Archive for February, 2007

Abuse(d) by Microsoft

Monday, February 12th, 2007

If you’ve got irresponsible people on your server who let their mailform get abused by spammers, you might end up on blacklists. This is what happens if your server lands on a blacklist of hotmail.com. Stupid “smart” quotes, excessive spaces and gracious html in the mails from Microsoft have been fixed.

After being directed to http://postmaster.msn.com/ you can fill out some form going to abuse@hotmail.com. Like this:

So you send mail to abuse@hotmail.com:

Hello, hotmail.com is blocking mails from [IP]. We’ve deactivated formmail which was misused for sending spam. Please unblock [IP].

You get an automated reply:

Thank you for reporting spam to the MSN Hotmail Support Team. This is an auto-generated response to inform you that we have received your submission. Please note that you will not receive a reply if you respond directly to this message.

Unfortunately, in order to process your request, Hotmail Support needs a valid MSN/Hotmail hosted account.

We can help you best when you forward the spam/abusive mail as an attachment to us. The attachment should have full headers / message routing information displayed. This means that the complete “From” address of the offending message should be displayed. If you need help to do this, please visit the following website:

http://safety.msn.com/articles/junkmail.armx

If you have deleted or no longer have the message, you can still resubmit your report by sending the name of the violating MSN/Hotmail hosted account and a description of your concerns. If your submission does not involve a third party, please include your own account name in the body of your message along with the description of your concerns so we can process your report.

For further instructions on how to submit spam and abusive emails to Hotmail, please visit:

http://postmaster.msn.com/cgi-bin/dasp/postmaster.asp?ContextNav=Guidelines

For more information about MSN Hotmail’s efforts and technologies used to fight spam and abusive e-mails please visit:

http://postmaster.msn.com/cgi-bin/dasp/postmaster.asp?ContextNav=FightJunkEmail

Well, you go to http://postmaster.msn.com/ and fill out the form:

Service: MSN Hotmail
What type of problem do you have? I need something fixed [Other]

Full Name:Peter Keel

What e-mail address would you like a response sent to? abuse@mydomain

Primary e-mail address/member ID associated with the account you are inquiring about:

Be specific when describing your problem. The details that you include
enable us to promptly send you the most likely solution to your issue.

On the 14.1 a user on [IP] sent out spam, with which we dealt on the 15.1.

A week later, you’re still blocking [IP], and we and our other
users would be obliged if you could unblock the server.

Frequency of the issue: Always present

How do you access your Hotmail account? Other

Who is your ISP? Other

Type of Internet connection: Other

Have you recently installed any new software (if you enter yes please
add more comments in the text box above)? No

Suprise, It’s answered by a person:

Hello Peter,

Thank you for writing to MSN Hotmail Technical Support. My name is Jervin and you mentioned that a Hotmail user is being blocked from sending messages. I understand how important it is for you to have this concern attended immediately.

I have checked the IP address [IP] associated with this account and found it to be functioning properly. The user should be able to send any e-mail message to any address without problems.

Please try to send a test e-mail message and see if you will still encounter the same issue. If for some reason the issue persists, kindly reply and provide a copy of the bounce message you have received after sending the test email. Please also provide the MSN Hotmail account in question.

As one of our valued customers, your satisfaction is one of our primary concerns. Thank you for using MSN Hotmail.

Sincerely,
Jervin
MSN Hotmail Technical Support

He didn’t understand what I was talking about. Reply:

Hello

“MSN Hotmail Support” wrote:
> I have checked the IP address [IP] associated with this
> account and found it to be
> functioning properly. The user should be able to send
> any e-mail message to any address without problems.

… Its the other way round…

> Please try to send a test e-mail message and see if you will still
> encounter the same issue. If for some reason the issue persists, kindly
> reply and provide a copy of the bounce message you have received after
> sending the test email. Please also provide the MSN Hotmail account in
> question.

This is one of _hundreds_ of rejects from today:

2007-01-23 14:36:50 1H9LpS-0002xm-Hu < = user@server41.mydomain
U=user P=local S=978
2007-01-23 14:36:51 1H9LpS-0002xm-Hu ** some_user@hotmail.com R=lookuphost
T=remote_smtp: SMTP error from remote mail server after MAIL
FROM:user@server41.mydomain SIZE=2033: host mx3.hotmail.com
[65.54.244.72]: 550 Command rejected for policy reasons. For troubleshooting
information, go to http://postmaster.msn.com
2007-01-23 14:36:51 1H9LpT-0002xw-H7 < = <> R=1H9LpS-0002xm-Hu U=mailnull
P=local S=2076

And of course, it does not just concern that one user of yours, but dozens.

