Hotmail Spam Blacklist

[adept2003]

Hotmail is blocking lots of legitimate servers from sending email to any Hotmail or MSN account.

Signing up to their SNDS service at http://postmaster.live.com/snds/ allows ISPs to view the amount of email being flagged by them as spam.

1. Hotmail have also introduced a number of "trap" email accounts:
   

   Trap accounts are accounts maintained by Windows Live Mail that don't solicit any mail. Thus any messages sent to trap accounts are very likely to be spam. Well-behaved senders will hit very few such accounts because they're generally sending to people who give them their address and because they collect and process their NDRs. Spammers have a much harder time avoiding them because, in general, they can't and don't do either of those good practices.

   The issue with these "trap accounts" is that spammers have been sending mail to recipients on our server, using random hotmail addresses, some of which happen to be the trap accounts. Since many shared hosting users have boxtrapper in place, the "verification" email ends up being sent to these trap accounts which then flags the web hosts server IP as being a spam server.
2. Many cpanel users have setup email forwarding to their hotmail account from a domain hosted on the server. This means that spam is also forwarded to the hotmail account, but with message headers saying that the email came from the legitimate server hosting the domain. This means more penalty points for the server if the email is detected to be spam by Hotmails own spam filtering.
3. Even if Hotmail doesn't pick out the spam email, when the user then opens the email and realises that it's junk, they click the "report as junk email" link, which looks at the email header and penalises the legitimate server that forwarded the email.
4. In addittion, if the email is sent from a spoofed hotmail account, either an "unrecognised recipient" or a box trapper verification message is sent to the reply-to address of the spam email. Since the hotmail account user didn't send the original email, they're likely to report any emails sent from the server as "spam".

Whilst SPF records may help a tiny bit, it really doesn't overcome the points above since even if the emails are being forwarded, they're still appearing to hotmail as originating from the web hosts "innocent" server. Hotmail recently launched their new SNDS system, and we've already had a relatively new server blocked because of this, so I have little doubt that it will begin to affect a significant number of web hosts in the coming months (I'm sure a lot of you have noticed a huge increase in the amount of spam being processed by mailscanner over the last 3-4 months?).

I'd invite anyone to post to this thread with possible solutions/comments/updates...

 

[willsherwood]

Instruct users not to use Junk and Report Spam buttons

We've been through this with AOL too, with absolutely no luck.

see http://sherwoodhosting.com/email-ftp-support/aol-report-spam.html

At least AOL has a server-opt-out agreement that's possible.

 

[sparek-3]

In my opinion the issue is more with the e-mail culture and end users than with the actual process of e-mail. End users need to recognize that they cannot forward mail off of the server any longer. If an end user wants to have an e-mail address [email protected], then why are you forwarding that to [email protected]? I'm not saying that you should not have a [email protected] e-mail address, but if you are going to have any @mydomain.com e-mail accounts you need to check those e-mail accounts directly on the server. If an end user has a preference for the Hotmail interface, that's fine. But you don't need to disguise things, if you prefer the Hotmail interface, then only use that e-mail address. Tell people to write you at [email protected] This may not look professional, but its just a sign of the times of change. Not only can forwarding mail cause the server to become blacklisted, there's numerous reports of Hotmail not delivering messages. If you have the [email protected] forwarding to [email protected], and someone writes you at [email protected], there may be a good chance that you won't receive that message. You might argue that if the end user advertises their [email protected] address then they still might not receive the message. This is true, but this would be between the end user and Hotmail.

I also think there's a bit too much emphasis being put on marking messages as spam. I think too many times end users are marking messages as spam that they really should not be. If users sign up to a mailing list, then they don't need to mark messages from that list as spam. If they no longer want to receive messages from that list, then they should unsubscribe. If a user receives a message concerning a reply to a message board post, then they should not mark that message as spam. A lot of the major e-mail providers are quick to pull the trigger concerning these and it may only take one tagged message to blacklist a server. The major e-mail providers are doing this because a lot of end users are complaining about the amount of spam they receive, so they must do something to keep their users happy. But then you run into issues where forwarded mail causes a server to become blacklisted and messages get lost.

I don't really have any solutions to this, but I think this help identify the problem. The issue comes up with being able to inform and educate end users about this. Its easy for me to understand why forwarding mail off of the hosting server to another e-mail provider is such a bad idea, but that does not necessarily translate over to end users. Its difficult to explain how marking messages as spam can actually lead to more problems concerning spam. I know there's been a large surge in the amount of spam traffic. I know everyone is getting inundated with spam and they are getting tired of receiving spam. I can reason with these issues, but there's just not a single simple solution that will solve all of these problems. Its going to take more of a global effort where all e-mail users understand some of these issues and why some things they may have done in the past is no longer a valid option.