Hotmail

Microsoft’s e-mail safety roadmap involves an unmatched cross-product approach. SmartScreen® anti-spam and anti-phishing filtering technology is being applied across Microsoft’s e-mail platforms to provide customers with the latest anti-spam and anti-phishing tools and innovations throughout the network. These products include Windows Live Hotmail, Exchange Server 2003, Outlook 2003, and more.

The goal for Windows Live Hotmail is to offer a comprehensive and usable e-mail service that helps detect and protect users from junk e-mail, fraudulent e-mail threats (phishing) and viruses.

The Challenge

E-mail has become an important communication tool not only for consumers but also for marketers, support staff, sales organizations, and businesses of all sizes. As e-mail use has grown, so has e-mail abuse. Unmonitored junk e-mail can clog inboxes and networks, impact consumer satisfaction, and hamper the effectiveness of legitimate e-mail communications. While technology alone cannot solve the problem, it is a critical component in our comprehensive anti-spam approach. That’s why Microsoft continues to invest in research and development to advance anti-spam technologies. Simply put, it starts by containing and filtering junk e-mail.

Our Efforts

We offer a number of steps to minimize the negative impact junk e-mail has on our users’ e-mail experience. For example, we’ve implemented a number of mechanisms to reduce the burden of junk e-mail which currently prevents nearly 4.5 billion e-mail messages from reaching Windows Live Hotmail users every day!

Junk E-Mail Filters

Microsoft SmartScreen®

To help reduce the consequences of junk e-mail, Windows Live Hotmail includes junk e-mail protection using patented SmartScreen® technology which screens e-mail to identify and separate junk e-mail from legitimate e-mail. Based on Microsoft Research's patented machine-learning technology, the SmartScreen® content filter learns from known spam and phishing threats, user feedback, as well as from Windows Live Hotmail users who have opted to be part of our junk e-mail classification program. These types of data help train SmartScreen® how to recognize legitimate e-mail and junk e-mail and are key inputs into sender reputation. Machine learning refers to the probability-based algorithms that are used to distinguish between the different characteristics of legitimate and junk e-mail. Ongoing feedback from Windows Live Hotmail customers in the junk e-mail classification program helps ensure that the SmartScreen® technology is continually trained and improved.

How does it work?

When an external user sends e-mail messages to a Windows Live Hotmail account, SmartScreen® filter technology evaluates the content of the messages and assigns the message a rating based on the probability that the message is junk e-mail. This rating is stored as a message property called a spam confidence level (SCL) within the message itself. The SCL rating stays with the message as it is sent to other anti-spam protection layers within Windows Live Hotmail.

Rules inside Windows Live Hotmail are set to handle e-mail messages with various SCL ratings. If a message has an SCL rating lower than a certain threshold, it is considered spam and a rule then deletes the message rather than send the message to the users’ junk e-mail folders. If the message has a higher SCL rating than the threshold, the e-mail is delivered to the user's junk e-mail folder rather than to the inbox.

To learn more about this technology, please visit http://www.microsoft.com/presspass/features/2003/nov03/11-17spamfilter.asp.

Symantec Brightmail

In addition to Microsoft SmartScreen®, incoming e-mail is also filtered by Symantec Brightmail anti-spam content filter. Leveraging the Probe Network, a collection of more than 200,000 e-mail addresses designed to attract junk e-mail, Symantec's patented technology identifies and eliminates junk e-mail before it reaches a Windows Live Hotmail users' inbox. Symantec's proven solution provides protection against unsolicited junk e-mail by offering a dynamic technology that keeps pace with constantly evolving junk e-mail. To learn more about this technology, please visit http://www.symantec.com.

Hotmail Filters

In addition to the anti-spam filtering technologies, Windows Live Hotmail also gives each user the ability to set filter levels to further improve the delivery of e-mail to their account. Users can easily add a sender or domain name to the Safe Senders and Domains List so that the e-mail from that sender or domain is never treated as junk regardless of the content of the message. Conversely, users can enable “exclusive” mode to accept only messages from the Contacts and Safe Senders List.

