Hotmail's antispam measures snuff out legit emails, too Hotmail users and email server admins, beware: you may be unknowingly caught in the crossfire of Microsoft's war on spam. Unintended casualties include legitimate emails from domains with well-established reputations, which are systematically blocked with absolutely no notice and little recourse. The chief culprit is the …
Just allow ONLY plain text and less than 1000 characters. NO html AT ALL. Limit count of (plain text) links to only 2.
If you need more, the sender should put the information up on a local site, and provide a link. Then the recipient can get the info at their leisure.
It would stop most phishing and spam in its tracks.
Then again I can dream!
I use my hotmail address for webforms where I don't trust the company in question not to sell my address down the river (most of them...) so I'm not surprised that 95% of the email that makes it to my hotmail inbox (after the spam filters and some custom filters) is spam. But I've also noticed quite a few legit emails going to the spam folder, and some not even arriving there. It's quite aggravating. Gmail and yahoo don't give me this kind of problem, although admittedly the spam volume going to those addresses is much smaller in the first place.
A short ago I bought a TLD, installed a forum and had the same problem: hotmail rejected email from my domain to my forum users. After some research apparently it's enough to insert a SPF txt record into own DNS record. Something like:
your_domain.com. IN TXT "v=spf1 ip4:111.222.333.444 a a:your_domain.com a:mail.your_domain.com mx:your_domain.com include:your_ISP.net ~all"
to be changed according to your real data.
Personally, being over busy with school, I didn't tried yet. If some one does, please let me know.
-- briosky
http://brionews.com <<== Self-promotion :-p
This article is 110% relevant to me at the moment - I am having huge issues getting an email to be delivered to hotmail at all, never mind getting in its junk folder. I've followed all their procedures, talked to anyone from hotmail I can, and still no luck. I can deliver no problem to yahoo, gmail, aol, etc, etc, etc...
I think it's a great idea that the guy mentioned in the article bans users from using a hotmail address when signing up for an account on his website. I say as much of us as possible should do this. It will annoy customers at first, but then they'll just get used to seeing it on websites, and they will just give up on hotmail. Hotmail will get a bad name in general. It is bad ... serves M$ right.
Nothing personal, but anyone who hasn't realised how dated, featureless and substandard a service Hotmail is in comparison with other providers (who actually dare to invest and move their services forward) does kind of bring this on themselves. Given it's reputation as the underworld for lowlife spammers, I would instantly distrust anyone using it for a business related purpose - in fact it would prejudice my opinion of their professionalism. For personal use, you cannot fail to be aware of its shortcomings and therefore you would also be mad to choose to use it.
I use about 3 different addresses for hotmail for the reasons given by Adam above, and admittedly the lesser used ones have less spam, but its the very poor filtering that is the problem. With any email provider, once your address has been "acquired" by spammers then the game is up - it will never be spam free again. However, the spam that makes it past my main Yahoo address amounts to about 1 a month vs 20-25 on Hotmail. Conversely, occasionally email from a domain I haven't received from before is precautionarily filtered by Yahoo, but not to the extent that I cannot leave it for up to 2 weeks between checking it.
Most people I know only continued to use Hotmail as their main account because they used MSN Messenger, but now you don't have to have a Hotmail/MSN address for that, even those numbers fall further and further.
I've experienced exactly this problem with Hotmail and my Freedom2Surf email. No email sent from any of my F2S accounts reach Hotmail recipients. Both myself and F2S have had no luck getting this rectified with Hotmail. The Hotmail "support" guys even claim that they have absolutely no control over the filtering and that F2S need to contact SmartScreen direct! Unfortunately all emails to SmartScreen have gone unanswered. Outsourcing at its finest.
Sounds like this has hit me.
Messages from my Yahoo account to my sons hotmail address, started getting blocked a while back (i.e. lost in space), so I used other accounts to get through. My Yahoo account works fine other domains, it's just coldmail that fails, every time.
We only discovered it, because he mentioned he'd not received a reply to something he'd expect me to mail, rather than phone.
Yahoo, GMail, etc. seem to have a much better grasp of reality.
Following a cock-up with the reply to field not being re-written correctly Hotmail blocked all email sent from our mailserver
Once the re-write was fixed you could reply to an email sent from Hotmail, but any sent directly vanished.
After checking that the emails conformed to Hotmail's standards I got in touch with their support.
It seems to take about five days to a week for a reply to come from tech support, however after a couple of weeks the server is now un-blocked.
