Full circle: How Microsoft is trying to eradicate email

After all this time, all these spams, all the complaints from all over the globe, I can only come to one conclusion: Microsoft is trying to kill email. Let's take a look at some facts. Spam levels are as high or higher than they've ever been. From my own personal experience, I can say without a shadow of a doubt that 99.9 percent of all email coming to my mail server is spam. That's tragic all by itself, but it'

After all this time, all these spams, all the complaints from all over the globe, I can only come to one conclusion: Microsoft is trying to kill email.

Let's take a look at some facts. Spam levels are as high or higher than they've ever been. From my own personal experience, I can say without a shadow of a doubt that 99.9 percent of all email coming to my mail server is spam. That's tragic all by itself, but it's been that way for quite some time now. I have written and documented the severe steps that I've taken to reduce the problem, but the fact remains that hundreds of thousands of connections are made to my mailserver every day, trying to sell me v1@gr@!, inform me of my incredible good fortune in some foreign lottery, or tell me that really need to buy stock in some company nobody's ever heard of.

Hundreds of thousands of connections, coming from thousands of hosts. What are those hosts anyway? The vast majority of those hosts are exploited Windows systems. They're zombies run by botnet operators. Their owners are probably completely clueless to the maelstrom that has engulfed their little Dell desktop. It's just "slow".

There are millions of these systems out there, according to an article from USA Today. Millions.

The mainstream media consistently use the term "computers" when they make forays into this realm. Yes, they are computers, but they're not just any computer -- they are all running Windows. All of them. Let's not mince words here: Botnets are comprised of compromised Windows systems. Thus, Microsoft's massive security failures are at the very core of the spam problem.

Yes, there are still spammers out there that use specific servers and subnets to send their trash, but they're relatively easy to identify and stop, either by the ISP, or through filtering at the client side. Connections from millions of unique systems from all over the globe are much harder to stop. Some of the ways that spam filters try to stem this tide is by identifying subnets assigned to residential cable and DSL providers, and blocking those IP ranges. That's like bringing a sledgehammer into surgery, but it can be effective -- so effective that it blocks legitimate communications from people running their own servers, and hundreds of companies using cable and DSL connections for their business. The subnet allocations caught up in these traps aren't necessarily accurate, and they can cause email to simply disappear at worst, or consistently be marked as spam at best.

Speaking of email simply disappearing, this brings me to my next point about Microsoft's apparent attempt to kill email: Hotmail.

I've had a Hotmail/MSN/Live.com email account for awhile now, and it's been relatively spam-free. Of course, that address is not published anywhere, and I hardly ever use it, so I would expect that to some degree. However, some tests I ran over the weekend shed some light on some of the ways that Hotmail/MSN/Live.com handle spam: They apparently are simply deleting inbound email with no bounce messages, no flags, no notification -- nothing.

I can replicate this at will. When I send an email from my mailserver (located on a commercial circuit) to my gmail.com account, live.com account, and other personal accounts, they all arrive -- except to my live.com/Hotmail account. It simply never appears, and no bounce message is ever seen. If I send myself an email from my live.com account, it arrives speedily, and my reply is delivered back to the live.com account almost instantly. But if I then write a new message to the live.com account, it never appears, even though it came from an address that I just emailed.

Thus, Microsoft is simply deleting legitimate emails. Why would I bother using such a service? It's like buying a car that will only start once in awhile, or a refrigerator that keeps the soda cold, but lets the milk go bad. It's useless.

I'm not alone here, either. This thread at MozillaZine goes back to 2006, and describes these exact problems in excruciating detail, among others. Ian Gregory has also been cataloguing this problem for a few years now.

The temerity of Microsoft to simply never deliver these emails is shocking to me, but taken in concert with my original point that Microsoft software forms the very core of the spam problem to begin with, and the only conclusion I can make is that they are waging a war -- not against spammers, but against email.

Perhaps they're going to unleash some hidden features in Exchange 2008 that will ensure that email sent from one Exchange server to another is always passed through (and always reaches hotmail.com, msn.com, and live.com addresses), leaving everybody else out in the cold -- a Frankenstein thought if there ever was one.

Their motive may be unclear, but their actions are transparent -- they are complicit in the generation and distribution of spam, and are summarily deleting emails addressed to their users under the guise of fighting spam.

Until they remedy this egregious activity, I've instructed my mailservers to discard any inbound email from hotmail.com, msn.com, or live.com.

c3.gif
In a few days, I probably won't be able to reply to them anyway.
Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies