Forgot your password?
typodupeerror
This discussion has been archived. No new comments can be posted.

Debian Project Rejects Sender-ID

Comments Filter:
  • Perhaps (Score:4, Interesting)

    by JoshMooney (668142) <joshuamooney@gmail.com> on Sunday September 05, 2004 @09:20AM (#10161916) Homepage
    Perhaps this is where closed source vendors (read: Microsoft) will lead the adoption of Sender-ID.
    • Re:Perhaps (Score:4, Interesting)

      by sploo22 (748838) <dwahler&gmail,com> on Sunday September 05, 2004 @09:35AM (#10161975)
      I think you missed something - you say that like it's a good thing.
      • It would be nice to know wtf Sender ID is....I am new around here but maybe we could have definitions in articles, just a thought?

        I guess I will just have to look it up in Wikipedia...they are authoritative aren't they?

    • Re:Perhaps (Score:5, Insightful)

      by Karzz1 (306015) on Sunday September 05, 2004 @09:38AM (#10161988) Homepage
      Perhaps there will be no adoption of sender-id; perhaps an open solution will prevail. The reason the internet works as well as it does is open standards. Perhaps these companies that are trying to encumber "standards" are slowly learning that they will not gain the acceptance of their "standards" and will have to compete on the merit of implementations of open standards rather than locking people into a "standard". This is just the newest version of proprietary file formats; unfortunately it is the only way Microsoft knows to compete anymore. Rather than compete on a level playing field, Microsoft wants to lock you into their new "standard" rather than compete on the merits of their products.

    • so.. what you're saying is that spam senders are adopting sender-id?

      (which, is kinda exactly what is happening anyways..)
    • Re:Perhaps (Score:4, Insightful)

      by whovian (107062) on Sunday September 05, 2004 @10:02AM (#10162047)
      Perhaps this is where closed source vendors (read: Microsoft) will lead the adoption of Sender-ID.

      The article mentions that Microsoft's Sender ID is an extension of the SPF standard. Further, "SPF/Sender-ID requires changes to DNS and MTAs in order to work. The changes to DNS involve the addition of new records which identify machines authorized to send mail for a specific domain".
      I'm inferring that the internet's root DNS's have to be modified. Allowing Microsoft's "standard" on the root servers is hardly nonpartial if the open community is disagreeing so much.
      • No basic DNS changes (Score:5, Informative)

        by WoodstockJeff (568111) on Sunday September 05, 2004 @10:30AM (#10162204) Homepage
        The changes to DNS involve adding a TXT record to the domain which lists the hosts authorized to forward mail for the domain. Nothing proprietary there, and anyone with control over their DNS can do it.

        Of course, if you have a DNS provider who won't let you make such changes, you probably need a different DNS provider!

  • by darkmeridian (119044) <(moc.liamg) (ta) (gnauhc.mailliw)> on Sunday September 05, 2004 @09:21AM (#10161919) Homepage
    Of course patent-encumbered standards will never take. Why do companies even hope that it will? Do they remember what happened to IBM and MCA?
    • by benjamindees (441808) on Sunday September 05, 2004 @09:28AM (#10161946) Homepage
      Although I hope you're correct, it's incredibly naive to believe so.

      The truth is, proprietary 'standards' are all over the place. They are especially effective when directly-marketed to consumers, cutting out all the middle-men who might say "whoah there, that isn't a good deal" and replacing them with glossy print ads full of half-truths.

      And, let's face it, Windows itself is the greatest direct-marketing tool ever created. I'm not looking forward to the direction this is going.
    • by Kjella (173770) on Sunday September 05, 2004 @09:28AM (#10161948) Homepage
      Sure, patent restricted formats doesn't do well... like gif (now expired), mp3, mpeg2, mpeg4, wma, wmv, ttf (pixel hinting algorithm), rsa (also expired) and so on and so on. You are using one of very few examples where it was "everybody against one". Consortiums and such or companies with little competition rarely have problem introducing patented standards.

