Sending Mail to Hotmail Users?

Cafesolo wonders: "I'm developing a web application using PHP. It has a user registration system that sends a link via email to activate new accounts. I've found that sending mails to Hotmail accounts is very difficult, because the spam filter is very strong and it filters lots of non-junk messages. I think the spam filter blocks any email whose domain isn't in an internal whitelist (which might contain popular domains, like hotmail.com itself, gmail.com, yahoo.com, msn.com, etc). Most of my users have Hotmail emails. I can't simply tell my users to read the junk folder because most of them are not computer-savvy and that seems to be a bit confusing to them. Has anyone managed to solve this problem? Did somebody try to contact Microsoft? Is there any way to get whitelisted? Can an independent programmer get his domain whitelisted?"

Occasional black-hole routing?

[Doobian Coedifier]

Anyone else ever find themselves without a route to any of hotmail's MXes? Once or twice per month, my mail server can't make a connection to any of the hotmail MXes. The outage typically lasts 12-72 hours, but never long enough to cause a bounce (5 days). I run tcptraceroute to port 25, and it dies at a msn.net router (the last hop that responds is 207.46.37.161). I'm on a Tier-1 ISP (Internap) sending 500-1500 messages daily to hotmail (and another 10-15k to other ISPs, with no problem). I submit to Hotmail support (gesthm@microsoft.com)... they always claim the problem must be on my end, and refuse to escalate. Just grabbing straws here to see if I'm not the only one...

Re:See slashdot article...

[CastrTroy]

As far as I know, hotmail has 2 options for filtering your mail. You can either have them filter it with the spam filters, or you can have it set up to only receive mail from people in your address book. I currently use the first option, as I don't like unexpected email going in my junkbox. The result is hundreds of spam messages that get through the filter. I don't know why they can't get it right. My yahoo mail account doesn't use a white list, and blocks 99.9% of spam. I get maybe 1 spam message every 2 weeks. I've also never had it block an email I wanted to receive.

Automatic death sentence

[coyote-san]

Falsifying headers is illegal, but I doubt anyone will actually pursue a small-time website operator who's sending otherwise legitimate traffic.

But for many of us forging headers is an automatic death sentence. I've walked away from existing business relationships where I had non-refundable credits because a customer support request was answered with a forged header.

On the other side of the table, it's one of the few actions where I would not hestiate to recommend immediate termination for cause if I caught a member of our staff pulling that stunt. (The other actions are using the computers to perform illegal acts or to distribute pr0n/warez.)

The reason it's so serious? It shows a culture that has a casual disregard to the consequences of identity fraud. If you forge mail that appears to come from me, then who else are you sending those forged messages to? Why should I believe your answer? Trust, once lost, is not easily recovered.

(BTW this doesn't even address the original point of getting past spam filters. Like many sites I have my MTA set up to reject incoming messages that claim (in the envelope) to come from my own domains. I know who I am and anyone claiming to be 'me' is, prima facie, making fradulent claims and should be treated accordingly. The last time I checked that test, by itself, was blocking about a third of inbound traffic.)

Re:Trial and error works.

[Cafesolo]

I did. I created two Hotmail accounts for testing. I tried sending mails from PHP using the mail() function and through the PHPMailer library (http://phpmailer.sf.net/ [sf.net]). I also tried sending mails through Thunderbird and through my hosting service's webmail interface. My messages always have been marked as spam.

The situation is actually MUCH worse than that

[robosmurf]

Actually, sending mail to Hotmail is much worse than that.

The Symantec BrightMail filters that Hotmail uses will silently delete mail. The sender will see no indication that the mail failed, but the message will be deleted; it will NOT necessarily appear in the Junk Mail folder.

I've been using Hotmail for years, but have recently been having terrible trouble with it losing messages from mailing lists that I am on, even with spam protection set at its lowest level.

Hotmail is NOT a reliable email system.

As far as I can tell, the only real solution to this is to tell your recipients not to use Hotmail.

email()

[Anonymous Coward]

Probably a little late to actually be read by anyone, but I find that the script at http://poss.sf.net/email [sf.net] always manages to get my mail through the filter as it meets Microsoft's requirments to send the mail to Hotmail accounts by default, well, unless you are being blocked because the mail you send is actually very spam like... "8Uy \/i4gr4 |\|0w!!!"

Re:Don't allow free emails

[OhPlz]

From what I've seen, nearly everyone has a real email account. I ran an ecommerce site for a while where I blacklisted all free email accounts as well as any email account or purchase that routed back to AOL. Those two restrictions cut the fraud down to almost nothing. I can't remember a single case where someone complained about the restriction and found they had no "real" email account they could use. A lot of people would use their work email. I did wonder if banning AOL entirely was a bit much, but I couldn't argue with the results. It elimated tens of thousands of dollars of fraud each week and cost us very in legit sales.

Re:Don't allow free emails

[Tripster]

Ditto here, we blocked all the free email providers once we realized pretty much all our fraud orders were using them and few if any legit signups used them. Gave up forwarding to the free providers abuse departments as well.