC operating systems.
Re:Mail readers. (Score:5, Informative)
The problem is that spammers who're searching for valid addresses generally check whether or not an error occurs at the SMTP level. When the message is in your mailbox, it's already too late.
First, the spammer connects directly to your server and checks how you handle invalid addresses (by sending an email to an almost guaranteed bogus account). If your mail server rejects mail to the test address, the spammer then begins doing a dictionary-based attack. If any mail gets through, that address goes on the spammer's list of valid targets.
Re:Mail readers. (Score:4, Informative)
Re:I wish they'd target their spammer USERS! (Score:2, Informative)
While in some cases dumb spammers will use a live Hotmail account as the return address for a spam run, in the majority of cases, the Hotmail addresses (and those of others like BigFoot, Juno, Yahoo, etc) are fabricated. And yes, some spammers are so dumb they leave no means of contact whatsoever. In other cases it's a web site hosted entirely separately from where the spam came from (often a wide range of open proxies for which no origin tracking headers are inserted). And those web hosters refuse to shut down those spammer sites claiming that since the spam didn't come through their network they won't do anything about it (but at least SPEWS lists them, too, which has resulted in many takedowns).
Look at the headers and see if the message actually came from one of Hotmail's servers. Microsoft already has made it so that it is incredibly hard to spam through the web interface (just like Slashdot's "slow down cowboy" feature for those who post too fast here). But if someone does manage to spam through Hotmail, by all means notify them, although they probably already know about it.
I don't know whether it is good to report the likely forged return address spams to Hotmail or not. Certainly if the address is real, it should be, so they can shut it down (they do). But knowing whether it is real or not is not easy.
I don't actually see all that much spam with Hotmail as a return address. I haven't seen any from Hotmail servers in ages. I do NOT block Hotmail.
Re:So what.... (Score:5, Informative)
A different idea that came up at the conference was what I'll describe as "bigger targets attract more arrows". That is, an ISP with millions of subscribers (Hotmail, Yahoo, AOL, Earthlink) is a more appealing target for things like dictionary attacks than, say, my personal DynDNS account with two legitimate users behind it.
If you're going to carry out a dictionary attack against a domain, diminishing returns will take over for the little one (one billion tries, two hits -- 2e9%), but for the big one you can expect a reasonable hit rate (one billion tries, 3 million hits -- 0.003% -- and in fact a reasonably big fraction of all users on the network).
In practice, this means today that the bigger the netwowrk, the greater the current spam volume, to the point that of the largest ISPs and corporate networks around today, something like 40% to 50% of their mail traffic is now spam.
I think this is a better explanation for what's going at Hotmail et al., and it also does a better job of why they want so badly to control the spam issue. The explanation they'll give to the public is that this is good customer service, and to an extent that's true. But at the same time, trying to handle all this network traffic is probably a technical nightmare (and comments about the migration from FreeBSD to Win2000 are not helpful here :). For a free service, having to handle that much unwanted traffic is probably killing them, and bringing it under control for that reason is probably at least as important as maintaining customer good will.
Re:A good start (Score:4, Informative)
You can't block it (sneaky, Microsoft!), but you can sure as shootin' filter it. In Options|Custom Filters, put in a rule that redirects all mail from staff@hotmail.com right inot the trash. Or, if you're afraid of missing out on a valuable deal to get a bigger mailbox, you can always sort Hotmail Services e-mails to some junk mailbox that you only check intermittently.
Re:A good start (Score:3, Informative)
*sigh*
Gotta love being a monopoly. Of course, depending on how you think of it, it's their service, so they can do what they want with it, no one is forcing you to use it.
Well, no one except MS themselves, who force you to get a hotmail account for your
Well, except for MS who is building
Re:brute force spamming (Score:4, Informative)
http://www.wired.com/news/infostructure/0,1377,57
http://www.spamhaus.org/newsdog.lasso?article=114 [spamhaus.org]
http://www.unicom.com/chrome/a/000032.html [unicom.com]
the last one is of particular interest because it claims that Hotmail doesn't seem to do anything about these dictionary attacks:
They have discovered that MSN/Hotmail seems to allow spammers to run long-lived dictionary attacks, in one case extending over five months in duration.
as for software capable of launching this type of attack - there are already programs which exist for launching these attacks against authentication systems. those written in scripting languages (many of them are written in perl) are easily altered to attack a mail server.
You don't have to view Hotmail via the web.... (Score:2, Informative)