      Kjella
      • You are right. But here, we are talking about an E-MAIL standard. And while free open-source software doesn't dominate the market, it does make up a strong percentage of the market. Why bother shoving a patent-encumbered format in this field? It just seems like a pointless task. You could just NOT SQUANDER your good will and just remove the patents or donate them to a not-for profit.
        • Why bother shoving a patent-encumbered format in this field?

          Maybe it's to prevent someone else from registering a patent for something that's broad enough/similar enough/outright identical to this and causing problems?

          I've not RTFAed, but after the Eolas thing, I imagine that MS has become rather sensitive to that sort of thing happening, and so will probably now take out patents on everything it can to prevent it from happening again. Besides, merely owning a patent doesn't mean that you have to go afte
          • by mindstrm (20013)
            Well, if the patent were licensed irevocably for unrestricted use by anyone for anything, then the OSS crowd wouldn't have a problem with it.

            The problem is, unless it's so licensed, and despite best intentions... a patent holder can later choose to kick your ass for using his patented method, even if he let oyu use it for free for years.

          • My understanding was that while you don't lose the patent for not defending it, if you did try to sue someone for infringement, and that defender could point to a case where you ignored a similar infringement, it would weaken their case considerably.
            On a different note, with the amount(or lack thereof) of work going into finding prior art for patents, especially software patents, right now, I certainly hope they'll at the very least remove the capacity for retroactive patent infringement.
        • by miquels (37972)
          Actually, Sender-ID is a standard for MTAs (Message Transfer Agents) and here open-source sofware /does/ dominate the market. The four large names are Sendmail, Qmail, Postfix, and Exim.

          For more info see the IETF sender-id mailinglist at http://www.imc.org/ietf-mxcomp/mail-archive/thread s.html
    • by Froze (398171) on Sunday September 05, 2004 @09:30AM (#10161956) Homepage
      Its not like image compression using LZW was ever accepted by the masses or the mp3 codecs were ever used by the majority.

      All broad sweeping statements are prone to failure, including this one.
    • "Why do companies even hope that it will?"

      A corporation does not hope.
      It does not have a soul.
      If a corporation were made flesh and has a body, he'd be locked away as a psychopath!

      Have said that, well, it is probably an calculated gamble, and why not? Just because a few losers lost doesn't mean they will all bend over and die.

      Licensing = zero recurring cost price + unlimited profits.

      Wonder why USA is producing nothing much nowadays? They've discovered da bomb and is trying to slug the rest of the world w
    • they can take up easily, you just need to submarine longer.

      and after you're known to pull such stunts it's harder of course.

      (being the only good alternative on the market is a good way too)
  • by Talonius (97106) on Sunday September 05, 2004 @09:29AM (#10161950)
    We have many major players rejecting this proposal in public. Is it enough for critical mass?

    Sendmail has a plugin available which allows for Sender ID compliance. Which other GPL software will be modified by third parties? This is the joy of GPL software, of course, to maintain it separately from the core. This is also the Achilles' Heel. If Microsoft wanted to do so it could produce the necessary changes for all of these dissenting software packages itself -- and distribute them itself -- and achieve dominance through this method.

    The official group declaration would mean little if the availability of the encumbered proposal is enormous and well known.

    Most importantly, why wasn't this type of public condemnation available for the various W3C proposals that had patents attached? We cannot pick and choose the fights we engage in - our opposition to patents and intellectual property in standards must be uniform and universal. Once a single standard is accepted despite being weighed down by IP concerns the floodgates will open.
    • by Anonymous Coward on Sunday September 05, 2004 @09:37AM (#10161983)
      7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program.
    • Sendmail corporation...I'll get back to them in a moment.
      1. Sendmail has a plugin available which allows for Sender ID compliance. Which other GPL software will be modified by third parties? This is the joy of GPL software, of course, to maintain it separately from the core. This is also the Achilles' Heel. If Microsoft wanted to do so it could produce the necessary changes for all of these dissenting software packages itself -- and distribute them itself -- and achieve dominance through this method.

      I'm

    • > Most importantly, why wasn't this type of public
      > condemnation available for the various W3C
      > proposals that had patents attached?

