MSN Criticized For Open Spam Relays
November 15, 2000
Responding to complaints that the Microsoft Network is allowing spammers to relay junk e-mail through MSN servers, the Mail Abuse Prevention System (MAPS) has added several MSN systems to its notorious anti-spam blacklist. The action could potentially disrupt emails from thousands of legitimate MSN subscribers.
MAPS is the controversial California non-profit that maintains databases of known junk e-mailers. The lists are used by many Internet service providers to protect their users from unsolicited commercial e-mail. Spokesperson Kelly Thompson Wednesday confirmed that the organization has placed six MSN servers on its MAPS Relay Spam Stopper or RSS list, which contains more than 50,000 entries and is used by thousands of ISPs.
"Those MSN relays are a spammer's dream. They are big and high capacity, and they can send a lot of e-mail fast. You can bounce 10,000 messages off the relay without them noticing," said Thompson.
Relaying is a tactic used by spammers to conceal the true origin of their junk email. By exploiting misconfigured SMTP servers, spammers can avoid being traced and prevent their messages from being filtered by some anti-spam software. Properly configured SMTP servers do not allow connections from users who do not have valid accounts on those systems.
MAPS placed the IP address of the first MSN server on the RSS list November 2, after receiving complaints from Internet users who received spam relayed through open MSN mail servers. MAPS tested the servers and confirmed the reports, according to Thompson. Additional MSN server IPs were placed on the list on November 12 and 13.
The RSS list is separate from the MAPS Realtime Black Hole List, which consists of over 4,000 systems which have been known to harbor junk e-mailers. More than 20,000 organizations subscribe to the RBL, according to Thompson.
As a result of the action by MAPS, many legitimate MSN subscribers have had their outgoing messages blocked by the ISPs who use the RSS. Thompson reports that MAPS has received over 100 inquiries from affected MSN users over the past week, an unusually high number. Thompson says MSN support staff were directing subscribers to take their complaints to MAPS.
MSN representatives were not available by newstime for comment, but Thompson claims the company acknowledged that some of its systems were open relays.
"They said, 'They're easily spoofed, we know it, and we don't know when it will be fixed.' It doesn't sound like it's not a terribly urgent priority for them," said Thompson, who estimates that MSN operates dozens of mail servers, most of which are not vulnerable to relaying.
Ironically, MSN's Hotmail service is a subscriber to the MAPS RBL, and MSN was recently sued for using the list to block e-mail messages sent by Harris Interactive, the online polling firm, to Hotmail users.
According to John Levine, operator of Network Abuse Clearinghouse, MSN has had a spotty record of battling spam.
"This is a longstanding problem. Their mail servers have been a mess for a long time. And I think there's a good deal of internal tension at Microsoft between people who say 'This is a mess we need to fix it' and people who say 'No, we need to keep it limping along,'" said Levine.
Brian McWilliams, InternetNews.com