Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Spam Microsoft The Internet

Microsoft Offers Tools to Spamming ISPs 105

Posted by Zonk from the pork-checking-tools dept.
Michael writes "Computer Business Review reports that 'Internet service providers curious to know how much spam they are sending Hotmail users will be able to get detailed reports on the topic, courtesy of a service Microsoft launched in beta yesterday.' Microsoft's new Smart Network Data Services, a part of the larger MSN Portmaster initiative, allows the owners of IP blocks to view reports on the volume of email being sent from their networks to Hotmail users, and see how much of that email is being flagged as spam."
This discussion has been archived. No new comments can be posted.

Microsoft Offers Tools to Spamming ISPs More

Microsoft Offers Tools to Spamming ISPs

Comments Filter:

  • Comment removed (Score:4, Insightful)

    by account_deleted ( 4530225 ) on Friday May 27, 2005 @03:21PM (#12658228)
    Comment removed based on user account deletion

    • Re:And the real question (Score:4, Insightful)

      by dilvish_the_damned ( 167205 ) on Friday May 27, 2005 @03:27PM (#12658300) Journal
      Nope, but their customers might want to know how effective the SPAM tactics are working.
      • And, the spammers are certainly interested in knowing which ISPs are the most spam-friendly.
      • Have a look at the site: only the arin contact, postmaster@<domain> or abuse@<domain> are going to be able to get these stats. Customers, spammers (who don't own the IP space they're querying) and regular joe's are not going to be given this by MS (at least, not in this rev...we'll see what the future holds)
    • Is: will the ISP's sending most of the spam care?

      Sure they will... It'll help them calibrate their spam-blocking techniques. If the volume goes up (or stays the same) and the hit count drops, then they'll know that something's working especially well.

    • Re:And the real question (Score:2, Insightful)

      by vorm ( 878140 )
      "will the ISP's sending most of the spam care?"

      They should care. If everyone was to reduce the amount of spam they are sending, then this will in turn reduce the amount of spam they are receiving and having to filter out. Creating less total spam and making each ISP's customers happier. These reports should also help in determining the zombies that they are currently serving and allow them to contact or 'pull the plug' on these customers.
    • Spammers? probably not. But, the ISPs that are running mailing lists will. (Ie legitimate mail, not spam) I know a couple folks at my office are curious to see this, just to see how much of our mailing list traffic is getting dumped by a big provider.

      (before you all start, yes, they're opt-in, and they're limited subject lists anyway, so there's no reason to spam with them.)
      • Haven't you ever been pissed off with someone just enough to sign them up for 10s of "limited subject" lists?

        My personal favorites to send people to include sewing and knitting sites.

        They are VERY eager to sign people up, and they are right, they are totally opt-in, and all recipients have filled in the online form. Its just accidental that I give their address instead of my own.

        Now, what do you think the annoyed recipient will do as soon as this hits his inbox (with a decvent provider)?
        • That's why legitimate mailing lists send a confirmation request before adding to the list. Failing to use such confirmations is considered a blacklistable offense by many, and mailing list software makes it so easy there's no legitimate reason not to.

          • Re:And the real question (Score:3, Insightful)

            by gclef ( 96311 )
            And the problem, as the GP post pointed out, is that folks will even mark those confirmation requests as spam...not much a legit list can do in that case, except talk to the ISP, but you have to know it's happening first.
    • A sort of "Look, we know people from your network are sending us spam, this is causing us damage. We're now informing you of the size and scale of the problem you're giving us by not sorting it.".

      If it isn't sorted, six months down the line they may have a case.

    • ...and the real question is...
      How long will it take Microsoft to react to the fact that spam condoning ISP's are using the results to help tune the content of spam being sent?

  • fp (Score:1, Insightful)

    by eoyount ( 689574 )
    Now if they could only tell how much spam is coming from hotmail accounts...

    • Re:fp (Score:3, Interesting)

      by xwildph ( 870208 )

      Very little, i'd say. The thing is, a lot of the spam doesn't actually come from hotmail.

      The bulk of it seems to come from virus infected spam zombie networks, carrying a fake from & return address specifying hotmail, or worse, some poor schmuck who has nothing whatsoever to do with the spam.

      What's the solution? well, aside from lining up the spammers against a brick wall and shooting'em all, the SPF system seems to look promising, as do the well-run blocklists.

      On the subject of blocklists, spamcop

      • Microsoft publishes SPF records for Hotmail. I get the occasional phishing scheme through their servers but no other spam at all from them. Between SPF and PostGrey, I get almost no spam at all and the stuff that does come is typically from "legitimate" mail servers which are easily tracked and added to my PostFix reject map.