      There was considerable discussion and controversy, with the result that W3C dropped their RAND proposal in favor of open standards.
    • by KjetilK (186133) <kjetil@@@kjernsmo...net> on Sunday September 05, 2004 @01:32PM (#10163184) Homepage Journal
      As I said yesterday, I think Sender ID looks dead, unless Microsoft changes their mind. People have worked very hard on this topic. Larry Rosen worked very hard with them, and Matt Sargeant (Matts [slashdot.org] on /.) took it up with them [imc.org]. I think it looks like a case of MS not getting it.

      I came across this message on Exim-users where one of the core developers flatly rejects the license [exim.org], and it also indicates the Sendmail folks feel the same. Courier has also rejected it in a similar manner.

      Sender ID needs rapid adoption, and it won't get off the ground with rejection from all the major FOSS MTA's.

      I believe MS knows it, but they appear to fail to understand that licensing means at least as much for FOSS developers as it does for them. They said that they would update their FAQ with a promise that they will never charge for Sender ID, but miss the point that that isn't enough for developers.

      I think this is extremely interesting, because it is the first time MS and the FOSS community comes together over something like this, where everyone knows that we have to get a standard up working. We're seeing a clash of worldviews, but if MS steps down now, they will have learned a valuable lesson.

  • How risky is this? (Score:5, Interesting)

    by johannesg (664142) on Sunday September 05, 2004 @09:31AM (#10161963)
    I'm assuming Microsoft will soon enough have mail servers that support (or worse, require!) sender ID, and will advertize heavily with this as a supposed extra security feature that OS cannot or will not offer. What I'm wondering: is this in any way a threat to OS and the infrastructure of the web?
    • Or, it might say "We are really committed to security! Fuck all the FOSS, they can't use our patent even if that would increase security and compatibility!"
    • MS would have to set Exchange to reject non-Sender-ID'd email by default, which would mean that 90% (I'm guessing) of email would be rejected. I haven't figured out how they can use this to hold the majority of MTA users hostage. They need our cooperation; Sender ID won't work unless the majority of domains are using it.

      The web won't be affected. Only email can be affected, and only if everyone agrees to play the Sender ID game.
  • by SilentChris (452960) on Sunday September 05, 2004 @09:31AM (#10161964) Homepage
    I've read both statements and, while I agree they can do whatever they want with their software/distributions/etc., I've seen little analysis.

    What makes Sender-ID so bad, in comparison to other technologies that both do support (say ASP and SMB). Is it because they reverse-engineered those and MS is trying to release this into the "open"? Are they waiting for a reverse-engineered version?

    I know some about coding but little about law. What in particular about this license is causing so much trouble? Could MS change a few lines and it would be accepted?
    • Microsoft owns a patent on it which they intend to enforce in such a way as to freeze out Free Software.
    • by pavon (30274) on Sunday September 05, 2004 @01:24PM (#10163150)
      Here is the deal with Sender ID. Caller ID is patented (Sender ID = SPF + Caller ID), and thus everyone who uses in must get a patent from MS. If something is patented, you must license it to use it. It doesn't matter if you got the ideas from copying, white-room reverse engineering, or if you independently discovered the idea - the patent holder still has a monopoly on the use of the ideas and you must license them. As far as I know ASP and SMB are not patent encumbered. MS didn't have a policy of patenting their software until several years ago (about the same time as the Halloween papers were written, IIRC).

      MS has licensed the Caller ID patent(s?) under what, on the surface, appears to be a very fair and open royalty free license. You don't have to pay any fees to MS to get a license to include Caller ID in your software. You can distribute the software to anyone you want, and your users are also free to redistribute this software. You can even distribute the source. For more information, read this article [internetnews.com]. However there is one issue that makes it incompatible with open source software - the patent license is non-transferable and non-sublicenseable.

