Fighting Junk Email
Microsoft’s email safety roadmap involves an unmatched cross-product approach. SmartScreen® anti-spam and anti-phishing filtering technology is being applied across Microsoft’s email platforms to provide customers with the latest anti-spam and anti-phishing tools and innovations throughout the network. These products include Outlook, Exchange Server 2003, Outlook 2003, and more.
The goal for Outlook is to offer a comprehensive and usable email service that helps detect and protect users from junk email, fraudulent email threats (phishing) and viruses.
The ChallengeEmail has become an important communication tool not only for consumers but also for marketers, support staff, sales organizations, and businesses of all sizes. As email use has grown, so has email abuse. Unmonitored junk email can clog inboxes and networks, impact consumer satisfaction, and hamper the effectiveness of legitimate email communications. While technology alone cannot solve the problem, it is a critical component in our comprehensive anti-spam approach. That’s why Microsoft continues to invest in research and development to advance anti-spam technologies. Simply put, it starts by containing and filtering junk email.
Our EffortsWe offer a number of steps to minimize the negative impact junk email has on our users’ email experience. For example, we’ve implemented a number of mechanisms to reduce the burden of junk email which currently prevents nearly 4.5 billion email messages from reaching Outlook users every day!
Junk Email Filters
Microsoft SmartScreen®To help reduce the consequences of junk email, Outlook includes junk email protection using patented SmartScreen® technology which screens email to identify and separate junk email from legitimate email. Based on Microsoft Research's patented machine-learning technology, the SmartScreen® content filter learns from known spam and phishing threats, user feedback, as well as from Outlook users who have opted to be part of our junk email classification program. These types of data help train SmartScreen® how to recognize legitimate email and junk email and are key inputs into sender reputation. Machine learning refers to the probability-based algorithms that are used to distinguish between the different characteristics of legitimate and junk email. Ongoing feedback from Outlook customers in the junk email classification program helps ensure that the SmartScreen® technology is continually trained and improved.
How does it work?When an external user sends email messages to an Outlook account, SmartScreen® filter technology evaluates the content of the messages and assigns the message a rating based on the probability that the message is junk email. This rating is stored as a message property called a spam confidence level (SCL) within the message itself. The SCL rating stays with the message as it is sent to other anti-spam protection layers within Outlook.
Rules inside Outlook are set to handle email messages with various SCL ratings. If a message has an SCL rating lower than a certain threshold, it is considered spam and a rule then deletes the message rather than send the message to the users’ junk email folders. If the message has a higher SCL rating than the threshold, the email is delivered to the user's junk email folder rather than to the inbox.
To learn more about this technology, please visit http://www.microsoft.com/presspass/features/2003/nov03/11-17spamfilter.aspx.
Symantec BrightmailIn addition to Microsoft SmartScreen®, incoming email is also filtered by Symantec Brightmail anti-spam content filter. Leveraging the Probe Network, a collection of more than 200,000 email addresses designed to attract junk email, Symantec's patented technology identifies and eliminates junk email before it reaches an Outlook users' inbox. Symantec's proven solution provides protection against unsolicited junk email by offering a dynamic technology that keeps pace with constantly evolving junk email. To learn more about this technology, please visit http://www.symantec.com.
Outlook FiltersIn addition to the anti-spam filtering technologies, Outlook also gives each user the ability to set filter levels to further improve the delivery of email to their account. Users can easily add a sender or domain name to the Safe Senders and Domains List so that the email from that sender or domain is never treated as junk regardless of the content of the message. Conversely, users can enable “exclusive” mode to accept only messages from the Contacts and Safe Senders List.
Email messages from a certain email address or domain name can also be blocked by adding the sender to your Blocked Senders List, or by clicking “Mark as junk“ in the Outlook client. In addition, when a message is reported as junk email using the “Junk” reporting button in Outlook, we use this feedback from our users to help determine if future messages from that sender should be blocked or filtered automatically.
Phishing (pronounced Fishing) is a form of identity theft and one of the fastest growing threats on the Internet. You can often identify a phishing message by the fact that it requests personal or financial information or includes a link to a website that requests such information. Outlook offer phishing protection as part of the patented SmartScreen® filter technology. SmartScreen® analyzes emails to help detect fraudulent links or spoofed domains to help protect users from these types of online scams.
To learn more about this technology, please visit http://www.microsoft.com/mscorp/safety/technologies/antiphishing/guidance.mspx.
How does it work?Often a phishing email will be sent containing a link, once clicked it will redirect users to a fraudulent web site appearing to be valid (like your financial institution or online service). This phishing site usually prompts users to enter personal information like user names, passwords and/or social security numbers. Any information entered on the phishing site helps the phisher steal your identity. By using well-known trusted brand names and logos, phishers are able to appear legitimate. Microsoft’s SmartScreen® phishing filter technology offered in Outlook checks for potential phishing characteristics in email. If found, the email is either deleted or a warning is given via the Safety Information Bar.
Microsoft is focusing its anti-phishing technology efforts on two fronts: first by helping to prevent phishing email messages from reaching our customers and secondly helping to eliminate the possibility of customers being deceived by spoofed emails and web sites. Internet Explorer version 7 and above will block or warn users when they visit known or potential phishing sites so that they aren’t tricked into providing personal information.
AuthenticationDomain spoofing is a way of replicating or imitating a legitimate email address to make fraudulent email look legitimate. Spoofing is used by malicious individuals in phishing scams to lure people into divulging sensitive personal information. Disclosure of such information can lead to identity theft and other types of fraud.
Outlook uses both SenderID and DomainKeys to verify that messages came from the domain they claim to come from. We recommend that all senders use both technologies to protect their recipients from junk email and phishing scams.
To learn more about SenderID, please visit http://www.microsoft.com/senderid
To learn more about DKIM, please visit http://tools.ietf.org/html/rfc4871
How does it work?Outlook uses Sender ID and DKIM as part of our SmartScreen® junk email filters. Once the sender has been authenticated, the results may then be cross-referenced to past traffic patterns and sender reputation. This makes it possible to block not only junk but phishing scams as well.
Trusted SenderIn order to further protect users from phishing attacks, Outlook marks messages from some authenticated senders as "trusted" in the Outlook interface. This is neither an endorsement of any particular sender, nor is it guarantee of delivery. Rather, it simply tells our users that the message in question actually came from the purported sender. The list of domains in this program is determined solely by the Outlook team. We will continue to expand the list as appropriate to protect our users, but we are not accepting applications from individual senders to join. We use the following criteria when considering which domains to add:
LegislationAt Microsoft, we believe that the development of new technologies and self-regulation requires the support of effective government policy and legal frameworks. The worldwide spam proliferation has spurred numerous legislative bodies to regulate commercial email. Many countries/regions now have spam-fighting laws in place. The United States has both federal and state laws governing spam, and this complementary approach is helping to curtail spam while enabling legitimate e-commerce to prosper. The CAN-SPAM Act expands the tools available for curbing fraudulent and deceptive email messages.
While legislation is important, it is only one part of a strategy to fight spam. Other means to fight spam include developing improved spam-fighting technology, implementing industry best practices and junk email reporting methods, educating email users, and prosecuting spammers.
To learn more, please visit http://www.microsoft.com/mscorp/safety/legislation/default.mspx.