No free WebDAV
I know that many readers make use of the facility to access Hotmail messages from within Outlook, which works by employing the WebDAV (Web-based Distributed Authoring and Versioning) protocol – essentially a collection of HTTP extensions that enable collaborative editing and management of files on remote web servers. It works well, perhaps too well: just note the number of spammers who build complex WebDAV scripts to automate the sending of the absolute maximum daily quota of emails from hundreds of Hotmail accounts. Love them or hate them (and loving spammers must be the ultimate perversion), successful spammers aren’t stupid people, they’re businessmen, albeit of the dodgy variety.
Whenever MSN Hotmail clamps down on them by making Hotmail harder to use (that 100 messages-a-day cap, for example), the spammers kick back in an effort to hold onto their filthy lucre, and WebDAV has proved to be something of a steel toe-capped Doc Marten in this regard. The resulting pain is starting to show on MSN, which unfortunately means WebDAV access for free Hotmail accounts is becoming endangered – the service was pulled as from 27 September 2004 for all new users, and Jason Keane, MSN UK Hotmail business manager, warns that those currently using this capability will continue to have free access ‘until early 2005, after which time it will only be available as part of MSN email subscriptions services’. That may sound like a shame at first, but I have to admit that I think Microsoft is doing the right thing here.
That may surprise folk who’ve followed my musings in PC Pro for the past decade, who may assume that I’m the IT world equivalent of Michael Moore. I’ve always liked the concept of information being free; that doesn’t mean the mechanisms by which the information is transported also have to be free. This is especially the case when all of us now have to devote time and money to filtering out the offensive, the fraudulent, the infected and the irrelevant crap that comprises as much as 70 per cent of all inbound email traffic.
Let’s be honest, free email accounts have been the prime breeding ground in the rise of spamming. They’re easy to set up, and employ precious little identity checking, unless you count the sending of an authentication email (to another free mailbox of course) as adequate, which I don’t. Free mail just cries out to be abused, so no wonder Hotmail is following the lead of the other big players in this field – BT and Yahoo! – in making WebDAV access a privilege for paying customers only.
It isn’t just about the money, although I’d be foolish to imagine this doesn’t play a part in the decision-making process at MSN Hotmail. It’s about regaining control over identity authentication and enforcing user responsibility. The last thing a spammer wants is to become visible at the traceable identity level to the network he or she is exploiting. As Keane says, ‘by making WebDAV part of our email subscription services, which require users to provide billing information, we can more effectively manage and work to eliminate the abuse of this functionality’.
Microsoft doing the right thing is a good start – considering that there are something like 200 million Hotmail accounts floating around out there – but other mail service providers must follow. With thousands of free mail services just a Google away, spammers will always find a new route to their riches, but if the trend starts to turn towards rigorous identity checking at the very least, then maybe the tide can be turned. Is it too much to ask that we prove who we are by making a one-off, token ‘signing-on fee’ payment for a thereafter free service? This would require a valid credit card and leave an audit trail, both of which would be enough to deter the casual spammer. Sure, stolen credit card numbers are also a Google away, but the professional spammer isn’t going to want to go down that road as it raises the game to a whole new level of legal aggro.