      What that means is that each developer who creates or modifies Caller ID code must sign and mail their own license from MS. The OSI definition of Open Source Software, and FSF definition of Free Software both state that the user must be free to modify and redistribute the software. This puts FLOSS licenses at odds with the Caller-ID license. If your software license meet the terms of the Caller-ID license then the software isn't FLOSS, and if you use a FLOSS license, then you are not meeting the terms of the Caller-ID license. The best lawyers on the subject agree [eweek.com] that it is impossible to make these two agree. They also do a good job of explaining why redistribute of modified works is critical to FLOSS software, and why we should refuse to use a license that would be compatible.

      So thats where things stand. It would be possible to write a non-FLOSS plugin for FLOSS software, but it is impossible to write a FLOSS implementation. Debian has a long history of not accepting non-free software into their main branch. But even among those that are more tolerant of combining proprietary software with FLOSS, there are many who disagree with proprietary standards and are thus opposed to the Caller ID license.
      • As far as I know ASP and SMB are not patent encumbered. MS didn't have a policy of patenting their software until several years ago (about the same time as the Halloween papers were written, IIRC).

        Nope. MS has actively patented things for more than a decade.

        A friend of mine at Microsoft worked on the implementation of long filenames on FAT16, and was awarded a patent for it (with a couple other people). He was proud of it, mainly because it involved several brilliant tricks to get the long filenames s

    • Could MS change a few lines and it would be accepted?

      Sure, it would be trivial.

      This conflict is *not* a mistake or accident. The normal and widely used terms for standards submissions are perfectly fine. Microsoft's army of lawyers put signifigant effort into carefully crafting a non-standard licence to create the problem. Microsoft's own FAQ (question 15) admits they were aware of the conflict when they first submitted their non-standard licence. Microsoft's terms are an intentional effort to exclude GP
  • by Anonymous Coward
    A list of SPF-enabled registrars and DNS providers is at http://www.spf.idimo.com/ [idimo.com]
  • Concern for all (Score:4, Interesting)

    by MikeMacK (788889) on Sunday September 05, 2004 @09:33AM (#10161969)
    We are also concerned that no company should be permitted intellectual property rights (IPR) over core Internet infrastructure.

    This should be a concern for all, no matter how you feel about MS, or even if this was another company, like IBM, HP, etc. The standards which hold the Internet together cannot "belong" to one company.

    • I agree. I also believe Sender ID will never be officially adopted into the Internet standards because of its licensing and belonging to one company, however practically speaking wide-spread adoption of the technology is as good as a standard ... and Microsoft knows this ... and Microsoft stands in a good place to be able to do it. In fact Microsoft has become the defacto (although un-official) standard for a lot of things.

      It's important that *nix-based platforms and OSS community continue to stick with

    • Tell me again why we would need a new law for this? Because I can tell you right now that they won't make a new law just for this. And just as well, because we don't need one:
      1) Patents cannot be applied to existing internet standards, because of prior art
      2) *We* are the ones who choose whether or not to accept a patent encumbored standard. Now go with Apache and Debian, and shout "We won't accept this!" for all to hear.
  • by mariox19 (632969) on Sunday September 05, 2004 @09:33AM (#10161972)

    Everybody here is no doubt familiar with the "unofficial standard" that is Microsoft Word: meaning, they have been sent Word documents or asked to send documents in Word format as if everybody used Word. Microsoft has ensured that the clueless masses default to Word's format as an Internet standard (or as an example of "best practices" -- to use the latest buzzword).

    You can find examples of this in business, education, and government.

    It's possible that we're going to see e-mail "evolve" in the same way. Ninety percent of e-mail flying around the Internet will use the new Sender ID standard; those not using it will seem odd and likely be forced to use it more often than not in their various business dealings.

    • What needs to happen is we need to develop an open Sender-ID format. Of course this would have to be different enough to sneak by the patent office but maybe we can sneak in interoperatability???
  • by cluge (114877) on Sunday September 05, 2004 @09:38AM (#10161989) Homepage
    It's sad, but it seems that taking sometimes the most primitive steps to help secure one's mail server is over the heads of mail administrators. Even worse, the amount of resistance to having an MTA have proper reverse is incredible.

