Hotmail is Spammers Heaven!

By Phantasm66 · 9 replies
Jun 8, 2003
  1. It’s becoming more and more of a problem all the time, to the extent that it's almost rendering Hotmail completely useless - SPAM! Right now, I am trying to use my Hotmail account for job search correspondence. And all would be well, if it wasn't for the horrendous amount of spam I receive on a daily, and now almost hourly basis. Get rich quick scams, creams to increase the size of your genitalia, liquid Viagra, get a degree by doing absolutely nothing or click here to meet single women in your area - there it all is, intermixed with legitimate mail. And there's so much of it that sorting the spam from the real stuff is just getting to be too much of a pain. Hotmail has a huge problem not just with the amount of spam sent to accounts but the amount of Hotmail accounts used to send spam!

    But now, it looks like a lot of the problems with spam and Hotmail are due to a new vulnerability in the Hotmail service that allows spammers to script their spam sending.

    "Hotmail has always been a problematic spam source. The saving grace has been that the spam had to be transmitted manually, through a web form, so the sending rate was limited by how fast the spammer could cut-n-paste. Now that Microsoft has provided this new programmatic interface for spammers, that limit has been removed. Spammers may now script their spam runs--and they do--which has created a huge increase in spam transmitted by Hotmail. Out of my last 25 Hotmail spams, 2 were transmitted by web form and the rest by the DAV exploit: a 2200% increase!"

    More here.
  2. Phantasm66

    Phantasm66 TS Rookie Topic Starter Posts: 5,734   +8

    Here's an example of a message source, sent by another hotmail account (the spammer) to mine:

    X-Message-Info: JGTYoYF78jEHjJx36Oi8+Q1OJDRSDidP
    Received: from ([]) by with Microsoft SMTPSVC(5.0.2195.5600);
    Sun, 8 Jun 2003 05:16:22 -0700
    Message-ID: <7fc2cc6f1abd$be00ef4d$a05f818f@zm98ng1>
    From: "Chloe Long" <>
    Subject: How do you use this?
    Date: Sun, 08 Jun 2003 12:18:37 +0000
    MIME-Version: 1.0
    Content-Type: text/html
    Content-Transfer-Encoding: 8bit
    X-Priority: 3
    X-MSMail-Priority: Normal
    X-Mailer: Microsoft Outlook Express 6.00.2800.1106
    X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
    X-OriginalArrivalTime: 08 Jun 2003 12:16:23.0620 (UTC) FILETIME=[C6ED2040:01C32DB7]

