Microsoft calls for outbound filtering against spam

SAN JOSE, California -- In its continuing fight against unsolicited commercial e-mail, Microsoft Corp. plans to filter outgoing messages on its consumer mail services and is busy developing new "proofing" technologies, the software maker's chief spam fighter said Thursday.

The fight is also one against the clock. Microsoft last year set a two-year goal to make spam a problem of the past. There are 19 months left, Ryan Hamlin, general manager of Microsoft's Security Technology & Strategy group, said Thursday at Inbox, a conference on e-mail here.

More than 14.5 billion spam messages are sent each day, according to Hamlin, who cited figures from antispam vendor Brightmail Inc. Microsoft's Hotmail Web-based e-mail service receives 2.7 billion spam messages a day, Hamlin said.

As part of its efforts to stop spam, Microsoft in the coming months plans to apply spam filters not only to incoming mail on its Hotmail and MSN services, but also to outbound mail. The filtering will kick in when users send a large number of messages and is intended to help stop abuse of Microsoft's services by senders of spam, Hamlin said.

He called out to Internet service providers (ISPs) and other e-mail service providers to do the same. "All of the ISPs and large senders of mail need to be filtering on the outbound side," he said. "There is a lot of abuse happening. We need to have better outbound filtering to look for people that are abusing our systems."

Hamlin referred to Comcast Corp. as an example. The large U.S. cable Internet access provider last month said it was cutting off Internet service for some customers whose computers had been hijacked to relay spam messages.

Filtering, however, is only part of Microsoft's technology attack on spam. The company is also investing heavily in proof and prevention utilities, Hamlin said. Filters will really only work well after proper spam-proofing and prevention technologies have been applied, he said.

"Protection today has been very reactive. We want to make it very proactive, and we think the way to do that is by having great proof and prevention technologies," Hamlin said.

One proofing technology that Microsoft is working on sends a challenge in the form of a computational puzzle to the sender of a message if the filtering system suspects a message may be spam. The sender, or the sender's computer, would have to solve the puzzle to validate the legitimacy of an e-mail message.

Solving a challenge would take little time for a regular e-mail sender's computer but would overwhelm the computing cycles of someone sending large amounts e-mail, according to Microsoft. The technology is now being developed and should be ready within a year, Hamlin said.

The challenge system would work in concert with other technologies Microsoft is developing as part of its Coordinated Spam Reduction Initiative announced in February. The plan also includes Microsoft's SmartScreen filtering technology, a sender authentication technology called Caller ID for E-mail and "white lists" that contain certified e-mail senders.

Microsoft uses many of its antispam technologies in Hotmail and MSN and last week delivered the Intelligent Message Filter for Exchange, a spam filter based on SmartScreen, for the Exchange e-mail server product.

Microsoft is battling spam on several fronts and has repeatedly said there is no silver bullet to solve the onslaught of spam. The Redmond, Washington-based software maker advocates stronger legislation and enforcement to attack spam and those who send it and has called for industry collaboration and consumer education on the topic.