    A short time ago the company I worked for started refusing inbound connections from MTA's that didn't have proper reverse DNS. By proper reverse dns I mean as per RFC 1912 section 2.1 . While the word must isn't used in the RFC, the word should is used, and the RFC even states "For every IP address, there should be a matching PTR record in the in-addr.arpa domain........Failure to have matching PTR and A records can cause loss of Internet services similar to not being registered in the DNS at all."

    Imagine when I had to explain what proper reverse DNS was to an MCI "internet engineer" (That was the title in his e-mail). Imagine my suprise at the number of complaints generated - and even greater suprise that people simply REFUSED to fix their problem. Instead, bowing to our own customer pressure, we stopped enforcing the checks. We again became part of the problem, instead of part of the solution.

    We did this because we saw lots of spam that came from MTA's with no reverse. Even more telling we found lots of spam that used "spoofed" reverse dns. I.E. the reverse had a pointer to some host like mx4.hotmail.com, when no forward with that IP existed. This is most common from spammers coming out of eastern Europe, and some out of china. By refusing to accept mail from these we lowered the amount of delivered SPAM.

    Supposedly, AOL, Road Runner, and AT&T require reverse dns. In actuality they don't. If the community is truly serious about fighting spam then they would follow their own policies, and they would help. If AOL and hotmail alone required valid everse DNS the rest of the world would follow suit in short order. By not enforceing their own published rules, very large providers are part of the problem, and their laziness continues to perpetuate the problem.

    Considering their inability to enforce something as simple and as easy as rdns (RFC 1912 published 1996) I see no hope for caller ID, or SPF records. They all sound like great standards - but we can't even enforce the standards we have had for almost 10 years.

    Debian is correct to reject the "caller-id" feature. Not for any copyright reason, but because it won't work in the current environment with so many lazy administrators, and the only adoption being the spammers themselves.

    cluge
    • by Homology (639438) on Sunday September 05, 2004 @11:05AM (#10162390)
      If AOL and hotmail alone required valid everse DNS the rest of the world would follow suit in short order.

      Not very likely, for this would break large part of the e-mail infrastructure. There are many virtual hosters whose reverse DNS does not match the domain they are hosting. Or in my case with static IP home DNS that does resolves to something, but my domain name. And I suppose we can say bye, bye to many backup MX servers as well.

      What AOL sensibly require [aol.com] is :

      • If the sender's domain is the only domain sending mail from a specific IP address, we recommend that the reverse DNS entry (PTR Record) match the domain name (A Record), but we do not require it.
      • AOL does require that all connecting Mail Transfer Agents have established reverse DNS, regardless of whether it matches the domain.
      • Reverse DNS must be in the form of a fully-qualified domain name - reverse DNS containing in-addr.arpa are not acceptable, as these are merely placeholders for a valid PTR record. Reverse DNS consisting only of IP addresses are also not acceptable, as they do not correctly establish the relationship between domain and IP address.
      • /ul
      • There are many virtual hosters whose reverse DNS does not match the domain they are hosting. Or in my case with static IP home DNS that does resolves to something, but my domain name. And I suppose we can say bye, bye to many backup MX servers as well.

        I don't think he means that the delivery DNS match the envelope sender, only that the delivering IP have valid and matching forward and reverse DNS records. This would not affect virtual hosts, MXs, send-only or receive-only relays, or SMTP HELO.

        Or in my ca

  • by p0 (740290) on Sunday September 05, 2004 @09:40AM (#10161995)
    It is very likely that Sun, IBM and RedHat will reject Sender-ID as well. Here is a very interesting read on News Forge [newsforge.com]
    • I was expecting your link to go the Newsforge story that leads to this article [moongroup.com], but apparently not. Apparently Earthlink is refusing to adopt Sender-ID in its current state as well, and most interestingly it is doing so on the advice of its legal counsel. Given that the project leads of Exim and Postfix, but interestingly not Sendmail, have also adopted a similar stance I think Sender-ID is pretty much dead in the water at this point.