        I'm looking forward to the day when I can change my SPF checking from "soft" (Allow domains without SPF records) to "hard." There are still a few mail servers I get mail through that

    • Don't think much spam is coming from hotmail accounts (have to scrape the html or reverse engineer to automate MS's sending protocal to send using hotmail accounts I think? Also outgoing emails from hotmail accounts are tagged with IP address.), unless of course you count the idiots who forward chain emails (which usually contain hundreds of email addresses of who the email has been addressed to).

      Spam to hotmail accounts I'd say is probably quite large too though.
    • Who has a hotmail account now days? Past that as a server admin why would i care how much spam i send to microsoft, their product is what creates spam zombies...now if gmail was at stake....that might be different.
    • Why would anyone send spam from a Hotmail account? Wouldn't it be FAR easier and more efficient to send via an open SMTP relay with a Hotmail account as the replyto?

    • Re:fp (Score:5, Informative)

      by jjeffries ( 17675 ) on Friday May 27, 2005 @03:45PM (#12658513)
      Judging from the logs of my mail filters, about 2% of the mail that is marked up by SA as spam comes from @hotmail.com addresses. Thursday, for example, my filters saw 21,863 messages that were marked as spam, and 356 of those have @hotmail.com addresses.

      When you look at where these messages are coming from, though, and compare them to the IPs hotmail uses for outgoing smtp... I don't actually see any messages that really came from them--they are almost entirely forged addresses.

      Not that I have any love of MS/Hotmail, just sayin'.

      • There's no point logging "From" headers (or SMTP envelope=from) from the point of view of analyzing spam. They are meaningless. The only meaningful data in an SMTP transaction are the IP of the sending server (that is only theoretically forgable) and the envelope-to (rcpt) address, that needs to point to a real mailbox if the spam is expected to arrive at one.

        I have reported thousands of spam messages using spamcop.net, and haven't seen even one coming from Hotmail servers. I've seen many with forged Hotma
        • From: headers in spam are usually fake, but From: headers in non-spam that your filter caught by mistake are real, so logging them helps you find those messages if someone wants to look. Also, From: headers can be useful for finding trends in spam, either things that appear to be the same spammer, or people using the same spamware, or various kinds of phishing (From: security@ebay.com etc.)
    • Hotmail, as one might expect for a webmail system, is a rather poor system for a spammer to use. You're much more likely to see spam bouncing off some DSL-connected worm-pwn3d machine than you are from Hotmail.

  • Oh great (Score:3, Funny)

    by Anonymous Coward on Friday May 27, 2005 @03:22PM (#12658230)
    Excellent! I had no idea if my spam was getting caught by the spam filter or not. Now they are providing a great tool to measure my spam filter bypassing techniques!
    Thanks Microsoft!
    • This includes spam that users themselves mark as such. Very smart idea if ISPs actually use it.

      • Re:You aren't very smart, are you? (Score:5, Insightful)

        by javaxman ( 705658 ) on Friday May 27, 2005 @03:30PM (#12658334) Journal
        This includes spam that users themselves mark as such. Very smart idea if ISPs actually use it.

        Even better. If you are a spammer, this gives you the most useful data ever: how much of my spam is actually being recognized as spam? I'd want my spam messages to be so clever or so interesting that users don't readily figure out that it's spam.

        Of course, I'm not a spammer, and few who stoop to such pathetic marketing tactics would think enough to craft a message that ( to a person ) in not easily recognizable as spam, so I guess you have a point.

        • There is a scenario where someone who sends you an unsolicited advertisement would be able to do so so stealthily that you don't recognize what they are doing?
        • Also note that they have to be the registered netblock owner of the IP's they wish to query. It doesn't let you query any random number of IP's and send the results to any random e-mail address. The spammers who control bot nets of infected machines most likely will get nothing usefull from the service.
        • You'll never outsmart a human, 'cause you know, you're a human yourself.
        • few who stoop to such pathetic marketing tactics would think enough to craft a message that ( to a person ) in not easily recognizable as spam, so I guess you have a point.

          That's simply not true. The spammers may not be clever, but there are black-hat programmers who recognize the need and write easy-to-use software for generating spam that gets around filters. Have you not seen emails from someone named, say, "Rectum G. Arboretum" that has an advertising image, and a passage from an encyclopedia at the

        • a couple of days ago I got a spam advertising spamming software and lists... only registered 0.7 with spamassassin. I was quite impressed (but didn't buy the list and software)
      • This includes spam that users themselves mark as such.

        And we all know how well that works with AOL's 'feedback loop' mechanism...

        We have people that mail things like wedding pictures to AOL addresses.. and get marked as spam by the recipient. (Looked like a nice wedding, too, in Tilden Park in Berkeley..)

