What are the chances Hotmail...

[Gatton]

Was just curious. Hotmail and many other free webmail services make their money from advertisements. What are the chances they might put a stop to the use of poplinks from other services like fastmail? Now, I know Microsoft has a veritable superdome filled with money but they really have no reason to allow and plenty of reasons not to.

Just something that popped into my head when reading about how the IM services don't often play well together (AIM being to most well known in this regard).

Anyone care to speculate?

[mail2me]

FM is simply using the Outlook Express offline access which is really a hotmail premium feature but available to the free accounts still because it is still beta, so it will be restricted only to the Extra storage customers soon just as Yahoo restricted the POP access to premium customers.

I am not sure exactly when this would happen, but I have a feeling that it maybe as early as this November when they make some changes to stop offline access with MSN Explorer as already announced to MSN account holders.

P.S. When you sign up for a new MSN account, the welcome email says upgrade to Extra storage and also benefit from 1) Offline access and 2) To send larger attachments.

[sjk]

I'd guess they're trying to figure out a way to stop unpaid "pop" access (i.e. the style done by simulating an interactive session), but I don't think it's easy without the risk of blocking "legimate" interactive users who they want seeing ads, etc. One question to ask is "can non-interactive sessions be reliably detected?".

[joelpt]

Seems to me there is really no way to reliably detect a non-interactive session because pretty much anything that an interactive session does can be emulated -- even down to human-like delays in clicks and so forth.

If hotmail does restrict "pop"-ping through HTML page readers, I suspect they would probably just alter their user policy to prohibit it.

joel

[pobelly]

then there's this, which makes the discussion pretty much moot, i think...

http://www.emaildiscussions.com/...2511#post14162

[sjk]

Uh, huh.

Thanks for the reference to that particular posting, which I was thinking of yesterday. I know FastMail users who'd be "lost" without Hotmail retrieval and am looking at alternatives to help prepare them for that possibility.

[sjk]

For the curious, there's Gotmail. Requires perl and curl.

[mail2me]

Quote:

Originally posted by sjk
For the curious, there's Gotmail. Requires perl and curl.

There are lots of other better utilities that can not only access hotmail but yahoo as well, such as Web2Pop . Those utilities use the web interface, so it will work even if hotmail restricts offline access to premium users only, whereas Gotmail works only for Hotmail. Gotmail maybe using the same technology as FM, which will NOT work if/when the restriction is implemented. Also these software have to be downloaded and installed separately on the PC, and doen't offer the same convenience that FM offers by fetching it automatically right into the FM account.

[sjk]

Web2Pop looks cool, but it's Windows-only.

[reuben]

Quote:

Originally posted by sjk
I'd guess they're trying to figure out a way to stop unpaid "pop" access (i.e. the style done by simulating an interactive session), but I don't think it's easy without the risk of blocking "legimate" interactive users who they want seeing ads, etc. One question to ask is "can non-interactive sessions be reliably detected?".

correct me if i'm wrong, but wouldn't they easily be able to tell who was looking at their adds and who wasn't by seeing what applications/processes accessed people's email accounts (ie the web server versus a mail/imap/pop server?

or could they not, perhaps, see people using imap or pop access to their hotmail space would generate requests on port 110 (POP) or port 143 (IMAP) as opposed to ports 80 & 8080 (HTTP)? so they could either just monitor 143 and 110 or only allow premium user/passwd combinations access on those ports...

[joelpt]

Quote:

Originally posted by reuben
correct me if i'm wrong, but wouldn't they easily be able to tell who was looking at their adds and who wasn't by seeing what applications/processes accessed people's email accounts (ie the web server versus a mail/imap/pop server?

or could they not, perhaps, see people using imap or pop access to their hotmail space would generate requests on port 110 (POP) or port 143 (IMAP) as opposed to ports 80 & 8080 (HTTP)? so they could either just monitor 143 and 110 or only allow premium user/passwd combinations access on those ports...

Well, the web server can always lie about what it is, by identifying itself as Microsoft Internet Explorer or what-have-you. As far as that goes they really have no way to tell what process is really accessing their service. They might be able to check the IP address though.

As far as checking by port, I'm sure they already do this. This is how they make people pay for POP access now -- only those who've paid get in. But they currently don't have any reliable way to prevent "screen scraping", where an application just logs into the hotmail web interface (port 80 or 8080) and parses the email messages out of the HTML pages, then makes those email messages available through another interface of some sort.

As I understand it, they currently have a MS-proprietary interface to get the messages directly, which is intended for use by Outlook Express only. But it does not seem to have any security restrictions implemented in it yet. This is where they are going with their "Hailstorm" project -- making it more or less impossible to get email through this route unless you have the right encrypted security permissions. I still don't think this will successfully prevent screen scraping though -- those more knowledgeable on this, speak up if I'm mistaken here.

joel

[sjk]

Quote:

Well, the web server can always lie ...

I think you meant web browser/client.

So far it hasn't taken long for "screen scraping" software to adapt to changes that e-mail providers make that temporarily confuse/inhibit it. Making subtle web interface changes more often might be a "sloppy" defense.