PS Matthew, at least GMail put's what it considers to be spam into a folder you can access. Hotmail simply drops anything it does not like, legit or not, into a void. Trying to establish why is Kafkaesque, I do not exaggerate. I know the mistake I made, but for many they don't know what is causing the problem and have little or no access to any remedy.
We run a large subscribe-only e-mail newsletter service and also hit problems with Hotmail/MSN but also with Yahoo and AOL. To be honest MSN's technical support eventually switched their brain on and increased our allocation although they did initially claim that Symantec's service was blacklisting us, something which Symantec denied. All in all the process was faster than with Yahoo. We hope that mails our now getting through!
Services like SmartScreen are a joke. Properly configured mail servers and SPF records go a long way to reducing abuse.
Yes, it does appear that Hotmail and MS have significantly ramped up the filtering on their systems.
We are consistently having emails deleted by the SmartScreen spam filter. Both the intended recipient and our host does not receive any indication that the email has been deleted which makes dealing with this issue extremely difficult. We are currently having to confirm via telephone that emails have been received correctly. Extremely costly in both time and money.
Come on MS!!! Get this sorted.
I noticed this a few years ago. On a Medium Security setting, lots of Spam was getting through, on a high Security setting many legitimate emails were being blocked. There was no useable middle ground.
So I dumped Hotmail and switched to Yahoo, which has far superior anti-spam filtering.
Doesn't matter whether you switch to Yahoo, Gmail on any other - they're all better than Hotmail!
There's enough paying hotmail customers, even though the basic plan is free. Thus the argument a few comments up `you get what you pay for' does not hold.
Nobody in their right mind would start now paying for a hotmail account, I agree, but enough are locked in. If your address is printed e.g. on (scientific) papers, it will stay there forever --- and enough important (mostly older) people will not succeed in contacting you if you change the email.
Matthew Leddington-Hill says that his legitimate insurance reminders go into the spam folder at Gmail - Do you select them and explicitly mark them as NOT spam? Or do you simply move them out of the Spam box? Marking them as Not Spam should notify the central Googleplex not to mark them as spam next time.
At least Google uses a properly tested (and widely used) anti-spam engine, and it is known to do a marvellous job, but even now and then it needs a little tweak. :-)
And Google doesn't just swallow your mail and doesn't tell you.
Hotmail is not alone - I run a registration-based site and vital emails (password requests in particular) do not get through to BT Internet addresses, ever (and often not to Hotmail or AOL addresses), despite me jumping through many hoops to get it working. The major problem for us is that customers assume that we're at fault and put it down to bad customer service - so our business reputation is damaged because of the customer's choice of email provider. Painful.
I work at a school and we send >100 messages a day to hotmail. Some get through, some get into junk boxes, and some just disappear.
However they have this thing called 'Smart Network Data Services' (linked from postmaster.hotmail.com) which supposedly tells you how many messages you sent to their network from your netblock. Guess what - 'No Data' every day. Useless.
I noticed they seem to trust mail from Outlook more than Outlook Web Access (Exchange Server's webmail platform) - identical messages sent from both and the Outlook one is junked and the Outlook Web Access one disappears (despite being accepted by their MX)
This post has been deleted by its author
I've actually been using the same hotmail address since 1999, specifically as a "catch-all" address to avoid spam being sent to my ISP inbox. I use this email address every time I have to provide one to a website in order to post or retrieve information - I NEVER give out my ISP email address online, only to people I've physically met and have a reason to contact. (Well, actually my bank got my ISP email online, a) because they requested it over a secure connection, b) because there are VERY strict laws dictating what banks can and can't do with customer data, and c) I don't trust the likes of Hotmail to handle my banking information.)
Even sites like El Reg only get my hotmail address - not because I think El Reg would sell it (I doubt that very much actually), but because I have to provide it over an unsecured connection every time I post a comment like this one. I live in Australia. El Reg is in England. Who knows what compromised servers in Nigeria or Abu Dhabi my posts pass through on their cruise across the planet?
This is why you use hotmail. It's a catch-all point of contact for "everyone else" on the net, nothing more. By doing this, my ISP address gets zero spam, while my hotmail address receives between 200 - 300 spams a DAY. Most (but not all!) of that is filtered into the junk folder. When I sign up at a new site, the confirmation/account activation email ends up in the junk folder about half the time the first time around, but it's not hard to find. Once I find it, I tag it as "Not Junk", which adds it to my Safe List. Thereafter, all emails from that site's mailbot come into my inbox. I've had no problems with this, and I've always gotten the confirmation emails from every site I've signed up to.
