Why Hotmail SmartScreen Should do Better

-

Got this spam mail that looks as if its from my other email account (Yahoo Mail).

Further inspect on the header reveals that the mail is from hotmail_631448ecb4add0e [at] hotmail.com. And the mail server is actually from the IP 179.89.131.27.

Why Hotmail SmartScreen not doing its job

SmartScreen should have filtered the email content, based on EITHER one of the following criteria, that can be implemented by checking just the email header.

1. The email content is obviously spam content. Nuff said.

2. The sender is obviously from a "anonymous" email that pretends to be another email.

3. The IP (179.89.131.27) of the mail server is OBVIOUSLY hosted on a spam source. This can be easily detected by cross-check with one of the spam database out there. For example http://www.dnsbl.info/.

These are simple methods to provide minimal layers protection for Hotmail users. 

(Notice I haven't even go into advanced SPAM fighting techniques like using DMARC)

Takeaway

SmartScreen team should learn from Gmail, and Facebook. Gmail did VERY well in filtering spam mails, and automatically categories emails for users.

Comments

Post a Comment

Popular posts from this blog

[Azure Websites PHP] Cross Domain request results in blank response page after Preflight HTTP OPTIONS

-
Image
THE PROBLEM I've deployed a REST API application ( CodeIgniter with Phil Sturgeon's Rest-Server library ) on Azure Websites. Although I've set the Access-Control-* header in my PHP application: header('Access-Control-Allow-Credentials: true'); header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS'); header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept'); (If you need a working test file, here's the gist for the test file) But Azure Websites server doesn't return the headers in response. And thus all requests to the server failed with the error message: Origin http://example.azurewebsites.net is not allowed by Access-Control-Allow-Origin.   In order to make sure there's no problem with my application, I've deployed the same code to Appfog.com . And as expected, the application works just fine. The same application d
Read more

[Magento] Create Contact Form with Dynamic Recipient

-
There are many ways of creating contact forms to email to multiple recipient. I'm going to describe a way that uses Javascript a the frontend to change the target recipient. Advantage of this method: Easy to add in new emails in the future. Disadvantage of this method: For those who are particularly concern email privacy, you might not want to use this method. You can modify the email checking to the backend (controller) instead. Okay enough talking, lets get started. Step 1: Set up HTML form fields I'm going to use an example of drop down select to change the email. Of course, this is fairly easy to modify with other forms as well. Open up app/design/frontend/default/<theme>/template/contacts/contacts.phtml Insert the following snippets anywhere between the <form>...</form> tag. <select name="interest" id="interest" title="<?php echo Mage::helper('contacts')->__('Please select department t
Read more