Kind regards

Peter Keel
System Administrator

And I get another answer:

Hello Peter,

Thank you for writing back to MSN Hotmail Technical Support. My name is Angelie and I have read your e-mail exchange with Jervin regarding your issue on not being able to send e-mail to Hotmail users because your message bounced back to you. I know how important it is to have your concern attended to immediately.

Peter, in order to help you with your issue, please visit our Postmaster site at http://postmaster.hotmail.com/Troubleshooting.aspx. This site provides troubleshooting information to those who are having issues sending e-mail messages to Hotmail. If you need further assistance with your e-mail delivery issues, you need to click on the second “here” link under “Sender services, tools, and issue submission” or submit the necessary information at: http://support.msn.com/eform.aspx?productKey=edfsmsbl&page=support_home_
options_form_byemail&ct=eformts

I appreciate your understanding and patience.

Sincerely,

Angelie
MSN Hotmail Technical Support

I fill out this new Form:

Service: Sender Information Form

What type of problem do you have?

Primary company contact name: Peter Keel

Primary company contact email address: abuse@mydomain

What domain are you sending from? various

What are the IP addresses of your outbound mail server (as seen by the receiving mail server)? [IP]

Is your server dedicated or shared? Dedicated

What ISP are you using? Ourselves, we’re an ISP

What OS are you using? FreeBSD

What mail transport software are you using? Exim

What mailing list management software are you using? irrelevant

How are bounce messages (non-delivery reports) handled by your system? delivered to the sender

How frequent are your mailings? does not apply

What are the volume of your mailings? does not apply

What are some of the accounts on Microsoft’s systems that you are attempting to send mail to? some_user@hotmail.com and probably hundreds more.

Do your SMTP logs show any failed transactions when attempting to send
to addresses at MSN, MSN Hotmail or other MSN Services? If so, include
those entries here.
2007-01-23 14:36:50 1H9LpS-0002xm-Hu *= user@server41.mydomain
U=user P=local S=978
2007-01-23 14:36:51 1H9LpS-0002xm-Hu ** some_user@hotmail.com
R=lookuphost
T=remote_smtp: SMTP error from remote mail server after MAIL
FROM:*user@server41.mydomain* SIZE=2033: host mx3.hotmail.com
[65.54.244.72]: 550 Command rejected for policy reasons. For
troubleshooting
information, go to http://postmaster.msn.com

Can you telnet to port25 of mx1.hotmail.com from your mail server(s)? yes

Can you traceroute to 216.32.183.201 from your mail server(s)? yes

Please copy/paste samples of a few of the messages you’re sending – including full headers – as seen by your recipients. forget it. I’m not going to sift those out of the queue

In what manner(s) are recipients added to your mailing list(s)? does not apply

Provide the URL of your web site. does not apply

Provide the URL of your Privacy Policy. does not apply

Provide the URL at which users opt-in to receive your mailings. does not apply

Provide the URL at which users may choose to permanently unsubscribe from your mailing list. does not apply

Are you currently a Return Path client? No

Are you Sender Score Certified? No

Do you publish Sender Policy Framework (SPF)/Sender ID records for your IP? Yes

Do you use separate IPs for your transactional vs. promotional/subscription marketing communications? No

Are you in the Junk Mail Reporting Partner Program? No

Do you use Smart Network Data Services? No

And I sent a Mail:

Hello

“MSN Hotmail Support” wrote:
> Peter, in order to help you with your issue, please visit our Postmaster
> site at http://postmaster.hotmail.com/Troubleshooting.aspx. This site
> provides troubleshooting information to those who are having issues
> sending e-mail messages to Hotmail. If you need further assistance with
> your e-mail delivery issues, you need to click on the second “here” link
> under “Sender services, tools, and issue submission” or submit the
> necessary information at:
> http://support.msn.com/eform.aspx?productKey=edfsmsbl&page=support_home_
> options_form_byemail&ct=eformts

Alright, I did.

Still, the problem is a simple as it can be: Hotmail deliberately blocks Mail sent by SMTP from [IP]. Would you just please unblock that IP?

Regards

Peter Keel
System Administrator

Now I’ve got two answers, one on the form, the other on the mail,

Hello Peter,

We have identified that messages from your IP (<ip>) are being filtered based on the recommendations of the SmartScreen filter. SmartScreen is the spam filtering technology developed and operated by Microsoft. SmartScreen is built around the technology of machine learning. SmartScreen’s filters are trained to recognize what is spam and what isn’t spam. In short, we filter incoming emails that look like spam. I am not able to go into any specific details about what these filters specifically entail, as this would render them useless.

