June 29, 2005 12:27 PM PDT

Antispam proposals advance

An Internet standards group approved two "experimental" antispam proposals, sidestepping a controversy dividing Microsoft and its e-mail competitors.

The Internet Engineering Steering Group (IESG), a division of the Internet Engineering Task Force (IETF), said it would publish two competing and overlapping sets of documents that define ways of confirming that e-mail senders are who they say they are.

The experimental Requests for Comment (RFCs)--Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail and Sender ID: Authenticating E-Mail--have been the subject of intense jockeying by Microsoft, America Online and others.

Critics have accused Microsoft of trying to strong-arm the industry into accepting Sender ID. Concerns over Microsoft's Sender ID-related patents have alarmed some involved in setting standards, and last year the IETF let a Sender ID working group expire.

"While many proposals for domain-based authorization have been under consideration, no consensus has yet been reached concerning a single technical approach," the IESG said in a statement. "The IESG does not endorse either of the two mechanisms documented in the experimental RFCs--their publication is intended to encourage further discussion and experimentation in order to gain experience that can be used to write future standards in this space."

Microsoft said that despite the expiration of the Sender ID working group in September, the approval of the experimental RFCs showed that its technology is alive and well in the standards-setting process.

"We think this is great," said Samantha McManus, business strategy manager for Microsoft's technology care and safety group. "We're glad to see Sender ID's experimental status, and we think e-mail authentication is very important for addressing spam and phishing. That said, we definitely have more to do."

Sender ID "embraces and extends" SPF, according to McManus, introducing more complex ways of tracking data about e-mail servers and senders.

Other antispam authentication technologies in use include Yahoo's DomainKeys, which Cisco recently said it will support.

The IESG said that while e-mail providers have already implemented Sender ID and SPF, an experimental period was key to the standards-setting process.

"Given the importance of the worldwide e-mail and DNS (Domain Name System) systems, it is critical that future standards support their continued stability and smooth operation," the IESG wrote.

5 comments

Join the conversation!
Add your comment
Doesn't Matter
No matter what is decided the spammers will end up using it to get in mailboxes. It's only a matter of time, and I think that will be very short.
Posted by (7 comments )
Reply Link Flag
You are wrong maybe
Belive me I have system that will eliminate spam worldwide in matter of minutes,it is so easy and low-tech,problem is don't know who to approach to make it and develop.
Just by explaining how it works most people will know that it works,actually part of is simillar to what Yahoo and MS are proposing but it is actually solution to spam problem.

With their system it will cost lot of money,effort and even create additional problems and posible might not even work right to stop spam.
Posted by (32 comments )
Link Flag
Wast of money and time
I have much better system,my system cost 1/2 procent from all money they are spending on this idea,plus it WILL eliminate spam for good.
Worldwide.
No need for anti-spam laws,lawsuts against spam companies and it heck of cheap.
Posted by (32 comments )
Reply Link Flag
Stop spamming!
Maybe you should stop spamming the spam discussion!
Posted by Johnny Mnemonic (374 comments )
Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.