Fighting Junk E-Mail

Microsoft’s e-mail safety roadmap involves an unmatched cross-product approach. SmartScreenTM anti-spam and anti-phishing filtering technology is being applied across Microsoft’s e-mail platforms to provide customers with the latest anti-spam and anti-phishing tools and innovations throughout the network. These products include Windows Live Hotmail, Exchange Server 2003, Outlook 2003, and more.

The goal for Windows Live Hotmail is to offer a comprehensive and usable e-mail service that helps detect and protect users from junk e-mail, fraudulent e-mail threats (phishing) and viruses.

The Challenge
E-mail has become a critical communication tool not only for consumers but also for marketers, support staff, sales organizations, and businesses of all sizes. As e-mail use has grown, so has e-mail abuse. Unmonitored junk e-mail can clog inboxes and networks, impact consumer satisfaction, and hamper the effectiveness of legitimate e-mail communications. While technology alone cannot solve the problem, it is a critical component in our comprehensive anti-spam approach. That’s why Microsoft continues to invest heavily in research and development to advance anti-spam technologies, to not only stay ahead of the curve, but eventually make e-mail fraud and abuse impractical. Simply put, it starts by containing and filtering junk e-mail to the point where it no longer has the effect on our users that it did in the past.

Our Efforts
As part of the commitment to our users, we offer a number of steps to minimize the negative impact junk e-mail have on our users’ e-mail experience. For example, we’ve implemented a number of mechanisms to reduce the burden of junk e-mail which currently prevents nearly 4 billion e-mail messages from reaching Windows Live Hotmail users every day!

Junk E-Mail Filters

Microsoft SmartScreen TM
To help reduce the consequences of junk e-mail, Windows Live Hotmail includes junk e-mail protection using patented SmartScreenTM technology which screens e-mail to identify and separate junk e-mail from legitimate e-mail. Based on Microsoft Research's patented machine-learning technology, the SmartScreenTM content filter learns from known spam and phishing threats as well as from Windows Live Hotmail customers who have opted to be part of its Feedback Loop program (FBL). Both types of data help train SmartScreenTM how to recognize legitimate e-mail and junk e-mail. Machine learning refers to the probability-based algorithms that are used to distinguish between the different characteristics of legitimate and junk e-mail. Ongoing feedback from Windows Live Hotmail customers in the Feedback Loop program helps ensure that the SmartScreenTM technology is continually trained and improved.

How does it work?
When an external user sends e-mail messages to a Windows Live Hotmail account, SmartScreenTM filter technology evaluates the content of the messages and assigns the message a rating based on the probability that the message is junk e-mail. This rating is stored as a message property called a spam confidence level (SCL) within the message itself. The SCL rating stays with the message as it is sent to other anti-spam protection layers within Windows Live Hotmail.

Rules inside Windows Live Hotmail are set to handle e-mail messages with various SCL ratings. If a message has an SCL rating lower than a certain threshold, it is considered spam and a rule then deletes the message rather than send the message to the users’ junk e-mail folders. If the message has a higher SCL rating than the threshold, the e-mail is delivered to the user's junk e-mail folder rather than to the inbox.

To learn more about this technology, please visit:

Symantec Brightmail
In addition to Microsoft SmartScreenTM, incoming e-mail is also filtered by Symantec Brightmail anti-spam content filter. Leveraging the Probe Network, a collection of more than 200,000 e-mail addresses designed to attract junk e-mail, Symantec's patented technology identifies and eliminates junk e-mail before it reaches an Windows Live Hotmail users' inbox. Symantec's proven solution provides protection against unsolicited junk e-mail by offering a dynamic technology that keeps pace with constantly evolving junk e-mail. To learn more about this technology, please visit

Hotmail Filters
In addition to the anti-spam filtering technologies, Windows Live Hotmail also enables each user the ability to set filter levels to further improve the delivery of e-mail to their account. Users can easily add a sender or domain name to the Allowed Sender List so that the e-mail from that sender or domain is never treated as junk regardless of the content of the message. Users can configure the settings to accept only messages from the Contacts and Safe Senders List, giving total control over which messages are received.

