Feeds

MS anti-spam proposal returned to sender

IETF endorses patent fears

  • alert
  • submit to reddit

Using blade systems to cut costs and sharpen efficiencies

The technical standards body for the internet, the IETF, has bounced back Microsoft's controversial proposal for stopping spam, Sender ID. The reason given is that proposal is encumbered by Redmond patents. Adopters aren't allowed to sublicense the technology - it's a "nontransferable, non-sublicenseable" specification, which makes it a non-starter for free or open source developers. Internet standards have traditionally only become accepted if they're free of such restrictions,

Both the Apache Software Foundation and the Debian project, amongst others, had recommended not adopting the measure. Quite what's in Microsoft's patent remains a mystery: it isn't yet public. Meanwhile a similar proposal called SPF, that's acceptable to software libre developers, is also on the table. Both proposals attempt to verify the "From" field of an email, and authenticate it against a domain.

The chairs of the IETF's working group on MTA (Mail Transport Agent) Authorization Records in DNS (marid) concluded that, "the patent claims should not be ignored. Additionally, there is at least rough consensus that the participants of the working group cannot accurately describe the specific claims of the patent application. This stems from the fact that the patent application is not publicly available. Given this, it is the opinion of the co-chairs that MARID should not undertake work on alternate algorithms reasonably thought to be covered by the patent application."

(You can follow the discussions here.)

The ground rules of writing open source software seem to have escaped one analyst, however. On Friday Sageza's Rob Kidd wrote that the "religious zealots" at Apache had made a decision based on "a simple base of bigotry".

Sender ID is one of three proposals to make good on Microsoft's promise to stamp out spam "within two years", a pledge made by Chairman Bill in January. The others two are creating tarpits, and Gates' preferred option, pay-to-send. The latter has been described as a revenue opportunity in disguise

Related stories

Spammers embrace email authentication
Sender authentication is coming
TM domain leads anti-spam charge
TM domain leads anti-spam charge
MS takes fight to the spammers
Chairman Bill's magic spam cure - a revenue opportunity?
We'll kill spam in two years Gates
The Internet's background radiation - who pays?

Boost IT visibility and business value

More from The Register

next story
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.