Wandering Thoughts archives

Spam from outlook.com has gotten worse (well, for me)

Microsoft's outlook.com has been a spam sewer for me for some time, which is not really surprising for Microsoft but still annoys me. Recently things got a bit worse and more annoying than usual, for a simple and nominally trivial reason: spammers have started sending spam through outlook.com with a null sender address (a MAIL FROM of '<>').

(The spam itself was ordinary advance fee fraud spam.)

This irritates me for several reasons. First, a null sender is an administrative MTA level thing. Microsoft has almost no reason to allow users to send email through them with it, and there are a lot of reasons to disallow it. The second issue is that many mail configurations apply less checks to null sender addresses (usually for historical reasons), so allowing people to use null sender addresses for real mail just helps spammers get their spam past checks. And third, given that outlook.com itself is a multi-tenant thing (as I've found out in the past), allowing tenants to use the null sender makes it that much harder for people on the receiving end of outlook.com's spam cannon to distinguish between bad and potentially good email from outlook.com. Now we don't have even the MAIL FROM domain as a signal, because there isn't one on the null sender.

Microsoft doesn't care, of course, If Microsoft cared at all, their outlook.com operation would look rather different (and they would have a different response to abuse complaints); why, they might run outgoing email through a spam detector and then refuse to send obvious bulk advance fee fraud messages. Instead Microsoft has clearly taken the overall attitude that they're too big for people to block email from and so they'll do more or less the minimum amount of work to avoid people revolting.

(As readers may have gathered, I do not have very positive views of basically any large email provider (I'd say 'free', but I believe Microsoft charges for some email hosting they do).)

We know what you are

Recently, one of our administrative aliases got email from 'no-reply@researchgate.net' that looked like this:

Dewayne Perry invited you to join their network on ResearchGate and confirm authorship of your publications.

[...]

Software Engineering
3 Publications - 3 Citations

[...]

While the department does do research and publications in software engineering (among other fields, of course), our administrative alias does not publish anything and as a result its nonexistent publications do not have citations.

People and organizations who send this sort of email are not fooling anyone. They might have fooled people a decade or two ago, when the Internet was young and spam was new and not something everyone has a great deal of exposure to, but not today. Today everyone who gets this sort of bogus email citing a random name they have never heard of knows exactly what this is. As a result, they know exactly what the organization sending the email is. So do bystanders who simply hear about this.

(Of course I did not use the 'unsubscribe' link that had been helpfully primed in the email. We use much more definite and final methods of ceasing to receive email from people like this. Neither did I bother to waste my time by attempting to send in any sort of complaint.)

I wish all of these sorts of people would stop pretending, but I suppose that's the naive part of this entry. As long as it fools a few people a little bit of the time, this sort of people will keep banging away. Heck, I expect them to keep banging away even after that point, should it ever arrive.

(See also why you can no longer have an 'invite-your-friends' feature.)