It is a pretty well-known fact that Hotmail has major issues when it comes to dealing with spam, due to this Hotmail received a “deservedly bad reputation for it,” according to Dick Craddock, Group Program Manager of Hotmail.
I couldn’t have put it better myself. I can still remember when that Spam folder in Hotmail had 3-5 messages in it while my inbox contained 10 or more spam emails. But hey, I guess it is better that real emails don’t get flagged as spam, right? – haha, talk about being in denial.
But with the most recent Wave (or major) update Microsoft introduced many new technologies to keep such unwanted messages out of your inbox. In fact, the Hotmail spam filter uses the SmartScreen filter, something Internet Explorer uses to protect people from phishing and other malware infested websites and downloads.
According to Microsoft, the spam epidemic over at Hotmail peaked in 2006, but since then Spam In The Inbox (SITI – I didn’t come up with this word, apparently Microsoft uses this lingo) for the Hotmail service has been reduced a staggering 90%.
Craddock also states that in the past year SITI has been reduced by another 40% – or from 5% true SITI to 3%.
Craddock goes on to say that Microsoft has helped reduce the amount of spam being sent on the Internet overall by 15%, thanks to “disruptive actions” such as taking down the Waledac and Rustock botnets. For those unaware, the Rustock botnet was one of the single largest sources of spam, “capable of sending up to 30 billion spam messages a day.”
Kicking Spam to the Curb
So how does Hotmail keep spam in the place it belongs? Craddock says they have invested in a variety of filters such as connection-time filtering, content filtering, blocklist and safelist preferences, and much more.
Hotmail’s spam filter is also personalized to each individual account, “using information about the people you send email to and receive it from and also which email messages you actually read.” The most recent Wave also introduced a trusted sender feature which will display a safety logo next to emails which come from legitimate senders, like banks and other types of services commonly imitated for malicious purposes.
Stopping Spammers in Their Tracks
Hotmail is also very well-known for being a source of spam itself.
A reason this is true, according to Craddock, is because spammers do what is called “reputation hijacking,” and “Hotmail maintains a good reputation among all email providers; simply put, email from Hotmail gets delivered, and the spammers know that.” I am guessing that some email providers may sometimes mark email from specific domains as spam no matter what if most messages coming from the domain are spam, but that is not realistic with Hotmail (or Gmail, Yahoo! Mail, etc.)
Thankfully the amount of spam coming from Hotmail has been reduced by 75% in the past year, and Craddock has given some information on how this was accomplished:
- Account Reputation – As a Hotmail account is used a reputation is gained. The service see’s such things as receiving email from people you have sent email to as “good behavior” and therefore increases your reputation as being good. Sending a lot of emails and getting delivery errors causes an accounts reputation to turn sour – obviously there is much more to reputation determination. If an account appears to have a bad reputation the account could be prevented from sending email all together.
- Account Creation Limits – To prevent the mass creation of accounts, Microsoft limits the number of Hotmail accounts which can be created in a single day by IP address.
- Outbound Spam Filtering – As email messages come in, they are ran through a spam filter to determine whether they are, well, spam. So why not do the same as the message leaves? That is what Hotmail does… As the messages leave, they “look for suspicious content that matches known spam campaigns.”
These safeguards work well at preventing spam from brand new accounts, and existing accounts whose sole purpose is to send spam. With these new safeguards in place, spammers have apparently turned to other methods of sending spam: hijacking accounts.
Craddock says that now most spam comes from hijacked accounts, but they have done work to mitigate those issues as well.
Hotmail will look for unusual behaviors, like unusual IP addresses, sending much more email than usual, sending emails which trigger the aforementioned outbound spam filters, and more. Recently a “My Friend’s Been Hacked!” link has been added to the “Mark as” menu in Hotmail.
Craddock finishes off by saying:
We’ve made tremendous progress in our battle against spam, but we know that spam and hijacking will continue to be a big problem for all service providers as long as there is economic incentive for the bad guys to do what they do. So we’re not letting up. We continue to invest in research and development to find ways to make it even harder for the spammers to get spam into your Inbox and to use Hotmail as a way of sending spam.
Well, now you know some of the ways Hotmail keeps spam out of your inbox, and how they prevent Hotmail from being a source of that annoying spam. I think all Hotmail users are very thankful – because I know I am. I still continue to use my Hotmail account as much as I always have and I can honestly say the spam filter has become significantly better – though I still see one spam message every now and again.
Report Junk to Microsoft
I just have one last thing to say, and I guess it is somewhat of a tip: opt-in to reporting junk to Microsoft.
Yes, you read that right… If you are using Hotmail and have ever clicked the “Mark as Junk” button, you may not be accomplishing much of anything. Because for some odd reason Hotmail does not default to reporting junk messages to the spam filter – except probably your own customized filter, but it won’t help anyone else, as they you.
If you would like to opt-in to actually having the Junk button report the message to Microsoft as spam, please do the following:
- Go to https://mail.live.com/?rru=options
- Under Preventing junk email, click Filters and reporting.
- Select the Report junk option under Report junk messages.
I never really noticed this option until a year or so ago, and I know this option still isn’t enabled by default – which I checked when I recently setup my grandmothers first email account.