However, we also base our spam rating on the reputation of the sender. One way to positively impact the reputation of your IP is to obtain SPF/Sender ID records. This technology allows SmartScreen to better track emails from your IP, weeding out spoofed messages. You can find additional information on creating SPF records at http://www.microsoft.com/senderid

Please confirm that your emails comply with MSN Hotmail’s technical standards. This information can be found at: http://postmaster.live.com/Guidelines.aspx http://advertising.msn.com/adproducts/Email_TechStd.asp

It will also be helpful to send example emails to randomtestacct@hotmail.com from your MTA so that we can examine the types of emails that you send. This will help me in our investigation. When you do this please send me the subject lines of emails you have sent. Please make sure that these emails are functionally similar to the types of emails that originate from your system, as any deviation from this may hinder our ability to investigate your problem. Do not use the word, “Test” or anything that would change the email from the original message that was initially sent to Hotmail Customers.

I hope that the information that I have provided to you has been helpful. You may also be able to find additional information on common delivery questions at the Hotmail Postmaster Site found at: http://postmaster.msn.com/. I would like to highlight some key areas which I believe are appropriate to your company.

* Hotmail has created the Smart Network Data Services program. This is a service that helps legitimate email senders work with their customers and partners to reduce spam originating from their IP. http://postmaster.msn.com/snds/ This program allows a sender to monitor the “health” of their IPs.

* I would also strongly recommend that you authenticate your outbound email via Sender ID and publish your SPF records for your outbound email IPs and register with Sender ID. You can find additional information at http://www.microsoft.com/senderID or you may email senderid@microsoft.com for support. Please note that technical standards (RFC 4408) discourage use of “ptr” for performance and reliability reasons.

* Monitor user complaints. Hotmail also has a sender complaint feedback loop program Junk Email Reporting Program (JMRP). Enrollment in this, free of charge, program will benefit you as a sender as it will keep your e-mail lists updated and populated with interested MSN Hotmail Customers. Participation in this program will remove those MSN Hotmail Customers who do not want to receive e-mails from your company. If you are interested in joining this program please email HMJMRX@microsoft.com

While using the SNDS tool, enrollment in the JMRP or having your IPs registered with Sender ID will not allow emails from your mail servers to bypass our filters, these are in place to help legitimate companies deliver their emails to Hotmail Customers.

* SenderScore Certified Mail Program. Many legitimate mailers and marketers have qualified and joined this “white listing” program to improve mail deliverability and decrease email from being filtered to the Junk E-mail Folder. Sender Score is a third party program,
administered by Return Path. Sender Score (www.senderscorecertified.com) is the only White Listing service to which we subscribe.

The troubleshooting steps in this email are recommendations only. Microsoft makes no guarantees that following these steps will guarantee deliverability to MSN, Hotmail, or Live.com customers.

Thank you,

Tyler
MSN Hotmail Domain Support

Dear Peter,

Thank you for writing back to MSN Hotmail Technical Support. This is Noel and I am writing in response to your request to unblock your IP [IP]. I understand how important it is to have this IP unblocked since most of your e-mail subscribers are not able to send e-mail
successfully to our accounts. I am sorry for the inconvenience this may have caused you.

Peter, I would really like to this for you since unblocking is such a simple task. However, I would like to guide you that our technical facility does not provide this option. Unblocking of IP or removing them from Blacklist and adding them to Whitelist, are done by the Domain
Delivery Support Team. In as much as I would like to remove the IP [IP], I am not able to do so since we do not have access to the Domain Delivery Support Team facility.

To correct this, kindly ask assistance from the Domain Delivery Support Team. Visit our Postmaster site at http://postmaster.hotmail.com/Troubleshooting.aspx. The e-mail address they will be sending the answers to, is also specified on that page. Please accept my apologies for not being able to assist you fully.

On behalf of our entire Hotmail staff, a heart-felt appreciation for your understanding.

Sincerely,

Noel
MSN Hotmail Technical Support

In other words, back where I started. And I’m not talking to employees of that company again. They’re all very polite, mostly clueless, apologetic and in any case can’t solve a problem which takes takes one line from me (“please unblock [IP]”) and one word from the admin (“Done”) of another big mailservice.

Addendum: Seems that this problem is more widespread than I thought: The Register: Hotmail Friendly Fire.

In fact, I can confirm this, I sent (nearly) identical mails from 60 servers to a hotmail test-address. The mails were sent with the envelope-from of an account and the server FQDN as domain, and the header-from of an other existing account on another server. This is what the outgoing-log says:

2007-07-18 14:35:58 1IB8l4-000Pti-IX < = testhost@server.domain U=root P=local S=449
2007-07-18 14:35:59 1IB8l4-000Pti-IX => testaccount@hotmail.com R=lookuphost T=remote_smtp H=mx1.hotmail.com [65.54.245.8]
2007-07-18 14:35:59 1IB8l4-000Pti-IX Completed

Some 15 of those 60 mails were classified as “Junk”. However, one of those mails never arrived, nevertheless the log clearly shows it was sent, and was accepted by hotmail. I sent another mail from the same server, which also did not arrive.