June 26, 2005

Sender ID -- It Could Get Ugly

It could get a little ugly out there in the anti-spam world and, as is so often the case, the uglifier of record is Microsoft which on Thursday announced that it would start "enforcing" the use of its Sender ID sender authentication protocol for senders of e-mail messages to Hotmail and MSN Mail systems. In a less avaricious world, that might be a good thing, but last year Microsoft made its desire to co-opt sender authentication by enforcing a patent it has on a part of the way DNS records have to be modified to comply with the protocol. The logical next step is for Microsoft to charge for its use.

A tip of the hat goes to messaging systems analyst David Ferris for predicting exactly this strategy from Microsoft (see Ferris Urges Sender ID Implementation) late last year. My own response at the time was that Microsoft was not necessarily being a very good citizen (see . . . The Rest Of You Can Go Code Up That Sender ID Stuff) because it was defying the wishes of most players in the e-mail security business and going its own way, something it has not historically been shy about doing.

I had previously pondered the poor performance of Sender ID's prospects for acceptance (see I Just Don't Get It ), and concluded that the breakup of the IETF's MARID anti-spam task force was fatal to not only Sender ID. I thought it was possibly fatal to sender authentication altogether, and that it was all Microsoft's fault because of its insistence on the patent inclusion. I urged the IETF to re-form an anti-spam working group and make another attempt to address the problem.

It didn't, and so Microsoft has. I really can't blame them for pushing ahead regardless of the acceptance issues that remain for Sender ID. It is a standard, it can work, but to be really effective and widely used, Sender ID should not require a patent license if we're to remain the Internet community, and not become some additional fiefdom in Microsoft's empire.

I'd get on board with this Sender ID strategy if Microsoft would either back off on the patent issue, or would issue some sort of legal writ that forever absolves anyone using Sender ID from having to pay for the license. That might calm things down enough to get a sender authentication protocol in place. And if it would not make things pretty, at least it would keep them from becoming ugly.

Posted by John Dickinson at 08:03 PM | Permalink

Comment on this blog entry


		MESSAGING PIPELINE MARKETPLACE (sponsored links)
		Digital Warehouse buys, sells, & rents used Cisco networking hardware such as routers & switches, as well as Juniper, Extreme & Foundry at 50-80% off list price. One year warrantee and fast delivery. Roaring Penguin's CanIt-PRO anti-spam solution offers customizable spam and virus control for enterprises, campuses and ISPs. Designed for the mail server, CanIt-PRO lets you stop spam on YOUR terms. Click for free price quote for your organization. Use your Intranet to manage Software Licenses, plan for Windows XP/2000 upgrades, do Security Audits and more. Click to try and ask for our white paper - PC Management for the Internet Age. Analysts at the Tolly Group put a leading Branch Office IT services solution to the test, measuring performance, security and data reliability. Download the results, detailed in this free report, now. Whether you need temporary or permanent access to remote PCs, LogMeIn has your solution: LogMeIn IT Reach for automatic maintenance of remote and mobile systems, and LogMeIn Rescue for instant, web-based remote access without pre-installing software.