11:13 AM

IETF Disbands Anti-Spam Working Group

The effort to create an email sender authentication standard can't overcome patent concerns surrounding Microsoft's Sender ID proposal.

The Internet Engineering Task Force has disbanded its working group tackling spam, saying it was deadlocked, in part, over troubles related to Microsoft Corp.'s Sender ID proposal.

The decision, announced in an e-mail this week to the MADRID group by co-area director Ted Hardie, left in limbo industry efforts to develop a single standard for authenticating senders of e-mail, a process that would make it more difficult for spammers to disguise the origin of their inbox-clogging, annoying messages.

"I'm very puzzled by this," Matt Cain, security analyst for researcher the Meta Group, said Thursday of the IETF's decision. "Ultimately, the industry will probably converge on one or two approaches (for authentication), but my sense is this will delay deployment."

Sender ID is a combination of Microsoft's Caller ID technology and the Sender Policy Framework, an extension to the standard Internet protocol for transmitting email called Simple Mail Transfer Protocol. Earlier this month, MADRID, which stands for MTA Authorization Records In DNS, said patents related to Caller ID's part in Sender ID had made the latter unworkable.

In his e-mail, Hardie said the group has failed to reach a consensus on one anti-spam technology, blaming the logjam, in part, "by the need to evaluate IPR (intellectual property rights) and licensing related to at least one proposal," an apparent reference to Sender ID.

"Efforts to reach consensus by compromise and by inclusion have been attempted on multiple occasions," Hardie said. "Despite early hopes of success after each such attempt, post-facto recycling of technical issues which these efforts should have closed has shown that the group remains divided on very basic issues."

Industry unhappiness with Sender ID was pushed to the forefront earlier this month when America Online Inc., a unit of Time Warner Inc., dropped support for the technology, saying that it would only use SPF for checking inbound e-mail for the millions of subscribers to its Internet service.

In making its decision, AOL cited "serious technical concerns" with Sender ID, and the fact that it was not supported by the open-source community. The influential, open-source Apache Software Foundation had earlier rejected the proposed standard, saying the licensing terms set by Microsoft were too strict.

With so much disagreement over the technology needed to beat back spam, it appears the industry is headed for fragmentation, rather than a single standard.

"My initial analysis is that it will be left up to the vendors themselves to propagate their approaches," Cain said.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of July 17, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.