        I get the job of telling our customer, "well, you mailed your wedding pictures to someone at AOL who apparently thinks it's spam... so please either tell your friend to stop marking your mail as spam

  • Fix windows (Score:3, Insightful)

    by Turn-X Alphonse ( 789240 ) on Friday May 27, 2005 @03:22PM (#12658239) Journal
    Fix windows and we will have less spam zombies. It's a bit late to close the barn door once the horse has bolted.
    • Spotting spam zombies should be easy: if a computer on your ISP is hitting port 25 all day, then it's probably a spam zombie.

      You don't need feedback from Microsoft to tell you that you have zombies on your network. The question is, what are you going to do about them?

      Perhaps this is Microsoft's way of saying, "We think you're spewing spam, and now you know we know it. Fix it or we'll stop accepting mail from you entirely."

      Yeah, it would sure be better if Microsoft fixed its OS instead, and they're workin
    • I'm using Windows and my computer's not sending junk mail or popping up advertisements. I don't think Windows is the problem anymore. I think every new computer sold should come with a pamphlet about what not to do, such as not installing software that promises a little monkey will wave at you.

  • Publish the results (Score:3, Insightful)

    by Colin Smith ( 2679 ) on Friday May 27, 2005 @03:23PM (#12658250)
    And shame the ISPs into sorting the problems?

    • Yeah, like the Spamhaus [spamhaus.org] top 10 spamming ISP list has helped.

      And I think my sig speaks for itself when it comes to the terrorist methods of the spews blocklist.

      The point is, we aren't going to solve spam by putting pressure on large ISPs using technical means.
      • I think that Microsoft may carry more weight than Spamhaus does with the ISPs. If Hotmail starts declining mail, users get pissed. If Hotmail cuts all connections, so that users from an entire ISP can't get on, users get rabid.

        I don't know what Microsoft has in mind, if anything, but a gentle threat may just be their first salvo.
  • what's next? Microsoft will announce a new tool for IRS auditors to see the discrepancies in your tax return??

  • Please raise your hands... (Score:4, Insightful)

    by guyfromindia ( 812078 ) on Friday May 27, 2005 @03:25PM (#12658269) Homepage
    Internet service providers curious to know how much spam they are sending Hotmail users, please raise your hands...
    ummmm.. I dont see any.. Seriously, if ISP's were THAT concerned about the amount of spam their clients are generating, I wouldnt have to worry about spam, in the first place...
  • Hotmail recently introduced the ability to get 250MB inboxes for new users in nine markets and launched a photo upload tool for all users to make it easier for them to share pictures online.

    Careful Microsoft...wouldn't want to get sued (again) would you? [slashdot.org]

  • Done... (Score:3, Informative)

    by WordODD ( 706788 ) on Friday May 27, 2005 @03:28PM (#12658311)
    127.0.0.1 has been successfully added.

  • BTW, you can do similar (Score:3, Interesting)

    by Colin Smith ( 2679 ) on Friday May 27, 2005 @03:30PM (#12658333)
    On your own network fairly easily with some perl scripts, MRTG, Cricket, Zabbix and similar. We used popfile for classification.

  • ...I thought it meant "Microsoft Offers Tools to ISPs Who Are Spammers".

    Taking it to another level, I guess.
  • I wonder if this software runs only on windows servers.
  • I applaud this effort by Microsoft to fix what seems to be a service which has experienced the exposition of a host of security problems since its inception by allowing for increased accountability of abusers of the Hotmail service. If I am correct, Hotmail email addresses generate the most spam on the internet, or at least have in the past. Whether this is because they have such a large user base or the security flaws aforementioned is debatable, but irrespective of this fact, accountability should be en

    • Re:Bravo... (Score:2, Insightful)

      by Spodlink05 ( 850651 )
      If I am correct, Hotmail email addresses generate the most spam on the internet, or at least have in the past. Whether this is because they have such a large user base or the security flaws aforementioned is debatable, but irrespective of this fact, accountability should be encouraged at all levels of the spamming process, from creation to transmission.

      Or maybe it's because spammers are forging the return addresses and they don't come from hotmail at all.
    • overseas. I just throw out everything from entire IP address ranges in parts of the world where I don't know anybody.

  • the volume of email being sent from their networks to Hotmail users, and see how much of that email is being flagged as spam.

    All of it.

    Actually, it seems that almost all of my incoming mail is spam. I guess I don't know enough old people from Korea.

    Are there really clueless ISPs who can't monitor their own SMTP traffic? They're paying by the bit for their outgoing volume, usually, so you'd think all of them would have a good handle on what is going out.