Finally, only 80-90% of email is spam? Er...no. I once actually counted all the emails I got in a month (June 2006) that I wanted to receive, against all the spam I got. Here's the results:
Wanted emails: 76
Spam emails: 6,594
That means 1.15% of the email I got was NOT spam - or that 98.85% of it WAS spam!
THAT is what you use hotmail for.
ANY site, and I really do mean ANY site, that does 'filtering' is going to have either false positive or false negatives or most likely both. get this, there is absolutely NO way to sensibly filter spam. There are loads of techniques of varying effectiveness and varying degrees of brokenness, but there is NO technique that will effectively stop spam and NOT drop legitimate email.
I've been up against this with AOL in the past with one of their stupid ideas, this latest with Hotmail does not surprise me. Users are probably ecstatic that their spam has stopped, and most probably just never know about stuff that doesn't arrive - lets face it, if you aren't expecting an email from someone then you aren't going to notice it's absense !
For further reading I suggest :
http://homepages.tesco.net./~J.deBoynePollard/FGA/smtp-anti-ubm-dont-work.html
http://www.im2000.org/
And especially for those who think SPF is in any way "a good idea", try this :
http://homepages.tesco.net./~J.deBoynePollard/FGA/smtp-spf-is-harmful.html
There seems to be a groundswell of opinion that Gmail is better than Hotmail at spam-handling. Well, I've got to say that Lycos' is useless. At the moment I figure only at best 30-40% of the spam I get is dealt with by them and heads for "Junk", the rest goes into my Inbox. Worse still, despite repeated "unblock" attempts, stuff that I *do* want goes into the Junk folder - infuriating!
Meanwhile, on my Hotmail account - which, granted, is a "low volume" one - I've yet to receive a single spam, and I'm not aware of losing any inbound mails either.
This isn't an endorsment of Hotmail, merely trying to point out that there's others out there probably just as bad.
"ANY site, and I really do mean ANY site, that does 'filtering' is going to have either false positive or false negatives or most likely both."
Well I'm betting M$ will start blocking all emails and claim it is better because it has no spam whatsoever. I use Gmail and have no problem with sites (though I do get college recrution email a lot) spamming me. I'd rather have false positives sent to my inbox than false negitives deleted for all eternity. If I have to email or recieve email for an important assignment like a midterm paper, I'm not going to want hotmail deleting willy nilly. If that did happen and I was unable to get into a job after college or recieved a low score I would so sue M$.
ever since it started and the spammers picked up on it. i've stopped using 'free' email, though i have a yahoo account; it gets used only if i absolutely MUST provide an email account to a site in order to read something there (usually news sites, and i don't trust them!). In fact, we have to tell people we *want* to contact to send mail from a non-hotmail account, because it gets automatically tagged as junk and whilst not zipped into the bit-bucket, the junk folder doesn't get checked too often but dumped a lot.
Even so, i get maybe one or two spams a day, counting the ones in my junk folder, and none at my work account (putting paid to the idea floating round here that spam is automatic! Just don't give out your work address when you shop, idiots!).
"If I have to email or recieve email for an important assignment like a midterm paper..."
Which is why you'd give your college or uni your ISP email address, not a webmail one like hotmail. As I pointed out in my previous comment, you should use sites like hotmail only as a catch-all address, not as your primary point of contact with people who deal with you personally.
Alternatively, as a student you should have your own email address at your college or uni. That's actually the best one to use for all course-related correspondence - not only is it more secure, but you have all your course materials in one place separate from all your other correspondence. When I was in college, I used my student email address, which I could access both from on campus or from my home email client. Of course, if your institution doesn't allow external access to your student inbox then that's a problem, in which case you'd use your ISP email instead.
The major problem with Hotmail's policy is that they are accepting mail that they are then refusing to deliver. The SPF and RBL type checks are fine, in that they refuse to accept the email, so a genuine mail server will know that it can't be delivered, and send the bounce to their own sending user.
This is very different from the recipient email server accepting it for delivery, and then later bouncing it to the supposed Reply To: address, which is easily forged.
Any anti-spam system should refuse email at the gateway where possible (in which case genuine senders will receive an alert from their own SMTP server), or flag and deliver to spam box of the recipient once they have accepted an email for delivery.
That way, the recipient is eventually able to locate the misfiled spam message.
At no point should emails be silently dropped without notification going to either the sender or the recipient.
And some people do not understand why Microsoft(ies) are called all kinds of names... Send non-spam to the spam folder (false positive) is not so tragic, but simply nuking the damn message for ever and ever, without a trace!? Ridiculous. I'm sure nobody would be stupid enough to buy software from peo... oh, wait.
