Linux.com

Everything Linux and Open Source

Spam abatement proposals gathering momentum

May 24, 2004 (8:00:00 AM)  -  5 years, 6 months ago

By: Fergus Cassidy

The temperature around spam abatement became hotter last week when Microsoft submitted a draft proposal to the Internet standards body, the Internet Engineering Task Force (IETF).

The draft, known as OCaller ID for E-mail, proposes to utilize the Internet's domain name system (DNS) and described the proposal as "analogous to the caller ID technology found in the telephone system."

Last January, the IETF set up a work group to discuss the creation of a mechanism to identify authorized senders for email from a domain.

Microsoft's move confirms that using the DNS to control spam is gathering serious momentum, but such a strategy must be widely adopted to stand any chance of success.

Attaching restrictive licensing can prevent a proposal from becoming an agreed standard, and it will be interesting to see how Microsoft will respond to IETF scrutiny and how the licensing issue is resolved.

However, Microsoft is not alone in chasing a spam control standard. Last week, Yahoo! also submitted its own proposal to the IETF. Known as DomainKeys, the technology has the same objective as Microsoft's Caller ID but uses digital signatures to confirm identity.

But the dark horse could be OSender Policy Framework (SPF). SPF is similar to caller ID and aims to reduce spam by identifying email forgery. SPF has been submitted to the IETF. It has also been tested by America Online.

There have been many attempts to find the killer app for killing spam, but last week's developments indicate that a "go it alone" solution is now unworkable and has been abandoned.

Any proposed solution must become an agreed standard, and all roads now lead to the IETF's MARID working group.

Such proposals, however, can be radically altered (or passed over) by the standards process to the extent they are sometimes unrecognizable at the outcome. The type of license can also be a major obstacle to agreement.

So why submit in the first place? Harald Alvestrand, the chair of the IETF, said: "Because they believe their technology is a good fit for the requirements. And they might be right (or not). But they're willing to go along with the result of the standards process, even if that is significantly different from what they start out with."

The IETF is accustomed to navigating political minefields. If it can do so again with this issue, there might well be the much-needed breakthrough before the end of this year.

Fergus Cassidy is a technology columnist with The Sunday Tribune.

Read in the original layout at: http://www.linux.com/archive/articles/36243