    The ones who care already know. The o


    • Are there really clueless ISPs who can't monitor their own SMTP traffic?

      Given the size of the internet, there are probably ISPs who can't even monitor their own total traffic.


      They're paying by the bit for their outgoing volume, usually, so you'd think all of them would have a good handle on what is going out.

      Usually, ISPs don't pay by the bit, they pay for a pipe of a certain size - for example, $2000 a month for 100Mbps.

      But even if they did pay per bit, SMTP accounts for less than 1% of

  • Just about every web-based email provider, and most ISPs, have methods by which you can flag and report messages as spam... so why doesn't AOL, Yahoo, Google, Microsoft and everyone else not already share this data ?
  • Who has a hotmail account now days? Past that as a server admin why would i care how much spam i send to microsoft, their product is what creates spam zombies...now if gmail was at stake....that might be different.

  • wow (Score:4, Funny)

    by Tweak232 ( 880912 ) on Friday May 27, 2005 @03:44PM (#12658507)
    Wow, I better change from gmail, and get a BETTER e-mail account at hotmail.

    I would get better spam protection right? lol
  • I suppose MS's first step is to provide warnings to ISPs about their spamming customers and zombies. The next and obvious question is, What Comes Next?

    Will MS(Hotmail) begin blocking those ISP's?
    Will MS send them a notice saying something like, "... after $DATE we will bill you $BIGBUX per thousand spams. By continuing to spam our customers you agree to pay."

    Frankly, it sounds good to me. Let the BigGorillas set the tone and practice for spam.

    I made this up. Might happen. Might not. YMMV
  • This sounds like a good idea, that is if ISP's care to know, however on a weekly basis maybe, 10% of my legitimate emails will be filtered into the "spam"box. 10% is a fairly large percentage, large enough to make the report almost useless.

  • No legitimate uses? (Score:2, Insightful)

    by knarfling ( 735361 )
    I realize that this may sound impossible to /. users, but maybe this tool could be useful to non-spammers. For example, perhaps a business that sends out newsletters to customers wishes to see how many of its customers are marking the newsletters as spam. If a lot of people mark the newsletters as spam, perhaps it is time to a) change the format of the newsletter, b) make it easier and more clear how to stop receiving the newsletters, or c) stop sending newsletters.
    • I have a bias against mass email. Partly it's the spam problem and partly because it's a push technology. I prefer online bulletin boards to mailing lists. But I have to admit I haven't got the hang of marketing. Maybe it works for the people who send the email. Maybe that's the root of the problem.
  • I dont get it, Why would then do this? How is this going to make hotmail any better? the way Microsoft does things is such a baffle to me.
  • I think the creative idea team at MS needs to be fired.
  • Did anyone else read "portmaster" (as posted in the story headline) and think... oh great.. now what does microsoft think they own ?
  • ISPs route packets for users, which is their job.

    I find it amazing how the spam issue will turn people who everywhere else defend the end to end principle of internet design, along with other fundamental internet concepts such as flat-rate billing, opposition to port blocking and the rest -- to suddenly reverse themselves.

    We all want to stop spam very much. Yet with spam, we're ready to shoot the packet forwarder (and even the other customers of that packet forwarder) at the drop of a packet.

    Because be
  • I need a .NET passport to login?!
  • ... if like AOL they E-MAILED you when you hit a large spam volume.. rather then having to have me go in there EVERY NIGHT and look.

    Once again Microsoft ALMOST got something right.. but failed (again)
  • Grab copies of public spam blacklists, and run the IPs through grepcidr [pc-tools.net] to see if any IPs from your network(s) are blacklisted. Nice that Microsoft is providing additional data, letting us know where spam comes from. With the information known by Hotmail alone (being made public) we should be able to easily locate the majority of worldwide spamming IPs.

  • For reasons known only to themselves and their therapists, many of the students on our campus forward all their official mail to Hotmail accounts. This, despite the fact that we have a very nice webmail service that has great availabiliy, will never throw away important information, etc etc.

    Inevitably, these same students come whining to us that their mail 'isn't getting through', typically because they aren't capable of looking in the junk mail area and certainly aren't capable of the four mouse click

  • SNDS is a very good idea and I'm glad Microsoft has put it out there. It will help ISPs to identify spammers within their own networks (i.e. zombies) and should result in a drop in the spam entering Hotmail and other Microsoft properties.

    To make this service even better, Microsoft should add a web service interface so that ISPs can automatically check their records. An alternative would be to email the ISP summary reports in a standard format -- in much the same way that AOL does.

Slashdot Top Deals

Our business in life is not to succeed but to continue to fail in high spirits. -- Robert Louis Stevenson

Close