On a more somber note, we have the same type of issues in high throughput functional genomics, as everybody knows. You want high sensitivity (more genes) you will get LOTS of false positives ("fake" genes). You want higher specificity (only legit genes) and get more strict, then you end up missing a bunch of actually legit genes (false negatives). Life is tough.
Cheers
J
We (a university) were bitten by this at the end of last year. A number of our students had opted to forward their email to their Hotmail accounts and we were happy to let them until the messages started to be blocked. We had some painful email exchanges with MSN technical support where they insisted that we had been blacklisted due to complaints from their customers and their best advice was to ask the recipient to whitelist us. Replying to a message that originated at Hotmail is also quite likely to be delivered but is hardly practical.
We set up the SPF record but it's not clear that it made any real difference. We signed up for their junk alerting scheme and now have access to a web page that lists some of the messages that Hotmail customers have reported as junk. It's really quite depressing reading them; one student reported the invitation to his own degree ceremony, another junked a message that she'd sent to herself.
We think it's a usability problem with Hotmail. The two buttons "report junk"and "delete" are similar and have exactly the same effect as far as the user is concerned: the message goes away.
Geoff
I've personally had trouble sending email to Excite.com and Aol.com users this past week alone from my own account. Like the story said, my messages did not enter bulk folders but were immediately bounced.
Any spam solution will always have innocent victims. Heck, even "spam" to one person may be legitimate to another who had actually signed up to receive information. So in this case there is no possible magic bullet. With spammers mimicking personal messages, spam filters have increasing difficult distinguishing spam from real.
Nope, filters based on content alone will never be very accurate, instead they should (if possible) base decisions on the actions of the sender. Unfortunately with botnets, the real sender can't be traced anyways.
So the only long term viable option see is to (somehow) economically deplete the spammers.
1st, this is not only a Hotmail issue but happens on other Microsoft properties like MSN. They should be rejecting the email not just dumping it on the floor.
The big problem is that not even a legitimate SPF record for your domain seems to solve the problem (which the Windows Live email guidelines state). Why? Because Microsoft doesn't really support the SPF standard, but their own 'enhanced' version of SPF.
I have experienced no issue with Gmail and Yahoo.
I believe it would have been helpful for the article to clearly distinguish between SPAM filters and SMTP mail filters such as Spamcop and Spamhaus. Having important e-mails flagged as SPAM is frustrating - or worse if you don't review them - but loosing incoming sales enquiries or outgoing order dispatch notices and invoices is intolerable. I've seen instances where a well known ISP has blindly used a SMTP mail filter which inadvertently included its own servers!
I am of the opinion that interfering with the delivery of e-mail should carry the same penalties as interfering with the deliver of paper mail/post. IMHO its rather arrogant to think that those who develop SPAM detection software are cleverer than those who send SPAM. Conceptually it seems so simple to verify the server that sent an e-mail (and for it to know its legitimate addresses). Perhaps the real conspiracy theory applies - fixing the problem is a one time fix rather than a constant revenue stream for software developers.
This issue came to light for us when we changes mail relays.
Mailboxes on our exchange servers appear to be unaffected.
Email from some application servers however, is.
One tool which isn't mentioned in the article is "Smart Network Data Services" : https://postmaster.live.com/snds
This is interesting data to see but not actually useful in rectifying the problem.
One application server sends two types of email,
-One goes to the Junk folder.
-The other is silently deleted.
We have logged a support call with that supplier to try to find out more.
Still working on the problem!
Worlds largest virus/spyware/malware propogating email server on the planet....
Along with the fact they have been hacked into how many times?
Fortinatley I've not seen much in the way of hotmail trash
Oh wait... most Admins I know bann "hotmail" before it even gets there... that would be why.
If you need a free email service.... at least go somewhere like Gmail or Yahoo <yeah its not as great as gmail but its better than hotmail>.
The problem is that vendors want to deal with this problem by acting on the email message. What they should do is act upon the sender.
We have a tracking system that identifies BOT's and Spammers and shuts them down at the firewall, we also have a mail proxy that also addresses the emails as well.
www.afferentsecurity.com
www.autoshun.com
Give me a call 913-685-6519, jbarnes@afferentsecurity.com
Joshua Barnes
Director of Business Development
SmartScreen is NOT smart at all.
I've created a petition to call Microsoft to remove SmartScreen technology from Hotmail & Windows Live Mail.
For those of you who are not happy over this matter, sign the petition right here.
http://www.petitiononline.com/notsmart/
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
