Why is Hotmail so bad at spam?
Tell me why, I don't like Hotmail...
A nice theory, that is completely blown out of the water by web expert Dominic Ryan at IIS Aid, who set up a test of popular emails.
It turns out that this chap can send email to all of the top ten mail providers - except to Hotmail where (he was told by Hotmail staff) "SmartScreen technology had identified email coming from my domain as being spam and had blocked my email server IP".
As he remarked, this is a symptom of a spam filter that simply doesn't work. If you can detect spam, you don't have to block entire domains: "Even if I was sending spam, somehow blacklisting the IP regardless of what other domains are sending email through that server does not seem especially 'smart' to me." Me neither.
Well, he wanted to fix it. Hotmail support "would not tell me why my domain was being flagged for spam, and when asked what the possible solutions were I was told I could sign up for 3rd party accreditation through Sender Score Certified (at a cost of $400USD start up, and $1000USD each year) who maintain the only whitelist service Hotmail use, and was also advised I could try tightening my SPF policy. Just to be especially vague, the footer on the email also stated that there were no guarantees that any of the solutions offered would work. Great!"
So he tightened up his SPF policy, only to find that Hotmail still wouldn't let legitimate mail through: "I came across this on openspf which pointed out that, in fact, the SenderID technology which Microsoft had championed (and Hotmail use) as another anti spam technology was in fact highly incompatible with SPF policies. Microsoft was apparently even made aware of this prior to the final release, but did not do anything to correct it - despite there being hundreds of thousands of domains with active SPF policies in effect at the time."
That much is old news. Since then, Dominic Ryan has gone sniffing into another possible area: what email client are you using to send mail? Here's what he found out:
"I started playing around with clients rather than concentrating on server setup, and I've had some interesting results. I can send to Hotmail without a problem using Outlook 2003, but no cigar with Mozilla Thunderbird. I think that this suggests that the headers the email clients add to an email also play a crucial role in determining if the mail gets through or not. This is BAD news because as a system admin there is generally very little you can do about this."
And he promises to keep testing. But (as several visitors to his site remarked) the overall impression is pretty stark: "It's more about getting subscriptions, than sending email."
You do have to ask if Microsoft really wants to be in the mainstream mail business. I keep a Hotmail account going simply in order to have a Passport - and, of course, to keep track of Hotmail. Twice now, I've come back to the office after a break to discover that I didn't check my Hotmail account for a couple of weeks before going on holiday, nor on holiday, nor for a couple of weeks after getting back. And as a result, Hotmail has quite simply deleted all my mails, settings, and data. You can re-validate (start from scratch) or pay.
By contrast, I have a Gmail account which I use two or three times every few months. It ticks along like a reliable Grandfather clock. Easy choice.
The reason I'm really trying to like Hotmail is that ultimately I do think the solution to spam is, quite simply, to make people pay to send mail. The more you send, the more you pay. Microsoft's Penny Black scheme came to nothing because of political questions about "if everybody pays a cent per mail, doesn't that impose an unfair burden on people in the Phillipines?" - which it does. And SpamDon'tBuyIt, going nowhere two years ago, is still as naive as ever in today's world where spammers aren't actually trying to sell things, but to phish and to pharm and to load Trojans.
It would be lovely to imagine that Hotmail's plan is to make free email too awful to tolerate, forcing us to go with Penny Black or some other "friction generation" system. Actually, it would be lovely to imagine that even that would work. It won't.
But the evidence is that Microsoft's top brass didn't see email as an important part of the main feature. For the past five years, Microsoft has had two obsessions - XML and DRM; and when those are working OK, then developer tools. And an email service simply doesn't play any part in either of those obsessions, or in advancing the developer business.
Sadly, my conclusion is that Hotmail is nothing more than the runt of the litter. If it can make itself work, fine - if it can't, who cares? Throw it out.
I wish they would. ®