If you have a Hotmail account for email, then you’re probably not receiving some legitimate email that’s being sent to you. This is because Microsoft think they know better than you what email you should be receiving.

I ran into this problem recently. I had emailed a friend at his Hotmail address, and heard nothing back. I thought about it a few times, but just figured he hadn’t the time, or had nothing to say or whatever. Except my fiancee told me that email she was sending to someone at a Hotmail address wasn’t getting through either.

I started looking it up online, but couldn’t find any conclusive proof. So I set up a Hotmail account to test it, and confirmed that legitimate email sent to Hotmail addresses from jmadden.eu doesn’t get delivered. The Hotmail servers accept the mail for delivery, but then dump it. Neither the sender nor the intended recipient get any notification that the mail has been dumped.

Looking online a bit deeper, and talking to a friend who works for an Irish ISP, there’s some mutterings of SPF possibly helping the situation. I set up an SPF record for jmadden.eu yesterday, and so far, tests have still failed. I’m waiting for DNS caches and TTLs to time out before confirming whether this has affected delivery.

The only time email gets through is when it’s an immediate reply to an email which originated from Hotmail. I’m not sure if there’s a timeout on this or anything (since the email I sent to my friend seems to have gone missing, and was a reply to an email from Hotmail).

For further reading, check out the Hotmail Friendly Fire article on The Register written earlier this year about this same problem.

The message to Hotmail users is to switch to a provider that won’t drop your legitimate email, and still has a good anti-spam defense (eg. GMail). To everyone else, don’t sign up to Hotmail for primary email. And finally, to mail admins, test that mail from your domain is actually delivered to Hotmail.

Update 1: I continued testing this. The SPF records have made no difference. I tested them with this SPF Query Tool and they passed. Still, mail to Hotmail is dumped.

Item number 4, “Authenticate your outbound e-mail: Publish Sender Policy Framework (SPF) records”, on the Hotmail technical standards webpage says :

We encourage you to e-mail Microsoft upon posting your SPF record to the DNS. This will help ensure your record is automatically included in our SIDF cache. Send an e-mail with your domain name in the body of the message (for example, mydomain.com) to senderid@microsoft.com. If you have multiple domain names, please list each domain on a separate line in the body of the message.

I did this after setting up the SPF records, but it hasn’t made any difference.

I also looked into replying to Hotmail mail. It seems to keep a record of the message id and the from address (ie. the Hotmail address sending the message), so that when a reply comes in, the to address and message id (in the In-Reply-To header) are checked and if it’s a reply, the message is delivered. This can be fooled, by taking a valid message id from a previous message and putting it into an In-Reply-To header in the mail. This only works when delivering to the person who sent the email you’re using the message id from though - in which case it’d be easier just to reply!

Update 2: I think I’ve managed to find my way through Hotmail’s ridiculous spam filter . What I had to do was update Bind9 to a version greater than 9.4, to support SPF RR records. Before this, I had created my SPF records in TXT records. After this, I emailed senderid@microsoft.com again, with my domain name in the body and subject of the email. After about 24 hours, I sent another test email, and low and behold it got through.

The first one I sent got marked as junk, and put into my Junk folder in Hotmail. I sent another couple after this, with a bit more content, and they got through to the Inbox (though, I reckon this could, in part, be due to me marking my previous email as safe to read in the Junk folder).

So, basically, it looks like you need SPF records, in an SPF resource record (TXT RR won’t do), and have those picked up by Hotmail to get email through to Hotmail recipients.

I still recommend people don’t use Hotmail - I still have no faith that my emails will get through, and anyone with a Hotmail account should know that legitimate mail to them probably has been, and will be dumped.

I’ve done 3 upgrades to Debian lenny over the last week or so. I started off with my work desktop, a Dell Optiplex 745, followed by my home desktop AMD64, and finally my MacBook. Apart from some very minor problems, the upgrade went very smoothly, and everything works fine afterwards.

I had no issues upgrading the Optiplex - everything just worked.

On the AMD64, the biggest problem was with the installer for the NVidia binary drivers. It installs the X11 drivers in /usr/X11R6/lib/modules/. For the Xorg version in lenny, these need to reside in /usr/lib/xorg/modules/. The problem was easily found (the Xorg.0.log file pointed to a missing nvidia driver), and easily fixed (dpkg -L xserver-xorg-video-intel showed where the driver files should now reside).

cp /usr/X11R6/lib/modules/drivers/nvidia_drv.so /usr/lib/xorg/modules/drivers/
cp /usr/X11R6/lib/modules/extensions/libglx* /usr/lib/xorg/modules/extensions/

The MacBook upgrade went smoothly aswell, with the usual caveats. My kernel isn’t managed by apt because I apply the mactel patches to it. So, after the dist-upgrade, I got the new kernel sources, applied the latest mactel patches, built the package and installed it. I also built the headers package, and installed that to build and install the madwifi drivers for the atheros wireless card.

apt-get source linux-image-2.6.22-2-686
cd mactel/kernel/mactel-patches-2.6.22
./apply ../../../linux-2.6-2.6.22
cd ../../../linux-2.6-2.6.22
make oldconfig
make-kpkg –initrd linux-image
make-kpkg linux-headers
dpkg -i ../linux-image-*.deb ../linux-headers-*.deb

I rebooted before building and installing the madwifi drivers.

cd /usr/src/modules/madwifi
make -C /lib/modules/2.6.22*/build SUBDIRS=`pwd` modules
make -C /lib/modules/2.6.22*/build SUBDIRS=`pwd` modules_install
modprobe ath_pci

And that’s it. All three machines are running lenny now with no problems.