      I have to admit, I'm in two minds about this. On the one hand it's lo

  • by njdj (458173) on Sunday September 05, 2004 @09:50AM (#10162016)
    As the Debian statement says,
    We are also concerned that no company should be permitted intellectual property rights (IPR) over core Internet infrastructure.

    Seems obvious to me. Why isn't it obvious to the IETF?

    Debian again: We believe the IETF needs to revamp its IPR policies to ensure that the core Internet infrastructure remain unencumbered.

    Right on.

    A company like Microsoft has no respect for the rights of others, no respect for ethics, no respect for the ideals of the people who built the Internet infrastructure for our benefit. I agree with Debian that no company should be permitted IP rights over core Internet infrastructure. But especially not a predatory company like Microsoft.

  • by the pickle (261584) on Sunday September 05, 2004 @09:50AM (#10162018) Homepage
    Description of the Sender ID Framework [microsoft.com] from Microsoft.

    It would be so much nicer if people writing/editing these stories would link to stuff that isn't blindingly obvious to everyone.

    p
    • All "Redundant" mods will be meta-modded "Unfair" until the mods can prove they know what "redundant" means.

      You mean,
      All "Redundant" meta-modded "Un" 'til mods prove know what means.
      It's still legible, and has less words! Less repetitive redundancy! :-P
  • good on them (Score:3, Insightful)

    by auzy (680819) on Sunday September 05, 2004 @09:52AM (#10162024)
    They were right to reject it. The open source world often stands together in such issues, and the only end result that could happen is a truly free standard that will take on the world. Now that issues have been raised, it means every other distro will analyse it, and probably not include it either but help work on a "free" one, and the internet in reality runs off Unix, so we have a VERY good chance of getting a strongly supported standard out there.. Very few major mail servers run off Windows, hotmail is probably the only one I'd imagine.

    Just one question, has there been any work on a open standard yet?
    • Just one question, has there been any work on a open standard yet?

      Yes, it is substantially built on an open proposal, SPF [pobox.com]. Sticking my finger to the wind, I am guessing that's what the IETF is going to go with anyway.

  • Is there any way one can actualy find out what Sender ID _is_, without increasing one's exposure to patent infringement lawsuits?
  • by ites (600337) on Sunday September 05, 2004 @10:17AM (#10162127) Journal
    Apart from the fact that Microsoft are an incredibly wealthy and successful company, they deserve a moment's silent respect for their utter failure to understand the way the IT market is evolving.

    The attempt to inject patents into anti-SPAM tools is well-founded for a company that wants to find new business models, but it's incredibly offensive to the Internet community. Not just "nerds" and "fanatics" exposing some radical political viewpoint, but the hundreds of thousands of hard-working people who actually built the servers that run the web.

    Technology gets ever cheaper and this inevitably destroys old markets. For the world's largest software company to _still_ earn the bulk of its money from operating systems and office suites is quite amazing. These are commodity products and only sell through brute-force tactics that are eventually self-defeating.

    Microsoft should step back from trying to control essential domains such as email, and focus on what they are really good at: providing the unwashed masses with easy-to-use, pretty front-ends. It's a market with huge potential but its success depends on a reliable and expanding back-end infrastructure, exactly the domain that Microsoft is incapable of delivering.

    A message to Microsoft: please understand that open source is the key to your long term survival. Embrace it, or die. Open source is the cornucopia of software technology: it will create a hundred million new software consumers, and most of these will be potential new clients.

    Just produce software they actually want, not software they are forced into buying by your devious political games.

    When the Internet first became popular, Bill Gates announced that the Microsoft Network would be better. He was wrong, and after a couple of years, forced Microsoft to embrace the net rather than fight it.

    The same is true of open source. It's only a conflict because Microsoft is refusing to face the inevitability of the situation.

    A moment's pity, therefore. They may be rich. That does not make them either smart, or right.
    • A message to Microsoft: please understand that open source is the key to your long term survival. Embrace it, or die. Open source is the cornucopia of software technology: it will create a hundred million new software consumers, and most of these will be potential new clients.

      I'm sure Bill and Steve paused in their reading of slashdot to make a note of your message.