E-mail messages from a certain e-mail address or domain name can also be blocked by adding the sender to your Blocked Senders List, or by clicking “Mark as junk“ in the Windows Live Hotmail client. In addition, when a message is reported as junk e-mail using the “Junk” reporting button in Windows Live Hotmail, we use this feedback from our users to help determine if future messages from that sender should be blocked or filtered automatically.

Phishing Protection

Phishing (pronounced Fishing) is a form of identity theft and one of the fastest growing threats on the Internet. You can often identify a phishing message by the fact that it requests personal or financial information or includes a link to a website that requests such information. Windows Live Hotmail offer phishing protection as part of the patented SmartScreen® filter technology. SmartScreen® analyzes e-mails to help detect fraudulent links or spoofed domains to help protect users from these types of online scams.

To learn more about this technology, please visit http://www.microsoft.com/mscorp/safety/technologies/antiphishing/guidance.mspx.

How does it work?

Often a phishing e-mail will be sent containing a link, once clicked it will redirect users to a fraudulent web site appearing to be valid (like your financial institution or online service).  This phishing site usually prompts users to enter personal information like user names, passwords and/or social security numbers. Any information entered on the phishing site helps the phisher steal your identity. By using well-known trusted brand names and logos, phishers are able to appear legitimate. Microsoft’s SmartScreen® phishing filter technology offered in Windows Live Hotmail checks for potential phishing characteristics in e-mail.  If found, the e-mail is either deleted or a warning is given via the Safety Information Bar.

Microsoft is focusing its anti-phishing technology efforts on two fronts: first by helping to prevent phishing e-mail messages from reaching our customers and secondly helping to eliminate the possibility of customers being deceived by spoofed e-mails and web sites. Internet Explorer version 7 and above will block or warn users when they visit known or potential phishing sites so that they aren’t tricked into providing personal information.

Sender ID

Spoofing is a way of replicating or imitating a legitimate e-mail address to give a fraudulent e-mail the appearance of legitimacy. Sender ID, an e-mail industry initiative championed by Microsoft and other industry leaders, is designed to verify that the sender’s actual location is the same as the one claimed in the e-mail address. Eliminating domain spoofing will help legitimate senders protect their domain names and reputation, and help recipients more effectively identify and filter junk e-mail and phishing scams.

Sender ID further helps prevent phishing and spoofing schemes by verifying the IP address of the e-mail sender against the reported owner of the sending domain. Domain spoofing can also be used by malicious individuals in phishing scams, who try to lure consumers into divulging sensitive personal information by pretending the e-mail is from a trusted source, such as a financial institution or online service. Disclosure of such information can lead to identity theft and other online consumer fraud.

To learn more, please visit http://www.microsoft.com/senderid.

How does it work?

Windows Live Hotmail currently uses Sender ID to provide additional input to the SmartScreen® junk e-mail filter process which determines if the e-mail or sender is legitimate. Once the sender has been authenticated, the results may then be cross-referenced to past traffic patterns and sender reputation, creating an associate weight in addition to the anti-spam content filters, all prior to determining whether to deliver e-mail to the recipient.

Legislation

At Microsoft, we believe that the development of new technologies and self-regulation requires the support of effective government policy and legal frameworks. The worldwide spam proliferation has spurred numerous legislative bodies to regulate commercial e-mail. Many countries/regions now have spam-fighting laws in place. The United States has both federal and state laws governing spam, and this complementary approach is helping to curtail spam while enabling legitimate e-commerce to prosper. The CAN-SPAM Act expands the tools available for curbing fraudulent and deceptive e-mail messages.

While legislation is important, it is only one part of a strategy to fight spam. Other means to fight spam include developing improved spam-fighting technology, implementing industry best practices and junk e-mail reporting methods, educating e-mail users, and prosecuting spammers.

To learn more, please visit http://www.microsoft.com/mscorp/safety/legislation/default.mspx.