September 16, 2004 1:15 PM PDT
AOL drops Microsoft antispam technology
The online giant cited "lackluster" industry support and compatibility issues with the antispam technology SPF, or Sender Policy Framework, that AOL supports.
AOL's moves come days after the Internet Engineering Task Force standards body voted down the Sender ID proposal. The IETF said Microsoft's decision to keep secret a patent proposal for the technology was unacceptable. Open-source groups also pulled their support of Sender ID, claiming its licensing restrictions were too strict. AOL agreed with the IETF fallout and added its own reasoning.
"AOL has serious technical concerns that Sender ID appears not to be fully, backwardly-compatible with the original SPF specification--a result of recent changes to the protocol and a wholesale change from what was first envisioned in the original Sender ID plan," AOL spokesman Nicholas Graham wrote in an e-mail.
Sender ID, like SPF, is a technology that verifies the authenticity of an e-mail sender's "@" address, such as "@yourbank.com," by validating the underlying, numeric Internet Protocol address. The system combines Microsoft's "Caller ID for E-Mail Technology" and SPF, authored by Meng Wong, chief technology officer at Pobox.com.
Graham added that while AOL will not check Sender ID for inbound messages, it will still publish records for outbound e-mail.
AOL's announcement illustrates the brewing standards battle for e-mail authentication technology for fighting spam. One of the most reviled byproducts of the Internet, spam has become a problem that plagues consumers, corporate networks and e-mail providers such as AOL, MSN and Yahoo.
All three of the Internet giants are putting their weight behind their own systems. AOL has used SPF since 2003; Microsoft is pushing for Sender ID; and Yahoo is supporting Domain Keys, which uses digital signatures and can be employed alongside SPF or Sender ID. These technologies take different stabs at the same problem, and each company is trying to drum up support among industry players.
Despite public statements about cooperation, AOL, Microsoft and Yahoo made independent moves to turn their systems into standards. All three companies have submitted proposals to the IETF in the hope that their preferred technology will become the industry standard for antispam efforts.
Microsoft would not immediately comment on AOL's decision.
Yahoo spokeswoman Mary Osako said in an e-mail that the company "is continuing to evaluate a variety of industry solutions including those that are IP-based, such as SPF and Sender ID, and those that are cryptographic, such as DomainKeys. Yahoo is focusing efforts around DomainKeys, which provide an effective and scalable solution to solving the phishing and e-mail forgery problem."
CNET News.com's Stefanie Olsen and Rob Lemos contributed to this report.
6 commentsJoin the conversation! Add your comment