Anti-Spam Effort Killed Amid Patent RowAnti-Spam Effort Killed Amid Patent Row
Microsoft has applied for a key patent, and anti-spam activists don't agree with its plans for the patent.
September 28, 2004
NEW YORK (AP) -- A row over intellectual-property claims from Microsoft has dealt a fatal blow to an ambitious effort by Internet engineers to create a technical standard for curbing junk E-mail.
The failure to reach consensus on the Microsoft-championed proposal known as Sender ID throws back to the free market a process many consider urgent in view of the unabating onslaught of spam. Sender ID's effectiveness and compatibility with existing mail systems already were in question before members of the Internet Engineering Task Force got hung up on the patent battle, said Yakov Shafranovich, a leading anti-spam activist. The task force, which works by consensus on Internet standards, dissolved a working group on Sender ID last week after deciding that agreement couldn't be achieved anytime soon. Some experts say the decision could speed up work on a different spam-control technology from Yahoo Inc., one seen as stronger but more difficult to implement. The IETF is expected to create a working group as early as November to craft standards for digitally signing messages, an anti-spam approach Yahoo favors. Two other groups are in the works to explore additional approaches. It's possible for two or more of these technologies to work in conjunction. The Microsoft and Yahoo proposals, along with one being tested by America Online Inc., aim to tackle E-mail spoofing--the practice of sending messages that pretend to be from someone else, be it Bill Gates or a friend in your address book. The technology wouldn't eliminate spam, but it could help identify and block a common spam technique. Under Sender ID, Internet service providers would submit lists of their mail servers' unique numeric addresses. On the receiving end, software would poll a database to verify that a message was actually processed by one of those servers. Microsoft has applied for a patent on the method for polling the database. Though the company promises to make the technology available for free, it wants to bar software developers from further licensing it, a restriction that several members of the open-source community find unacceptable. As the Sender ID working group, formally known as MARID, began trying to craft a compromise on the patent issue, members resurrected technical concerns previously thought to have been settled. That's when the group's leaders decided to abandon the project. Microsoft spokesman Sean Sundwall said the company would continue to push Sender ID regardless of the IETF's decision. He said smaller companies might hesitate without standards but larger ones won't change their plans. "Once you get a critical mass of people adopting Sender ID, it becomes for the smaller sender critically important they adopt it as well," he said. Andrew Newton, co-chairman of the working group, declined interview requests but put a positive spin on the developments in an E-mail statement. "This is part of the IETF process asking the community to gather more experience with sender-authentication schemes to get the final standard right," he wrote. John Levine, who heads an Anti-Spam Research Group affiliated with the task force, said members couldn't come to terms because they had little real-world data. But Dave Anderson, chief executive of Sendmail Inc., said he believes resolution would have been possible if not for the patent fight. Sendmail is testing various anti-spam schemes, including Microsoft's and Yahoo's. Dave Crocker, an Internet pioneer with the Brandenburg InternetWorking consultancy, said heated debate during the standards-setting process is fairly common, but the one over spam is unusual because of a perceived need to rush. Larger than the patent fight, he said, was the ambitious schedule for resolving fundamental technical difficulties. "The normal approach is to proceed very cautiously," Crocker said. Major changes to the Internet architecture "always have unintended consequences and they are usually bad."
About the Author(s)
You May Also Like
Cybersecurity Forecast for 2024
Entering the era of generative AI-enabled security
Choice Hotels Goes 'Lights Out' with Remote Power Management and Server Access from Raritan
From Data-Lock to Data-Driven: Effective Data Management for Financial Institutions
The Definitive Guide to Understanding IP Addresses, VPNs and their Implications for Businesses