2019 Psychopathy, sadism, empathy, and the motivation to cause harm 2018 Voice Activated Hacks And Cocaine Noodles 2017 Fake News Is Fake News Spam Statistics 2016 2016 Census Surprise ATO Phone scam Spam Statistics 2015 2015 Large number of Security Vulnerabilities July 2015 Spam Statistics 2014 2014 Spam Statistics 2013 2013 Spam Statistics 2012 2012 The Genie Is Out Of The Bottle Trolling For Global Rage Another Spam La Nina Year Spam Statistics June 2012 Media Temple - Back On The Radar Good Christian Men Rejoice 2011 Now It's Just Plain Old Mail Fraud Microsoft Filters Form Not Content Peak Spam Security Shmecurity The Problem Of The Living Dead 2010 Quarantine Sick MS Computers? The Spam Season Starts Soon Creepy Conroy And The Internet Crimewave 2009 Seasons Greetings For The New Decade Phishing Phriendly Outlook Don't Go There Julie! Don't Go! Not Just Famous -- But IN-Famous! Hacked - When Will They Ever Learn? The E-mail Technology Trap Google Easy Money Scams 2008 We Wish You An Unspammy Xmas Terry Swope Spam Incident (2) Webcron Seduced By The Dark Side I've Won The Lottery Again Now I'm In Who's Who American Spam Terry Swope Spam Incident (1) Seven Steps To Internet Security Keeping My Powder Dry Myluvcrush.com Security Risk Spamhaus PBL End Game For Cashblasterpro.com Cashblasterpro.com Spammers The Spam Keeps On Coming McAfee Assess Risk By TLD The Time-Honoured Aussie Sport Of Bank Bashing Now We've Got Hand Spam - What Next? Internet Cops - Who Needs Smart Users When We Have Smart Software? 2005 Good Day To Me ... From 65.54.233.98? The Empire Strikes Back Remember me? TraciLFU4775 from AIM Yahoo regrets to announce ... an outbreak of computer viruses! Gold in them thar hills Florida Spam Zombies At It Again! Plaxo - Black, Grey or White? Unreal profits from Vocalscape Outsider Trading. Blars really does hate 'em I Don't Really Hate Them (much) Tiscali repeat Polish Spam on Rye Flogging A Dead Horse
PGTS Humble Blog Thread: Internet Security/Malware/Spam
	Gerry Patterson. The world's most humble blogger
Edited and endorsed by PGTS, Home of the world's most humble blogger
Microsoft Filters Form Not Content
Chronogical Blog Entries: Prev: 14-Jun-2011 Apple Blue Screen Interminable Loop (BSIL) Next: 04-Aug-2011 Microsoft Dumb Chickens Come Home To Roost
Date: Wed, 27 Jul 2011 11:45:46 +1000 Last Year in October, your humble blogger contacted a local bus company, Ventura Bus Lines via the email address published on their website. That online query was answered promptly and with courtesy ... then again, in June this year your humble blogger tried contacting the same company by sending an email to the same address ... This time however, the email was rejected as spam. At the time it wasn't a cause for great concern ... However, subsequent research tends to the conclusion that this incident may be yet another another example of an insidious campaign by Microsoft to abolish plain text email from the Internet.

The first email which had been sent to the bus company had been directed to the enquiries mailbox at venturabus.com.au. It was a "lost property" enquiry. This email was answered by one of their customer service personnel. The email which was sent back by Ventura contained this header:

X-MimeOLE: Produced By Microsoft Exchange V6.5

Which apparently identifies the MTA as Microsoft Exchange 2003.

And this is where it gets interesting. Because more recent versions of Exchange (such as Microsoft Exchange 2007) offer content filtering. It doesn't seem to be drawing too long a bow to speculate that the reason your blogger's humble enquiry was rejected in June may be simply because the Ventura Exchange Server had been upgraded to version 2007 ...

(As always with Microsoftware ... The word upgrade should be in parentheses) ...

Now dear reader, at first glance, some of you might think that previous snide remark a trifle unfair? After all, in today's work-a-day environment of spam and phishing threats, content filtering should be a worthwhile and possibly even laudable addition to Microsoft's MTA?

But, as it turns out, like much of Microsoft's efforts in security their content filter is half-baked, nugatory and a thinly discussed attempt at running a hidden agenda. Which for Microsoft, is their surreptitious campaign to abolish plain text email.

And at this stage, your blogger must humbly but forthrightly declare that he has never sent spam and that all the emails (and their headers) sent from his domain have been 24-carat genuine!

Nevertheless, your blogger found it necessary to contact Ventura bus lines again, with another "lost property" enquiry. Such are the vicissitudes of having two school-age children using a metropolitan bus service. And, as already stated, the latest email was rejected by the MTA, as follows:

Tue, 21 Jun 2011 21:55:36 +1000 (EST)
550 5.7.1 Message rejected as spam by Content Filtering.

And so dear reader, just what is Microsoft's version of content filtering?

Well may you ask dear reader ... And without going into too much detail of personal correspondence, your blogger can reveal that the original email that prompted this harsh judgement was simple and direct. It contained no salutation and ran something like the following:

I wish to enquire if a [object] in [description] case with
"[descriptive-label]" written on it was found on a Ventura Bus
[bus-route], sometime on or after June 12.

I have removed the nouns and adjectives from the query ... But you get the picture (?)

And this is spam? Addressed to a bus company's email enquiry box? (!!??)

Huh?

You might wonder ... What exactly was the content in such an innocuous message that might be deemed as spam?

And well you might wonder ... Because a little research reveals that the email was rejected primarily because it was sent as plain text If your blogger had sent that very same message as HTML using Microsoft Exchange, or used an MUA that constructs HTML only email ... Or worse still, forged an email that purported to have been constructed by an MUA that constructed the HTML ... In this case the email (with the same content) would have been accepted and delivered.

You see dear reader, Microsoft's content filter is not so much of a content filter ... Although it might do some crude filtering (checking for references to human genitalia and/or pharmaceuticals etc) ... But what Microsoft really filters is form not content.

And it is quite clear that this fits into Microsoft's over-all strategy of ridding the Internet of all those pesky plain text emails. Their latest versions of the Exchange MUA (mail user agent) are configured by default to send emails that are HTML-only. And they deliberately mangle plain text emails in a manner that can only be described as ham-fisted and clumsy.

And, you won't be surprised to discover that Microsoft's campaign is disingenuous ... Because if they really were concerned about their customer's security, Microsoft would block HTML email ... Because HTML mail is the principal vector for delivery of malware and phishing.

It is to be hoped that Microsoft Exchange administrators will wake up to this ploy and turn off Microsoft's useless content filters, or that their users will protest loudly until they do.

And if you are a Microsoft Exchange administrator, wondering how to turn it off ... Just go to Google and start typing:

turn off content

And like magic, before you have even finished typing ... Google will suggest:

turn off content filtering exchange 2007

And let's all just hope that they do.

BTW: There are many vastly superior MTAs that are FREE (as in speech and as in beer), reliable, efficient and that include content filters that really do work. Go check them out if you are curious ...

BTW (2): Google might have come up with that suggestion because their search engine retained cookies on my previous two searches.

Other Blog Posts In This Thread:

• Prev In Thread: 25-May-2011 Peak Spam
• Next In Thread: 09-Aug-2011 Now It's Just Plain Old Mail Fraud

Copyright     2011, Gerry Patterson. All Rights Reserved.