    • ... anti-SPAM ...
      "SPAM" vs "spam" [spam.com]

      Summary: SPAM is canned meat; spam is unsolicited bulk email.

      Cue the Vikings.

    • >A moment's pity, therefore. They may be rich. That does not make them either smart, or right.

      I can't help but to laugh at this example of uninformed zealotry. Even if I weren't dubious about MS meriting any pity, this is rather like a 8 year old child patting itself on the back for outrunning a geriatric in a wheelchair.

      OSS fits somewhere into MS's problems, but is hardly the dominant factor. Aside from OSS, their primary problems right now stem from the the worldwide wave of anti-monopoly lawsui
  • Mozilla? (Score:3, Insightful)

    by sbaker (47485) * on Sunday September 05, 2004 @10:23AM (#10162160) Homepage
    The big push here needs to be for Mozilla to refuse to support it.

    We heard here yesterday that Mozilla has a far bigger market share than Debian does - and Mozilla actually does read mail and reject spam. So their refusal to participate in a Microsoft takeover of the world wide email system would have some real meaning.

    It's good that Apache came out against it...what about 'sendmail'?

    There also needs to be some promotion of a good alternative that's not IP-encumbered and which would hopefully have technical merits too...it's easy to refuse to support a proposed standard - but it's better to have a good reason to recommend a solid alternative.

  • Even being familiar with DNS, SPF, Spam Filters of all kinds I don't get what's different about Microsoft's plan and the general SPF plan.

    Someone want to clear that up?

    That article Microsoft has is just SPF with a different name on it as far as I can tell.

    (Or did they invent SPF in the first place...)
    • Sender ID adds checking of the header FROM field to SPF. SPF just checks the domains mentioned in the SMTP protocol exchange (HELO/EHLO, MAIL FROM), while Sender/Caller ID check the optional FROM header found in the DATA portion.
  • by WoodstockJeff (568111) on Sunday September 05, 2004 @10:49AM (#10162314) Homepage
    ... is whether or not any of the projects are going to implement the unemcumbered SPF portion [pobox.com] of Sender ID, or if they're throwing that out with Microsoft's enhancements.

    You can implement handling the setup of the DNS TXT records without touching anything Microsoft claims ownership of. You can implement the checking of the HELO/EHLO and MAIL FROM via SPF with no patent concerns. Will Apache, Debian, et al dismiss this, simply because the most popular implementations of SPF also support checking the header FROM field, which is supposedly Microsoft's idea?

  • by optimus2861 (760680) on Sunday September 05, 2004 @11:10AM (#10162416)
    Browsing the mailing list, I came across this [imc.org] message from Matt Sergeant of MessageLabs, about a conversation he had with Craig Spietzle of MS. Notable excerpt:

    I pressed him: "Will you fix the license?". I never really got a confirmed yes or no, but my feeling was "no" when we ended the conversation. I suggested that they give their IP to the IETF (such as I believe there is precedence of - I know that IBM has committed patents to the public domain before in a similar act of openness), to which I was told that Craig believed this was a reasonable idea, but that
    Bill Gates himself had vetoed that idea because of the current focus on patent gathering and IPR issues at Microsoft.

    (emphasis added)

  • Am I the only one that remembers this Billy Gates quote? I believe he will make Sender-ID a requirement in Exchange and Outlook... This will force feed it's adoption unless Microsoft continues to lose market share to alternative desktop OSes.

    Trying to sneak a pantented standard in, then later charging for it after wide-spread adoption seems more likely, if you do remember that quote.

  • Rejecting SenderID is a wise move on the part of Debian and Apache. Just because Microsoft has a warm and fuzzy document that says you can use SenderID for free doesn't mean it will stay that way forever, and doesn't detract from the fact that it's PATENTED TECHNOLOGY. I feel that Microsoft would have no qualms about using this Trojan horse to rain down hate on any OSS project it perceived as a competitor to one of their technologies by leveraging their adaptation of SenderID.

    All it would take is for Mic

Work without a vision is slavery, Vision without work is a pipe dream, But vision with work is the hope of the world.

Working...