Microsoft Takes On Spammers Again

It will begin checking for the existence of Sender ID framework records on Oct. 1.
Microsoft is taking aim at spammers who hide behind spoofed or forged E-mail addresses. At last week's Open Group Conference in Boston, the company said it would begin checking for the existence of Sender ID framework records on Oct. 1.

"What we hope to see is that others will be doing the same, and I think you will see that--other large ISPs following suit," says George Webb, business manager of Microsoft's Anti-Spam Technology and Strategy Group. "Basically, the call to action now is everyone should be publishing SPF records. We hope to see broad adoption of that standard quickly."

The Sender ID specification dictates that E-mail senders publish the IP addresses of their outbound mail servers. Where such records exist, Microsoft now will begin trying to match the purported responsible domain for every message received to an IP address on the supposed senders' list of authorized mail servers. If no match is found, the message is probably spoofed. According to Microsoft chairman Bill Gates, domain spoofing is involved in half of all of spam.

At some future point, a domain mismatch may mean the message gets blocked. In the near term, however, the absence of a match will be only one point of data among many used by Microsoft's SmartScreen filtering technology to determine whether a message is spam.

During this initial period, Webb says, there will be a large portion of domains that haven't published their SPF records yet. "We will not be blocking those in October," he said. "What we will be doing is determining what is the likelihood of someone having posted an SPF record, how well does that correlate with spamminess or not. And learning from that in terms of how we integrate that with our filter. Over time, you'll see a deeper integration."

Some 170 million active MSN Hotmail accounts will be affected. When enough legitimate mail senders participate, Sender ID will help defend against phishing attacks. "Establishing the domain provenance of E-mail is certainly a contributing factor to help solve the phishing problem," says Webb.

But Hotmail users are already reaping the benefits of Microsoft's anti-spam efforts. Last October, the company added SmartScreen to Hotmail servers and to Outlook 2003. Exchange 2003 customers saw the technology in May. In December, Microsoft began throttling spam more aggressively. The result, says Webb, has been a 60% reduction in spam at Hotmail. "I've actually gotten my parents and people like that asking me what we did," he said, "because Hotmail has become such a better experience since we did that."

Even as it attacks spammers via the courts and through reputation-based accreditation schemes, Microsoft remains focused on technical solutions. "Our own technology development and deployment is critical," says Webb. "We're pushing that forward into new areas like proof technologies, where you have things like demonstrations of computational effort can be used to differentiate yourself from illegitimate mailers. We're looking at how to put those technologies into our E-mail clients right now."