X
Business

Hats-off to Microsoft for finally freeing Sender ID! Spammers, take cover

Although it didn't open source the technology and there's no word on whether the open community will embrace it (after originally turning tail and running from it years ago), Microsoft has taken a bold and welcome step by changing the terms of availability for its Sender ID anti-spam technology to something that's less encumbered than the prior terms and that's more developer-friendly.
Written by David Berlind, Inactive

Although it didn't open source the technology and there's no word on whether the open community will embrace it (after originally turning tail and running from it years ago), Microsoft has taken a bold and welcome step by changing the terms of availability for its Sender ID anti-spam technology to something that's less encumbered than the prior terms and that's more developer-friendly. According to IDG News Service's Elizabeth Montalbano:

Sender ID, an e-mail specification for detecting when an e-mail address is being spoofed to send spam, can now be used as a basis for new technology by anyone under Microsoft's Open Specification Promise (OSP), said Jason Matusow, senior director of interoperability for Microsoft

Through the OSP, published in September, Microsoft promised it would not take any patent-enforcement action against people that want to use specifications on a list of Web services technologies for which it has patents. Now Sender ID has been added to the list of specifications that are freely available for use, he said.

Without getting too deep into the nerdy details, the technology in question is one that can help e-mail systems determine whether or not the sender of an e-mail is really who they say they are. While such systems that authenticate senders are not a silver bullet to ending spam (nothing is), authenticating senders is widely believed to not only be one of many techniques that can establish with confidence that a certain email is or isn't spam, it's also a foundational block on which other anti-spam systems (eg: sender reputation management systems) can be built. In combination or layers, multiple anti-spam standards could probably weed about 90 percent of the spam out of the Internet. 

Although Sender ID has been around for a while and it was at one point being investigated as part of a possible Internet standard by a special research arm of the Internet Engineering Task Force (IETF), it never lived up to its potential after Microsoft announced that it wasn't contributing its technology to the open community on a completely unencumbered basis. Although Microsoft wasn't going to charge royalties to developers who included the technology in their products, it did require something called privity: all licensees had to execute their own license agreement with Microsoft. The move prevented open source developers from gaining access to the technology since open source is largely based on a culture of sub-licensing where developers can essentially pass a license around without ever having to go back to the original licensor.  

Now that Sender ID is a part of Microsoft's OSP program, the privity requirement is lifted which in turn paves the way for sub-licensing and usage by open source developers. Under the OSP, developers are even allowed partial implementations (sometimes referred to as derivative works). That's because the intellectual property in question has more to do with a patent and not copyrighted code. Patents can be implemented in code or with vegetables as far as anyone is concerned. Therefore, opening up patents for use can sometimes provide far greater flexibility to developers than can opening up access to specific chunks of source code.

As someone who has attempted to bring the industry together on multiple occasions in an effort to fight spam, encumbering Sender ID is something that I have long given Microsoft a very hard time about (here in this space). Big kudos go to Microsoft and whoever inside of it was responsible for this breakthrough. Thank you for letting Sender ID go.

Editorial standards