Not-so Hotmail

Jan. 6, 2006: Hotmail Makes Matters Worse (if that’s possible)

In response to a 419 complaint sent to abuse@hotmail, I received the following auto-ack:

If you are reporting Unsolicited Commercial E-Mail (also known as Spam or Junk E-Mail), please resubmit your report to or depending on the spammer’s domain. Appropriate actions will be taken. and do NOT process spam reports. These accounts only process abusive e-mails in, but not limited, to the following categories:

• Child exploitation/pornography threats
• Harassment
• Impersonation of an institution or trademark (like a bank or government agency
or charity) also known as Phishing
• Issues relating to account credentials being compromised (hacked)

I’m not entirely sure where my Nigerian 419 scam fits in. It’s more scam than spam. However, the real point is that it is abuse. It is this author’s opinion that I should be able to submit abuse complaints to “abuse” at whatever domain is responsible for transmitting the email. It should NOT be necessary to review the content of the abuse and then to review the X-Original Sender to make a determination of precisely where I should send my complaint to. Moreover, it should not be necessary for the average user to read the instructions in the ack, sort out the instructions and then send a second complaint when the original email is often, by then, deleted.

Ultimately, it is MSN/Hotmail’s responsibility to analyze and redirect abuse complaints – not the recipient’s. This is the convention followed by every responsible provider on the planet. If MSN/Hotmail cannot reasonably control what is being transmitted through their servers then they don’t belong in the email business and should be blocked by responsible adminstrators.

Oct. 12, 2005: Is Anyone in Charge at MSN/Hotmail?

Spammers and scammers tend to be dim bulbs in the chandelier of connectivity. Nevertheless, they are often acutely adept at finding – and exploiting – the negligence of providers. Such is the case at Hotmail these days which has become the home of the 419 scam.

“419” scams are those emails asking for your assistance in liberating substantial funds from Nigeria. Variants include appeals from other countries, “barristers” representing individuals who were killed in plane crashes, lottery scams and other appeals that confirm that there are no limits to audacity, gullibility or bizarreness.

Scammers have discovered how to utilize Hotmail:

With “properly” formatted headers, the Hotmail daemon that examines and replies to emails forwarded to will reject the submission.

Attempts to submit the report higher up in the food chain – to MSN – will also be rejected because the MSN daemon identifies the complaint as spam.

Negligently refusing complaints, Hotmail cannot take action against those who are using their servers for criminal purposes! In an email dialog with an MSN executive, the individual stated “We really need to fix our daemon and reply bot.” That was in August.

Administrators need to seriously consider blocking all of Hotmail until this problem is resolved. This can be done quite easily with an RBLDNSD host file. Some whitelisting is required and Hotmail users should be encouraged to switch to other providers that are not similarly clueless.

You May Also Like

DNSBL Policies (Adds & Removals)

Verizon Advisory

Earthlink Advisory

What Is Spam