E-mail messages from a certain e-mail address or domain name can also be easily blocked by adding the sender to your Blocked Senders List. In addition, each time a message is reported as junk using the “Report and Delete” function, messages from those senders or Internet domains are automatically added to a users Blocked Senders List and henceforth will always be treated as junk e-mail messages regardless of the content of the message.

Phishing Protection

Phishing (pronounced Fishing) is a form of identity theft and one of the fastest growing threats on the Internet. You can often identify a phishing message by the fact that it requests personal or financial information or includes a link to a website that requests such information. Windows Live Hotmail offer phishing protection as part of the patented SmartScreenTM filter technology. SmartScreenTM analyzes e-mails to help detect fraudulent links or spoofed domains to help protect users from these types of online scams.

To learn more, please visit

How does it work?
Often an e-mail will be sent containing a link, once clicked it will redirect users to a fraudulent web site appearing to be valid (like your financial institution or online service).  This site usually prompts users to enter personal information like user names, passwords and/or social security numbers. Any information entered on the site helps the phisher steal your identity. By using well-known trusted brand names and logos, phishers are able to appear legitimate. The Phishing Filter technology offered in Windows Live Hotmail checks for potential phishing characteristics in e-mail.  If found, the e-mail is either deleted or a warning is given via the Safety Information Bar.

Microsoft is focusing its anti-phishing technology efforts on two fronts: first by helping to prevent phishing e-mail messages from reaching our customers and secondly helping to eliminate the possibility of customers being deceived by spoofed e-mails and web sites. Internet Explorer 7 and Windows Live Toolbar also include Microsoft Phishing filter technology to scan websites and warn users if they seem suspicious and to help protect users’ personal information. Additionally, by dynamically checking the web sites using the online service run by Microsoft, users are blocked from entering personal information if a site has been identified as a known phishing website.

Sender ID

Spoofing is a way of replicating or imitating a legitimate e-mail address to give a fraudulent e-mail the appearance of legitimacy. Sender ID, an e-mail industry initiative championed by Microsoft and other industry leaders, is designed to verify that the sender’s actual location is the same as the one claimed in the e-mail address. Eliminating domain spoofing will help legitimate senders protect their domain names and reputation, and help recipients more effectively identify and filter junk e-mail and phishing scams.

Sender ID further helps prevent phishing and spoofing schemes by verifying the IP address of the e-mail sender against the reported owner of the sending domain. Domain spoofing can also be used by malicious individuals in phishing scams, who try to lure consumers into divulging sensitive personal information by pretending the e-mail is from a trusted source, such as a financial institution or online service. Disclosure of such information can lead to identity theft and other online consumer fraud.

To learn more, please visit

How does it work?
Windows Live Hotmail currently uses Sender ID to provide additional input to the SmartScreenTM junk e-mail filter process which determines if the e-mail or sender is legitimate. Once the sender has been authenticated, the results may then be cross-referenced to past traffic patterns and sender reputation, creating an associate weight in addition to the anti-spam content filters, all prior to determining whether to deliver e-mail to the recipient.


At Microsoft, we believe that the development of new technologies and self-regulation requires the support of effective government policy and legal frameworks. The worldwide spam proliferation has spurred numerous legislative bodies to regulate commercial e-mail. Many countries/regions now have spam-fighting laws in place. The United States has both federal and state laws governing spam, and this complementary approach is helping to curtail spam while enabling legitimate e-commerce to prosper. The CAN-SPAM Act significantly expands the tools available for curbing fraudulent and deceptive e-mail messages. It also targets the most invasive practices and contains strong civil and criminal penalties that add clout to legal actions that Microsoft and other Internet service providers (ISPs) have brought against deceptive spammers.

While legislation is important, it is only one part of a strategy to stop spam. Other tactics include developing improved spam-fighting technology, implementing industry best practices and junk e-mail reporting methods, educating e-mail users, and prosecuting illegal spammers.

To learn more, please visit


© 2005-2006 Microsoft Corporation | Privacy | Copyright