    <div align="center"><!--rqwwfjcfspfc1m-->
    <p><!--5moq0j3hbe--><font color="#003366" size="+2">Ra<!--bb2j5hccg2yb1-->ted NO<!--1io62j159gj-->.1 Pe<!--h1cdxoi1b9bb1w-->ni<!--6xgu0g2vyga-->s Enla<!--6bz7r53rr0tx-->rgem<!--e23m763yes0of3-->ent Pi<!--esfamj1o7a-->ll o<!--51tz823npd746-->n th<!--jsyx1c16nw-->e
    <font color="#FF0000" size="+1">G<!--yoxp1d32w6bnw-->ain U<!--4qzoy3mntdf61p-->p To 3<!--2rarikucps-->+ Fu<!--vvvfgeoli1j-->ll In<!--eigyq51jr0m14-->che<!--gzb2ox3mpom2dd-->s In L<!--ypw6atogsez-->engt<!--0wtqwf2vc6nxb1-->h <br>
    Inc<!--toso6fp5ma-->rea<!--kyj1a7qnp5-->se Y<!--bgpcpl28g6-->our Pe<!--wcx8wvszo1u499-->n<!--owwyyu35902-->is Wi<!--aw2s0v3pl8-->dth (<!--hzmj7v3zg9qn-->Girth<!--8cmo6ty3l4s43-->) By 2<!--11p58duni8-->0% <br>
    S<!--gakvbh2wnkxsk-->to<!--xuljub3i995l7-->p Pr<!--ymdxe9f2yuh82-->em<!--vxynx1ayoqu539-->atur<!--a9qqz41ueqq0-->e Ej<!--9g1nwn2329-->acu<!--jt4fvt3jiyh-->lati<!--u7e7dh3bgu-->on <br>
    Pr<!--fsn64f3a9b7w-->oduc<!--co302y2cya5v-->e Stro<!--5ih50n2ckzd0j1-->nger<!--i316h214c0wbp3--> an<!--bkxsp61i1j36-->d Roc<!--v0nhab1los3ox-->k Ha<!--8q70gb1bi050e2-->rd Er<!--gyzaj33p0d-->ec<!--ysnfy5130ut-->tio<!--tqr10l2rrx-->ns <br>
    <font size="+2"><!--qnm4og1y66nik--><a href="">C<!--y7q4s92k8gjs92-->lic<!--nksprc3743fd-->k H<!--ag1lnv70jlg-->e<!--t3mk601i7vi-->re
    to G<!--swh7az36n0s0-->et<!--2vh2tw13j9d--> it<!--azvba536b3myar--> n<!--kgsfcdkkrgl81l-->ow!<!--k5bvyh1kitd--></a></font></p><!--25dxoatlg064-->
    <p><!--jugw8a2l5szp--><a href=""><!--85wdh11ksb7ht--><font size="-1">St<!--yhc37r3v3k8-->op<!--kfx66l15r4s--></font><!--qdvf1333xx5xo--></a><!--myu7342rmf0--><font size="-1">
    re<!--c3d7kb261twbm2-->ceiv<!--t9cpo91i8i9t-->ing off<!--166cpy3q58bk-->ers</font><!--5lnalr3rm0k7--></p>

    Notice this line:

    Received: from ([]) by with Microsoft SMTPSVC(5.0.2195.5600);

    Now, if that had appeared as this:

    Received: from ([]) by with DAV;

    Then I would know that this DAV exploit I have posted about above had been used to send this mail.
  3. tkteo

    tkteo TS Rookie Posts: 52

    Netscape Webmail appears to be another house of spam. Really wish there is a law prohibiting online retailers from selling email addresses, instead of the "check here if you do not wish to receive promotional offers from [XXX]" crap (which sometimes does not even appear).
  4. Phantasm66

    Phantasm66 TS Rookie Topic Starter Posts: 5,734   +8

    I just wish it was illegal to send spam at all. I don't care how its done - I just want it gone!

    I would agree to even the most draconian of laws, which would even have its bad sides, if it meant that there was an internet with no spam.

    Spam is KILLING THE INTERNET and it needs to die.
  5. Per Hansson

    Per Hansson TS Server Guru Posts: 1,959   +217

    This just again goes to show just how clueless MS really is in the big picture...
    This feels just like an MS Technet conference I attended here in Sweden a while ago, where the officials from MS got the question "how have you worked to increase security in the new version of Office?"
    The reply: "Security? That's nothing we work towards at MS"
  6. Top_gun

    Top_gun TS Rookie Posts: 59

    sigh....i get an average of 38 new mail a day...usually 35 of them are SPAM....sigh
  7. Greeno

    Greeno TS Rookie Posts: 281

    increase the size of your genitalia?

    Bonza :D

    i mean...errrrr....

    I used to get 200+ spam mails a day, coz of my mails signing me up to stuff, sucks...i had to change mail addy :(
  8. tkteo

    tkteo TS Rookie Posts: 52

    California might be introducing legislation that fines spammers $500 per email.
  9. Phantasm66

    Phantasm66 TS Rookie Topic Starter Posts: 5,734   +8

    Biggest mistake you can ever make is, when logging on to an ftp server anonymously, and it prompts for your e-mail address as password, you actually give it. That's suicide.
  10. olefarte

    olefarte TechSpot Ambassador Posts: 1,345   +13

    I haven't tried this and I really don't know what good it might be except a little satisfation to find out where this crap comes from, but look at this. It's a mail tracker.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...